论文部分内容阅读
域间路由节点安全状态评估能够实现对BGP节点安全状态的直观、实时描述,可为制定合理的安全策略,及时定位、抑制异常路由事件提供数据参考.然而由于完整的异常域间路由集难以获取,使得传统基于数据融合的状态评估方法不再适用.分析BGP节点间交互路由过程中存在的统计特征以及这些特征与域间路由节点安全状态的关系,进而提出一种基于多特征的安全状态评估方法.以平均路径长度和路由事件发生频率等属性为安全特征,并借鉴云模型理论转换定量特征为定性概念的思想,构建域间路由安全特征云,将正常态下的多属性综合安全特征转换为安全正常态,然后通过度量安全特征偏离正常态的程度来计算节点偏离正常态的程度,由此得到域间路由节点面临安全威胁的概率.实验结果表明,该方法能够实现对域间路由节点安全状态的评估,准确性高、实时性强,可为域间路由系统的安全稳定运行提供有力支撑.
The evaluation of the security status of inter-domain routing nodes can provide an intuitive and real-time description of the security status of BGP nodes and provide a data reference for making reasonable security policies, locating and suppressing abnormal routing events in time. However, it is difficult to obtain the complete inter- , The traditional method of state assessment based on data fusion is no longer applicable.Analysis of the statistical characteristics existing in the process of interactive routing between BGP nodes and the relationship between these characteristics and the security status of routing nodes in an interdomain and then propose a security status assessment based on multi- Method. Taking the attributes of average path length and frequency of routing events as the security features and using the cloud model theory to convert quantitative features into qualitative concepts, we construct the inter-domain routing security feature cloud, and transform the multi-attribute comprehensive security features in normal state Is the normal state of security, and then calculates the degree of deviation from the normal state by measuring the degree of deviation of the security features from the normal state, thereby obtaining the probability of the inter-domain routing nodes facing security threats.The experimental results show that this method can realize the inter- Assessment of safety status, high accuracy, real-time, may It provides strong support for the safe and stable operation of the inter-domain routing system.