發(fā)布時間：2018-08-28 17:05

【摘要】：分布式網(wǎng)絡拓撲發(fā)現(xiàn)是進行非授權目標網(wǎng)絡路由器級拓撲發(fā)現(xiàn)的主要方式之一,在網(wǎng)絡拓撲發(fā)現(xiàn)研究領域扮演了十分重要的角色。相對于單點式網(wǎng)絡拓撲發(fā)現(xiàn),分布式網(wǎng)絡拓撲發(fā)現(xiàn)能夠獲取更豐富的路由接口和鏈接信息,擴大網(wǎng)絡拓撲發(fā)現(xiàn)范圍。另一方面,分布式網(wǎng)絡拓撲發(fā)現(xiàn)會產(chǎn)生更多的探測冗余,導致拓撲發(fā)現(xiàn)效率低下,且易被目標網(wǎng)絡安全設備誤判為DDo S攻擊。因此,在盡可能擴大拓撲發(fā)現(xiàn)范圍的同時降低探測冗余成為了路由器級分布式網(wǎng)絡拓撲發(fā)現(xiàn)的重要問題。分布式網(wǎng)絡拓撲發(fā)現(xiàn)技術主要由探測目的點選取、探測源選取和探測策略組成,本文遵循從方法評價到方法設計的思路,基于路由器級分布式網(wǎng)絡拓撲發(fā)現(xiàn)的效能因素建立了拓撲發(fā)現(xiàn)評價指標,研究了探測目的點、探測源和探測策略對網(wǎng)絡拓撲發(fā)現(xiàn)效能的影響,給出了分布式網(wǎng)絡拓撲發(fā)現(xiàn)方案,為路由器級分布式網(wǎng)絡拓撲發(fā)現(xiàn)實施提供了必要的理論參考。本文主要工作如下:(1)基于路由器級分布式網(wǎng)絡拓撲發(fā)現(xiàn)的完整性與高效性,建立了六個評價指標,制定了測試與評價方法,為拓撲發(fā)現(xiàn)技術評價提供了依據(jù)。(2)設計了基于樁網(wǎng)絡發(fā)現(xiàn)的探測目的點選取法。該方法通過少量預先探測發(fā)現(xiàn)目標網(wǎng)絡中所有樁網(wǎng)絡,采用隨機抽樣方法進行探測目的點選取。之后,從理論上證明了所選取的探測目的點集合為最小完備探測目的點集合。仿真實驗結果表明,用該方法選出的探測目的點在不超過目標網(wǎng)絡中地址總數(shù)0.65%的情況下,即可將路由接口完整度和路由鏈接發(fā)現(xiàn)完整度分別提高至97%和91%以上,比現(xiàn)有方法平均提高了約16%和20%。(3)提出了最大綜合散列度探測源選取法。定義了綜合散列度來量化探測源間邏輯距離,仿真實驗結果說明了綜合散列度越大的探測源組合所發(fā)現(xiàn)的拓撲范圍越廣;對混合遺傳模擬退火算法進行了特殊定制,以篩選出綜合散列度最大的探測源組合。仿真實驗結果表明,相較于其他方法,最大綜合散列度探測源選取法可將路由接口和路由鏈接發(fā)現(xiàn)總值平均提高約12%和18%。(4)設計了基于回轉探測的漸進式拓撲探測策略。在優(yōu)化Doubletree算法停止集的基礎上,提出了Countree算法,并設計了基于探測源分組的回轉探測模式來實施Countree探測。仿真實驗結果說明了該策略可以有效解決Doubletree算法的拓撲遺漏問題,相比全探測,將探測冗余率減少了60%以上,同時將路由接口完整度與路由鏈接發(fā)現(xiàn)完整度均提高到90%以上。在探測冗余率平均低于18%的情況下,相比Doubletree算法,該策略將路由接口和路由鏈接發(fā)現(xiàn)完整度均提高了20%以上,探測源間通信次數(shù)降低了約50%,探測源間通信總量減少了約80%。(5)提出了DSP網(wǎng)絡拓撲發(fā)現(xiàn)方案。將路由器級分布式網(wǎng)絡拓撲發(fā)現(xiàn)劃分為三個階段,即探測目的點集合選取階段、探測源集合選取階段以及拓撲探測實施階段,并分別配置基于樁網(wǎng)絡發(fā)現(xiàn)的探測目的點選取法、最大綜合散列度探測源選取法和基于回轉探測的漸進式拓撲探測策略。仿真實驗結果表明,本方案與現(xiàn)有方案相比,在網(wǎng)絡拓撲發(fā)現(xiàn)的完整性與高效性上均有顯著提升,具有更高的效能。
[Abstract]:Distributed network topology discovery is one of the main approaches to route-level topology discovery in unauthorized target networks and plays an important role in the field of network topology discovery. On the other hand, distributed network topology discovery can produce more detection redundancy, which leads to inefficient topology discovery and is easily misjudged as a DDo S attack by the target network security device. Problem. Distributed network topology discovery technology mainly consists of detection destination selection, detection source selection and detection strategy. Following the idea from method evaluation to method design, this paper establishes the evaluation index of topology discovery based on the efficiency factor of router-level distributed network topology discovery, and studies the detection destination, detection source and detection. The main work of this paper is as follows: (1) Based on the completeness and efficiency of router-level distributed network topology discovery, six evaluation indexes are established and