本文選題：云計算　切入點：DoS攻擊　出處：《中國民航大學(xué)》2017年碩士論文

【摘要】：拒絕服務(wù)(Denial of Service,DoS)攻擊是云計算平臺面臨的主要安全威脅之一。針對云計算環(huán)境下路由平臺容易遭受DoS攻擊的問題,研究了基于安全訪問路徑(Security Access Path,SAP)的云計算路由平臺防御DoS攻擊的方法。在研究云計算環(huán)境中DoS攻擊的基礎(chǔ)上,根據(jù)云計算平臺泛聯(lián)路由策略,基于Chord協(xié)議,改進傳統(tǒng)安全覆蓋網(wǎng)服務(wù)(Secure Overlay Service,SOS)方法,提出了安全訪問路徑算法(Security Access Path Algorithm,SAPA)。該算法在邏輯上將泛聯(lián)路由平臺分為安全接入層、中間層和秘密傳輸層,利用各個節(jié)點維護的節(jié)點路由表(Node Route Table,NRT),生成安全路徑,并在數(shù)據(jù)中心與泛聯(lián)路由平臺核心層外圍設(shè)置過濾策略;該算法采用周期性隨機更新角色節(jié)點以及緩存安全路徑的策略,以保證安全路徑的動態(tài)性,提高路由平臺的安全性以及訪問請求處理效率。本文建立了SAPA數(shù)學(xué)模型,設(shè)計驗證算法的性能指標。在OMNeT++仿真實驗平臺中對提出方法進行了仿真測試,并在實際網(wǎng)絡(luò)環(huán)境中搭建Test-bed平臺,驗證SAPA性能及其對DoS攻擊的防御效果;從防御DoS攻擊效果的角度將SAPA與SOS進行比較分析,實驗結(jié)果表明:SAPA有較為理想的通信性能,比SOS更有效地降低DoS攻擊對路由平臺通信成功率的影響,同時提高了用戶訪問效率。
[Abstract]:Denial of Service dos) attack is one of the main security threats to cloud computing platform. This paper studies the method of defending DoS attack on cloud computing routing platform based on secure access path (Access path). On the basis of studying DoS attack in cloud computing environment, according to the ubiquitous routing strategy of cloud computing platform, based on Chord protocol, this paper proposes a new approach to protect cloud computing routing platform from DoS attack. By improving the traditional secure Overlay Service SOS method, a secure access path algorithm, Security Access Path algorithm, is proposed, which logically divides the pan-linked routing platform into secure access layer, intermediate layer and secret transport layer. The node routing table (Node Route TableNRTN) maintained by each node is used to generate the secure path, and the filtering strategy is set up around the core layer of the data center and the Pan-Union routing platform, and the algorithm adopts the strategy of periodically updating the role node and caching the security path. In order to ensure the dynamic nature of the secure path and improve the security of the routing platform and the efficiency of access request processing, the SAPA mathematical model is established in this paper. The performance index of the verification algorithm is designed. The proposed method is simulated and tested in the OMNeT simulation experiment platform, and the Test-bed platform is built in the actual network environment to verify the performance of SAPA and its defensive effect on DoS attack. The comparison between SAPA and SOS from the point of view of defending against DoS attack shows that SAPA has better communication performance than SOS, and it can reduce the influence of DoS attack on the communication success rate of routing platform more effectively than SOS. At the same time, it improves the user access efficiency.
【學(xué)位授予單位】：中國民航大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2017
【分類號】：TP393.08

【相似文獻】

相關(guān)期刊論文 前10條

1 唐輝,李祖鵬,張國杰,黃建華;結(jié)構(gòu)化覆蓋網(wǎng)絡(luò)模型Chord研究[J];計算機工程與應(yīng)用;2005年01期

2 黃琰;周學(xué)海;李曦;;動態(tài)概率探測解決Chord斷環(huán)問題[J];計算機工程與應(yīng)用;2006年36期

3 王菁;楊壽保;郭磊濤;周金洋;;基于延遲敏感的雙向查詢Chord系統(tǒng)[J];小型微型計算機系統(tǒng);2007年04期

4 劉云;馬義忠;，

本文編號：1675600