【作者】 吴娜；

【导师】 董开坤；

【作者基本信息】 哈尔滨工业大学 ， 计算机科学与技术， 2011， 硕士

【摘要】 随着计算机网络的不断发展,人类科技发展也朝着全球信息化的方向不断迈进。与此同时,网络中的各种安全事件的频繁发生也严重威胁了互联网的安全。在众多网络技术研究和应对网络安全事件的手段中,网络模拟方法以其独特的优越性成为不可取代的重要手段之一。目前,国内外很多研究机构和商业组织开发出多款网络模拟器,其中PDNS为目前应用范围较广的并行网络模拟器。但由于原始PDNS往往无法直接提供对新的网络安全事件的模拟支持,所以,就需要对PDNS进行扩展和优化,需要研究者在PDNS上实现对新的安全事件模拟的支持,然后才能按照模拟需要,定义网络拓扑结构,设定网络特性参数,模拟网络安全事件行为,观察各种性能指标参数,进一步对网络安全事件进行分析。由此可见,如何实现对原始PDNS面向网络安全事件的扩展和优化是极其重要的,是模拟、验证和分析的重要基础。所以,本文致力于PDNS的扩展和优化工作,为此,本文的主要研究内容包括:第一,研究并分析了并行网络模拟器PDNS模拟机制。对PDNS分别从模拟原理、分裂对象模型、安全事件的添加和模拟方法四个方面进行了深入的研究和分析。通过研究和分析传统的PDNS网络安全事件添加和模拟的方法,发现利用PDNS对网络安全事件进行模拟时仍存在一些不足和可以改善的空间。第二,针对PDNS对网络安全事件模拟上的不足,提出基于框架模型的PDNS扩展方法,为用户提供了一个面向网络安全事件扩展PDNS的框架性辅助方法。同时提出基于界面配置的模拟方法,将参数配置工作由Tcl代码编写转化为界面可视化配置操作,有效的降低Tcl模拟脚本编写的难度和规模。第三,设计并实现了面向网络安全事件的PDNS扩展和优化系统,系统主要包括安全事件添加子系统和安全事件配置子系统两大部分,分别在安全事件添加和安全事件模拟两个方面对PDNS做了相应的扩展和优化工作,使得用户能够便捷地完成安全事件的添加和模拟。第四,通过利用拒绝分布式攻击、网络蠕虫和僵尸网络这三种典型网络安全事件的添加和模拟,验证了面向网络安全事件的PDNS扩展和优化系统的有效性和实用性。更多还原

【Abstract】 With the rapid development of network, the development of human technology is in the direction of global information. At the same time, the frequent occurrence of various network security events is threatening the network security. Among the researches on network technology and methods to response network security events, network simulation has become one of the irreplaceable and important means with its unique advantage. Up to present, many domestic and foreign research institutions and commercial organizations have developed a variety of network simulators. Among them, PDNS is a widely-used parallel network simulator recently. However, as original PDNS can’t provide direct simulation support on new network security events, we need to expand and optimize PDNS. When simulation support on new network security events is provided, we can define network topology according to simulation needs, set the network parameters, simulate behaviors of network security event, observe parameters of various performance indicators, and finally do further analysis on network security events.Therefore it is quite important to expand and optimize original PDNS, and it is the basis of simulation, validation and analysis for network security events. This paper focuses on the extension and optimization of PDNS for network security events. The main content are shown as below.In this paper, simulation mechanism of parallel network simulator PDNS has been researched and analyzed from the viewpoints of simulation principle, split object model, extension of PDNS and method of simulation. Based on research and analysis of the traditional method of simulating network security events with PDNS, it has been found that there are still some deficiencies on PDNS which are needed to optimize.For the deficiencies of PDNS on simulating network security events, the new method of extension based on framework model was proposed which is a supportive method of simulation to make the operation of simulation much easier. And the method of simulation based on interface configuration was proposed on which users can choose and input parameters of network security events instead of writing a Tcl script.The extension and optimization system of PDNS for network security, including network security events adding sub-system and configuring sub-system has been designed and implemented to make the simulation with PDNS much easier.Finally, the extension and optimization system of PDNS for network security events has been tested with classic network security events such as DDoS attack, network worm and Botnet, and the results of tests show that system is effective.更多还原