中文摘要：

云计算网络和下一代网络技术的广泛应用,带来了更多安全威胁。文中基于进程和网络元组,研究实现了网络主动防御系统的关键技术。研究了IPv4/IPv6双协议栈网络体系下防御关键技术,提出了基于最长不重复子串和Sunday算法的改进算法—NRLS_Sunday,避免了对重复字符过多比较,提高了单模式字符串的匹配效率。与BM、Sunday算法的效率作了实验对比,优化了算法的时间复杂度。研究了在高速网络下,快速对数据包做内容检测和分析的方法。采用基于进程和网络元组的网络智能流量限制,对网络做入侵检测和防御。研究了在高速网络要求下对网络做并行检测方法。在复杂网络空间环境下应用网络协作,统一部署和下发策略,提出和实现了在复杂网络环境下防御的有效方法。

英文摘要：

Cloud computing network and next-generation network is nowwidely used,which brings more security threats. Based on the process and the network tuples communication to construct defense system,the key technologies of defense under IPv4 / IPv6 dual stack network are researched. It presents the NRLS_Sunday based on improvement of the longest norepeat substring and Sunday algorithm,to avoid excessive repetitive character comparison and improve the matching efficiency of a single pattern string. Compared with BM,Sunday algorithm,the experiment shows the improved algorithm optimizes its time complexity. Under high-speed network,packet data contents is carried on rapid detection and analysis. Based on intelligent traffic restrictions for process and network,the intrusion detection and defense is conducted for network. In this paper,parallel packet detection method is studied under the high speed. Application web collaboration,and the unified arrangements and issued policies is applied in a complex network environment,proposing and realizing the effective method of defense in the complex network environment.