中文摘要：

随着IPTV等网络服务的蓬勃发展，以及地面互联网的接入与融合，针对空间信息网络的资源规划势在必行。同时，为了有效抵抗分布式拒绝服务（DDoS）攻击，可用性设计成为卫星正常运转的重要前提。提出了基于网络带宽资源分配的DDoS攻击防御体系，建立了有效的卫星网络拓扑结构模型，并引入了路由状态数据包的概念，设计了相应的卫星网络路由协议。在此基础上，阐述了具有延展性的网络带宽分配机理及其实现方式。根据安全性分析与实验评估结果，提出方案可在有效防范敌手攻击的同时，保障带宽资源的可延展分配，同时方案具备良好的实现性能。

英文摘要：

With the development of Internet services such as IPTV, and more utilization originated from the legacy Internet on the ground, resource management becomes a necessity for spatial networks. In the meantime, in order to effectively prevent the Dis- tributed Denial of Service （DDoS） attacks, the satellite networking mechanism needs to be designed properly towards high availa- bility. In this paper, a DDoS-resilient satellite-networking mechanism based on scalable bandwidth allocation is presented. A dedicated topology for the satellite networks is built and the concept of routing state packet is introduced. Then, the corresponding routing protocol for the satellite networks is designed. Furthermore, how to perform scalable bandwidth allocation and the imple- mentation approaches are illustrated. Based on the security analysis and the experimental results, the proposal can guarantee scala- ble bandwidth allocation and effectively defend attacks. Also, the scheme provides considerable performance.