共查询到17条相似文献,搜索用时 62 毫秒
1.
2.
针对任意源组播和特定源组播在抗DoS攻击方面的缺陷,论文提出了一种基于IPv6密码地址构建的域内安全组播基础设施结构。该结构通过规定域内可存在的组地址以及基于发送方和接收方证书的访问控制机制,在组播域内实现了抵抗来自恶意主机的控制平面和数据平面攻击。 相似文献
3.
保证组播的服务质量(QoS)是日益增长的多媒体应用的迫切要求。本文在研究区分服务和源特定组播技术的基础上,提出在区分服务中实现源特定组播的机制,重点阐述了QoS频道的定购和取消,以及组播数据的转发,解决区分服务和组播结合时普遍存在的矛盾,在一定程度上改善组播的服务质量。 相似文献
4.
5.
作为一种新的组播模型,特定源组播受到学术界越来越多地关注.它解决了传统IP组播组地址冲突、缺乏访问控制等问题,适于单源组播的应用.仿真实验是一种经济有效的网络技术研究方法.NS-2是目前应用较为广泛的网络仿真平台,支持各种网络协议仿真,但是并不支持特定源组播.为此,分析了使用NS-2进行IP组播模拟的实现原理,通过扩展NS-2实现SSM协议的仿真实验.模拟结果显示该仿真实现与SSM的规范相一致. 相似文献
6.
7.
8.
一种基于SSM的多源组播路由协议 总被引:2,自引:0,他引:2
为满足参与方同时为收发方的组播通信模式,该文提出了一种新的基于特定源组播的多源组播路由协议SSM-MSM,该协议利用特定源组播形成的单向组播转发树维护一个与之并行的用于多方通信的双向转发树,其路由状态、树建立和控制消息开销和组播包转发时延较小,可综合几种已有的基于SSM多方通信方案的优势。 相似文献
9.
状态可伸缩性问题一直是阻碍IP组播服务大规模实施的重要障碍.将利用分支节点方法减少组播转发状态的思想引入源特定组播SSM,提出了一种基于分支节点的源特定组播简化路由算法BPSSM. 算法在有效减少组播转发状态的基础上,通过增加数据类型检验器,消除了单播数据包的多余转发查找. 相似文献
10.
针对当前组播服务多采用静态分配组播地址的现状,从IPv6特定源组播(SSM)模型出发,提出适应快速组播服务发布需求的基于自身配置的SSM模型组播地址配置方案(HBMAA),使得组播源主机可以在申请到单播地址的同时动态获取到一组组播地址,从而简化了组播地址的分配工作。此外,通过对该配置方案应用基于DHCPv6的组播服务真实性验证体系(SSVA),为主机的组播地址建立对应的动态组播验证策略,使组播服务具备了更好的安全性和可控性。 相似文献
11.
Secure Synchronization Control for a Class of Cyber-Physical Systems With Unknown Dynamics 下载免费PDF全文
This paper investigates the secure synchronization control problem for a class of cyber-physical systems (CPSs) with unknown system matrices and intermittent denial-of-service (DoS) attacks. For the attack free case, an optimal control law consisting of a feedback control and a compensated feedforward control is proposed to achieve the synchronization, and the feedback control gain matrix is learned by iteratively solving an algebraic Riccati equation (ARE). For considering the attack cases, it is difficult to perform the stability analysis of the synchronization errors by using the existing Lyapunov function method due to the presence of unknown system matrices. In order to overcome this difficulty, a matrix polynomial replacement method is given and it is shown that, the proposed optimal control law can still guarantee the asymptotical convergence of synchronization errors if two inequality conditions related with the DoS attacks hold. Finally, two examples are given to illustrate the effectiveness of the proposed approaches. 相似文献
12.
