Single packet source-tracing method based on storage resource adaptive adjustment

A technology for self-adaptive adjustment and storage resources, applied in the field of anonymous packet tracking, which can solve problems such as failure, high traceability and false alarm rate, and reduce traceability storage overhead, so as to improve utilization rate, improve traceability accuracy, and reduce traceability and false alarm rate. Effect

Inactive Publication Date: 2016-07-13
NORTHEASTERN UNIV
View PDF3 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although researchers have used some compression tools with high space usage (such as Bloom filter) or packet marking technology to store trace traces, thereby reducing the storage overhead of traceability, these technologies only reduce the unit storage of trace traces. The capacity does not change the proportional relationship between storage and packet forwarding, so the problem of traceable storage is still severe
[0006] 2) They usually use a centralized method to manage traces, so that the traceability router can only serially process the arriving data packets
For example, a router usually only needs to perform IP packet decapsulation and encapsulation operations, but the traceability router also needs to perform operations such as packet recording and packet marking in addition to the two operations. In the NE5000E router, the average processing time of IP packets is about 0.06ns. When After it is upgraded to a traceable router, the IP packet processing time will definitely exceed 0.06ns, resulting in a decrease in network transmission performance
[0007] 3) They do not consider the unbalanced load of traceability routers, and often allocate storage resources to each traceability router evenly, resulting in the phenomenon that a large number of high-load devices are alternately covered by path segments due to storage shortages, resulting in high traceability false reports rate, which affects the traceability accuracy
For example, as far as the autonomous domain network is concerned, the core router is located in the center of the entire network. The number of IP packets arriving per unit time is naturally much larger than that of the edge routers, and the corresponding traceability storage overhead will be relatively large. Evenly distributed storage will cause insufficient core router resources. , so that the new tracking traces keep covering the old ones, and when the attack path is reconstructed, the traceability task will fail due to missing traces

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Single packet source-tracing method based on storage resource adaptive adjustment
  • Single packet source-tracing method based on storage resource adaptive adjustment
  • Single packet source-tracing method based on storage resource adaptive adjustment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0056] Embodiment 1 of the present invention: a single packet traceability method based on adaptive adjustment of storage resources, such as Figure 1 ~ Figure 3 shown, including the following steps:

[0057] S1, by estimating each source router R i The ratio of traceability paths carried by all routers to traceability paths M(R i ) to estimate the load of each traceability router and allocate storage resources for it; if the traceability system has been deployed in the whole network, then M(R i ) is calculated by:

[0058] M ( R i ) = Σ s ∠ R i ∠ t g s t ( ...

Embodiment 2

[0076] Embodiment 2: A single packet traceability method based on adaptive adjustment of storage resources, comprising the following steps:

[0077] S1, estimate the load of each traceability router, and allocate storage resources for it;

[0078] S2, when the IP packet propagates in the network, the traceability router establishes the tracking trace of the IP packet according to the establishment principle of the label switching path in the MPLS network;

[0079] S3. After a network attack occurs, the victim sends a traceability request, and the traceability manager reconstructs the attack path according to the trace trace; specifically, the following steps are included:

[0080] S31. After a network attack occurs, the victim identifies the IP anonymous packet, and then sends the IP anonymous packet to the traceability manager in the form of a traceability request;

[0081] S32. After receiving the request, the traceability manager extracts the tag information [upstream rout...

Embodiment 3

[0084] Embodiment 3: A single packet traceability method based on adaptive adjustment of storage resources, comprising the following steps:

[0085] S1, by estimating each source router R i The ratio of traceability paths carried by all routers to traceability paths M(R i ) to estimate the load of each traceability router and allocate storage resources for it; if the traceability system has been deployed in the whole network, then M(R i ) is calculated by:

[0086] M ( R i ) = Σ s ∠ R i ∠ t g s t ( R i ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a single packet source-tracing method based on storage resource adaptive adjustment. The method comprises steps of S1, the load capacity of each source-tracing router are estimated and storage resources are allocated to the source-tracing routers; S2, when IP packets are transmitted in a network, source-tracing routers establish tracing trails of the IP packets according to a label switching path establishment principle in a MPLS network; and S3, after a network attack is generated, a victim sends a source-tracing request and a source-tracing manager reconstructs an attack path according to the tracing trails. The method may increase resource utilization rate by estimating the load capacity of each source-tracing router and allocating storage resources to the source-tracing routers, and prevents a path fragment is covered alternately because of shortage of the storage resources and increases source-tracing precision by adaptively adjusting the storage resources of the source-tracing routers. Further, the method establishes the tracing trails of the IP packets according to the label switching path establishment principle in the MPLS network so as to greatly reduce storage cost.

Description

technical field [0001] The invention relates to a single-packet source tracing method based on self-adaptive adjustment of storage resources, and belongs to the technical field of anonymous packet tracing of IP networks. Background technique [0002] Denial-of-Service (DoS for short) attacks have occurred at the beginning of the rise of the Internet, and in just a few years it has rapidly become the most important security threat hindering the development of the Internet. In recent years, with the continuous upgrading of hacking techniques, DoS attacks are undergoing a revolution. In 2013, Radware, the world's top provider of network security and management solutions, pointed out in a report that DoS attacks are gradually evolving into an advanced persistent penetration attack, and the most fundamental reason for this change is "hybrid denial of service attacks (i.e. MDos)" appears. Different from traditional DoS attacks, MDoS is an intelligent attack. Its "intelligence" i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/723H04L12/741H04L12/803H04L29/06H04L45/50H04L45/74
CPCH04L45/50H04L45/74H04L47/125H04L63/1458
Inventor 鲁宁韩潇潇
Owner NORTHEASTERN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap