

Research on Key Technologies of Imerged Content Delivery Network

【作者】 李乔

【导师】 方滨兴;

【作者基本信息】 哈尔滨工业大学 , 计算机科学与技术, 2014, 博士

【摘要】 Internet流量指数性增长以及用户对网络速度的需求已促使网络资源分发的可用性、可靠性等成为互联网技术的关键问题。内容分发网络作为运行于整个互联网上的覆盖网,主要致力于互联网中的服务质量优化。随着云计算、移动互联网及动态网络内容技术的推进,内容分发技术逐步趋向于专业化、定制化,在内容路由、管理、推送以及安全性都面临新的挑战。本文从运营商角度出发,考虑流量结算成本、提升数据传输服务质量以及安全性三个方面对融合型CDN(Content Delivery Networks)进行研究。首先,考虑ISP(Internet Service Provider)的域内用户访问域外网络资源所产生的大量可存储数据由于被大量多次访问从而造成域间流量成本骤增,同时由于域内链路重复流量也导致传输服务的下降。针对该问题,本文首先提出针对ISP-CDN的内容节点两层部署机制,该部署机制分为两层,外层部署于域间出入口以降低域间流量,内层的部署策略采用基于贪心的网络流量代价算法对核心节点进行选取。并在此基础上设计基于RCBF(Record Counter Bloom Filter)的索引结构与同步机制,从而改进CDN的内容路由策略,提升融合型CDN的服务性能。第二,本文进一步研究内容数据的管理问题。由于内容节点位置固定后,如何对所存储内容进行管理是内容分发技术中的重要问题。内容管理主要分为两个方面:缓存管理与内容推送。本文首先提出基于访问间隔的替换策略,提高热度高的缓存对象在缓存空间中的生命周期;其次考虑到这些被访问的数据均依赖于用户自身的行为,在协议层对数据进行深入分析,提出多维度的缓存对象热度评价算法,进一步提升缓存命中率;最后提出一种基于价值度的热点数据推送策略,在所部署的节点间进行有效的内容预分发,降低用户的访问延时,改善网络性能。第三,融合型CDN主要面对ISP域内用户,为了提升服务质量,降低CDN所面对的潜在网络威胁,如何结合ISP所拥有的拓扑和用户的数据优势,建立域内用户的可信机制是融合型CDN所面临的全新问题。本文提出基于信任的网络群体分类模型,结合对ISP所获取的用户行为数据,实现对用户的自动化分类,并采用传统检测方法设置用户类别可信度,以此构建可信融合型CDN。该模型首先使用网络交互拓扑信息建立网络节点间的信任矩阵;进而结合直接信任度和相关信任度计算网络节点间的相似度,进行用户分类;最后根据可信度对不同类别的用户进行差异化服务,提升低可信度的攻击代价,从而降低CDN所面临的网络风险。最后,本文提出了一种ISP融合的内容分发系统,该系统与传统的CDN系统有一定的区别:1、被动解析存储与层次化部署;2、安全预警。整个系统主要分为四个模块:信息采集、缓存管理、节点通信与离线审计。通过在实际系统中对本文提出的内容部署、管理及用户分类进行具体测试,实现了本文最初的研究目标。

【Abstract】 The availability, reliability have become the key issue of Internet technology because of the growth of Internet traffic and the demand of access speed. Content delivery networks focus on optimizing Internet quality of service. With the progress of cloud computing, mobile Internet and dynamic Web content technology, content delivery technology becomes specialization, customization. The content routing, management, and security of content delivery networks face new challenges. Based on above reasons, in this dissertation, we investigate performance and security of CDN to deal with the traffic cost, quality of service and data transmission network security. First, the content outside which may cause large number of traffic and decreasethe quality of service should be stored in order to decrease the inter-domain traffic. To solve this problem, we first propose hierachy deployment mechanism, which is divided into two layers. The purpose of the first level, which deploy content nodes at the inter-domain entrances, is reducing the inter-domain traffic. The inner deployment strategy based on greedy algorithm selects the content node from core routers. Then we design RCBF (Record Counter Bloom Filter) index structure and synchronization mechanisms to enhance the content routing performance by improving the environment under the CDN. Second, we investigate the content management problem when the location ofsurragate servers has been fixed. Content management includes local cache management and remote cache pushing. In order to extend the life cycle of popular cache object, we propose cache replacement policy based on access density and object size. Then considering the cache data are depended on user behaviors, we analyze the application layer data in order to evaluate the object popularity. Cache data pushing scheme based on the value of popular object is further proposed to deal with the access delay and network performance. Third, in order to improve the quality of service and decrease the network riskis a key task for ISP merged CDN. The previous network monitoring and detection mechanisms neglect the potential of social relations in these malicious network behaviors. This paper proposes a novel network group behavior clustering model based on trust through exploring the behavior similarity to construct trusted CDN. This model establishes the trust relationship between the nodes of the network using the network communication topology. Then we use relevant trust concept which is used to increase the trust value between two weak correlation nodes. Based on the clustering method, we reduce the network risk for CDN.Finally, we design and implement a content delivery system for ISP. The system is different from trandistional CDN system in two parts:1. Parsing the network data passively and hierachy deployment;2. Security monitoring for ISP. The system includes three parts: information collection, cache management and auditing offline. Under the practical evaluations, our deployment machanism, cache management and security monitoring method achieve our initial research objectives.
