中文摘要：

为了抵御一体化标识网络中接入路由器可能遭受的映射缓存 DoS 攻击，本文提出了一种基于双门限机制的映射缓存 DoS 攻击防范方法。该方法设计了一种基于迭代思想的谜题机制降低映射缓存中映射信息条目的增加速率，并采用了映射信息可信度算法识别和过滤映射缓存中恶意的映射信息条目。仿真实验与性能分析表明，该方法能够有效地抵御映射缓存 DoS 攻击，防止映射缓存溢出。

英文摘要：

In order to prevent the potential DoS attack against mapping cache under identifier-based universal network,this paper proposes an efficient defense approach based on double-threshold scheme.This approach not only designs a novel puzzle chal-lenge mechanism based on iterative idea to decrease the growth rate of mapping entries,but also presents the trust value algorithm of mapping information to identify and filter out the malicious mapping entries.In particular,our analytical results show that,this ap-proach is efficient and feasible to prevent the DoS attack against mapping cache,and resists the mapping cache overflow.