位置:成果数据库 > 期刊 > 期刊详情页
基于信誉机制的域间路由安全协同管理方法
  • 期刊名称:软件学报
  • 时间:0
  • 页码:505-515
  • 语言:中文
  • 分类:TP393[自动化与计算机技术—计算机应用技术;自动化与计算机技术—计算机科学与技术]
  • 作者机构:[1]国防科学技术大学计算机学院,湖南长沙410073
  • 相关基金:Supported by the National High-Tech Research and Development Plan of China under Grant No.2008AA01A325 (国家高技术研究发展计划(863)); the National Natural Science Foundation of China Grant No.60873214 (国家自然科学基金)
  • 相关项目:新一代互联网域间路由系统协同机理研究
中文摘要:

如何抑制虚假路由的传播和恶意路由行为的发生,是域间路由安全管理的重要研究内容,对自治系统路由行为进行可信性评价和监督是其中的关键技术.设计了一种用于评价自治系统路由行为可信性的分布式协同信誉机制.该机制基于历史路由的有效性统计结果,采用后验概率分析的方法,由多个自治系统按照自组织协同的方式完成对目标自治系统的信誉计算,并将信誉计算结果作为度量该自治系统路由行为可信性的依据.实验结果表明,该机制能够抑制不良路由行为,有效提高域间路由系统的总体安全性,还能够为路由可信性分析和故障诊断提供依据,支持渐进式部署,无须修改BGP协议,具有良好的可实施性.

英文摘要:

The main topic of inter-domain routing security management is how to suppress the propagation or untrustworthy routes and malicious routing behaviors. Supervising and evaluating autonomous system's (AS) routing behaviors is a key technology in this topic. This paper designs a distributed collaborative reputation mechanism of trustworthiness evaluation for AS's routing behaviors. The mechanism takes in the statistical results on routing trustworthiness published by AS, uses a self-organizing method, employs posterior probability analysis, and finally calculates a reputation score for a particular AS. The score will be used as a metric on the trustworthiness of the routing information that AS propagates or announces afterwards. In simulations, this reputation mechanism has been shown to effectively contain AS's bad behaviors, and hence improve the overall security of the inter-domain system. The reputation mechanism designed in this research supplies a reference to evaluation and analysis of AS's routing behaviors. It has the following features: It supports incremental deployment. It needn't modify the BGP protocol, so it is easy to be implemented.

同期刊论文项目
同项目期刊论文