本 文 研 究 了 一 类 带 有 多 率 采 样 的 线 性 多 智 能 体 系 统(Multiagent Systems, MASs)在 拒 绝 服务(Denial-of-Service, DoS)攻击下的安全一致性控制问题, 其中DoS攻击通常阻断智能体之间的信息传输. 本文将多率采样在网络化控制系统中的结果推广到了多智能体系统, 并考虑了非理想通信网络环境. 首先, 通过引入一个匹配机制来同步由多率采样引起的智能体不同状态分量的采样数据. 然后, 在DoS攻击下, 针对带有多率采样的线性MAS提出了一个基于多率采样的安全一致性控制器. 通过使用李雅普诺夫稳定性理论和切换系统方法, 获得了包含DoS 攻击持续时间以及攻击频率的安全一致性充分条件. 最后, 给出了一个仿真例子来验证所提方法的有效性, 并给出了多率采样与单率采样机制的性能对比分析. 相似文献
13.
一种基于路由器矢量边采样的IP追踪技术 总被引:1,自引:0,他引:1
提出了一种新型的边采样方法"路由器矢量边采样"(RVES),使得概率包标记(probability packet marking,简称PPM)设备容易实现和部署.在图论模型上,RVES以网络接口替代路由器作为顶点,以路由器"矢量边"替代传统采样边.该方法实施简单,标记概率的策略配置灵活,可以有效解决分布式拒绝服务(router's vector-edge-sampling,简称DDoS)攻击的重构问题.基于传统边采样的PPM相关技术依然适用于RVES方法.原理样机已经研制出并部署在Internet上.实验结果验证了该方法的有效性和可行性. 相似文献
14.
组播业务的实施离不开组播安全。文中提出了一种使用会话初始化协议(SIP)作为信令实现安全组播的方法,该方法利用SIP协议身份验证机制、S/MIME加密与签名、会话参数协商能力,提供了组播源和接收者访问控制、组播源认证以及安全通信。该方法具有安全性高、运行稳定、扩展性好的优点,并能轻松移植到IPv6下运行。 相似文献
15.
Decentralized Resilient H∞ Load Frequency Control for Cyber-Physical Power Systems Under DoS Attacks
This paper designs a decentralized resilient H∞ load frequency control (LFC) scheme for multi-area cyber-physical power systems (CPPSs). Under the network-based control framework, the sampled measurements are transmitted through the communication networks, which may be attacked by energy-limited denial-of-service (DoS) attacks with a characterization of the maximum count of continuous data losses (resilience index). Each area is controlled in a decentralized mode, and the impacts on one area from other areas via their interconnections are regarded as the additional load disturbance of this area. Then, the closed-loop LFC system of each area under DoS attacks is modeled as an aperiodic sampled-data control system with external disturbances. Under this modeling, a decentralized resilient H∞ scheme is presented to design the state-feedback controllers with guaranteed H∞ performance and resilience index based on a novel transmission interval-dependent loop functional method. When given the controllers, the proposed scheme can obtain a less conservative H∞ performance and resilience index that the LFC system can tolerate. The effectiveness of the proposed LFC scheme is evaluated on a one-area CPPS and two three-area CPPSs under DoS attacks. 相似文献
16.
17.
Xianggui Guo Dongyu Zhang Jianliang Wang Choon Ki Ahn 《IEEE/CAA Journal of Automatica Sinica》2021,8(10):1644-1656
This paper investigates the event-triggered security consensus problem for nonlinear multi-agent systems (MASs) under denial-of-service (DoS) attacks over an undirected graph. A novel adaptive memory observer-based anti-disturbance control scheme is presented to improve the observer accuracy by adding a buffer for the system output measurements. Meanwhile, this control scheme can also provide more reasonable control signals when DoS attacks occur. To save network resources, an adaptive memory event-triggered mechanism (AMETM) is also proposed and Zeno behavior is excluded. It is worth mentioning that the AMETM’s updates do not require global information. Then, the observer and controller gains are obtained by using the linear matrix inequality (LMI) technique. Finally, simulation examples show the effectiveness of the proposed control scheme. 相似文献