formulated. Testing and evaluation methods are given, which provide a basis for the evaluation of topology discovery technology. (2) A method of detecting destination selection based on pile network discovery is designed. The simulation results show that the routing interface integrity and routing link discovery integrity can be improved to 97% and 91% respectively under the condition that the total number of addresses in the target network is not more than 0.65%, which is an average increase of 16% compared with the existing methods. And 20%. (3) The method of selecting probes with maximum synthetic hash is proposed. The comprehensive hash is defined to quantify the logical distance between probes. The simulation results show that the larger the comprehensive hash is, the wider the topological range of probes is. The hybrid genetic simulated annealing algorithm is specially customized to select the most comprehensive hash. Simulation results show that compared with other methods, the total value of route interface and route link discovery can be increased by 12% and 18%. (4) A progressive topology detection strategy based on rotation detection is designed. The simulation results show that this strategy can effectively solve the problem of topological omission in Doubletree algorithm. Compared with full detection, the detection redundancy rate is reduced by more than 60%, and the integrity of routing interface and routing link discovery are both reduced. Compared with Doubletree algorithm, this strategy improves the integrity of routing interface and routing link discovery by more than 20%, reduces the number of communication between probing sources by about 50%, and decreases the total amount of communication between probing sources by about 80%. (5) A DSP network topology discovery scheme is proposed. Distributed network topology discovery can be divided into three stages, i.e. detection destination selection stage, detection source selection stage and topology detection implementation stage. Detection destination selection method based on pile network discovery, maximum comprehensive hash detection source selection method and progressive topology detection strategy based on rotation detection are respectively configured. Simulation results show that compared with existing schemes, the proposed scheme can significantly improve the integrity and efficiency of network topology discovery, and has higher efficiency.
【學位授予單位】：解放軍信息工程大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TN915.05

【參考文獻】

相關期刊論文 前4條

1 喬宏;張大方;曾彬;李明偉;韓健;;基于改進DoubleTree算法的網(wǎng)絡拓撲發(fā)現(xiàn)方法[J];計算機工程與科學;2010年04期

2 莊鎖法;龔儉;;網(wǎng)絡拓撲發(fā)現(xiàn)綜述[J];計算機技術與發(fā)展;2007年10期

3 姜譽;何松;;Internet路由器級拓撲測量中目標選擇方法研究[J];通信學報;2006年02期

4 張宏莉,方濱興,胡銘曾,姜譽,詹春艷,張樹峰;Internet測量與分析綜述[J];軟件學報;2003年01期

，

本文編號：2210022