节点文献
大型网络中基于优化策略的违规服务探测技术研究
Research on Detecting Technique of Violation Network Services Based on Optimization Strategy in Large-scale Networks
【作者】 郭唤斌;
【导师】 朱群雄;
【作者基本信息】 北京化工大学 , 计算机应用技术, 2008, 硕士
【摘要】 随着计算机和网络技术的飞速发展,许多机构都建立起自己的内部网络。其极大地推动了组织的信息化进程的同时,各种违规服务的出现也带来了诸多管理与安全问题。目前,存在的各种违规服务探测系统不能很好的满足大型网络中的违规服务探测,探测效率低下极大的减弱了其对网络监控的能力。如何开发探测系统对网络违规服务进行准确而高效探测已成为一项迫切的需求。本文首先对比分析了发现网络违规服务的被动探测技术和主动探测技术的技术原理、优缺点及适用范围。针对大型网络的违规服务探测,主动探测技术有其明显的优势,因而本文的研究基于主动探测技术。其次,针对当前的违规服务探测系统效率低下的问题,提出了一种基于层次分析法与最优搜索理论相结合的探测策略。首先利用层次分析法依据违规服务的存活时间与违害性对各违规服务进行优先级划分;然后利用最优搜索理论对各违规主机进行优先级排序;最后结合这两者确定出一条搜索策略。实验证明,在大型网络环境中这种探测策略明显地提高了探测效率。本文针对大型网络内违规服务探测的需求,详细讨论了设计和实现网络违规服务探测系统的各项关键技术,并给出了一种实现方案以及这种方案在实网中的测试结果。
【Abstract】 With the rapid development of computer and network technology, many organizations have established Intranets which can promote information process, but the existence of violated network services in Intranets have brought many problems to management and security. Many kinds of detection systems are not suitable for the violated network services detected in large-scale Intranets, which leads to services missing report, and have deeply impacted on the ability of network monitoring. It is a very important to develop high efficiency and violated network services system.In this paper, we first analyzed and compared principle, application scope, merits and demerits about the active detecting technology and passive detecting technology. As to large-scale Intranets, the active detecting technology had clear advantage, so this paper’s research was based on the active detecting technology.Secondly, to improve the efficiency of detecting in large-scale Intranets, we proposed a detecting strategy based on AHP and optimal search theory. We sorted all the violated network services according to the detecting priority based on survival time and harmfulness using AHP, and then sorted all the detected hosts according to detected times using optimal search theory, finally, we presented an high efficiency search strategy with the combination of these two sides. The experiments results showed that our searching strategy did some promotion for detection system in large-scale Intranets.This paper described the key technology of completing a large-scale network violated applications detection system according to the requirement, designed and complemented a violated network applications detection system, and tested the system.
【Key words】 violated network service; active detecting technology; passive detecting technology; optimal search theory; AHP; detecting strategy;
- 【网络出版投稿人】 北京化工大学 【网络出版年期】2008年 11期
- 【分类号】TP393.08
- 【下载频次】20