计算机工程
計算機工程
계산궤공정
COMPUTER ENGINEERING
2013年
6期
21-27,33
,共8页
大规模入侵%协同预警%云计算%分布式调度%报警关联
大規模入侵%協同預警%雲計算%分佈式調度%報警關聯
대규모입침%협동예경%운계산%분포식조도%보경관련
massive intrusion%collaborative warning%cloud computing%distributed scheduling%alerts correlation
目前主流的网络预警系统普遍存在自适应性差和协同分析能力弱等问题。为此,提出一种基于云计算架构的大规模网络入侵协同预警技术,采用基于分布式哈希表的分布式报警陭息存储和查询算法,利用树状对等覆盖网实现入侵关联分析的自适应任务调度。实验结果表明,使用该技术实现报警聚合和关联分析,不仅能使网络预警系统架构具备较好的扩展性,并且可以缩短大规模网络入侵的预警反应时间,同时保证报警关联分析的准确度。
目前主流的網絡預警繫統普遍存在自適應性差和協同分析能力弱等問題。為此,提齣一種基于雲計算架構的大規模網絡入侵協同預警技術,採用基于分佈式哈希錶的分佈式報警陭息存儲和查詢算法,利用樹狀對等覆蓋網實現入侵關聯分析的自適應任務調度。實驗結果錶明,使用該技術實現報警聚閤和關聯分析,不僅能使網絡預警繫統架構具備較好的擴展性,併且可以縮短大規模網絡入侵的預警反應時間,同時保證報警關聯分析的準確度。
목전주류적망락예경계통보편존재자괄응성차화협동분석능력약등문제。위차,제출일충기우운계산가구적대규모망락입침협동예경기술,채용기우분포식합희표적분포식보경기식존저화사순산법,이용수상대등복개망실현입침관련분석적자괄응임무조도。실험결과표명,사용해기술실현보경취합화관련분석,불부능사망락예경계통가구구비교호적확전성,병차가이축단대규모망락입침적예경반응시간,동시보증보경관련분석적준학도。
Current prevalent network warning systems generally lack of ability of self-adaption and collaborarive analysis. A collaborative warning technology against massive network invasions is proposed, which is based on cloud computing architecture. This technology implements the global sharing of network intrusion alerts using distributed hash table, and adopts a tree-structured Peer-to-Peer(P2P) overlay, so that the task scheduling of intrusion correlation can be handled in a self-adaptive way. Experimental results based on a proof-of-concept prototype system demonstrate that, the alert aggregation and correlation through this technology, not only make the architechture of network warning system highly scalable, but also remarkably reduce the reaction time of warning against massive network intrusions without degradation in accuracy.
