《電子技術(shù)應(yīng)用》
您所在的位置:首頁(yè) > 通信與網(wǎng)絡(luò) > 設(shè)計(jì)應(yīng)用 > 區(qū)域網(wǎng)絡(luò)邊界識(shí)別技術(shù)研究
區(qū)域網(wǎng)絡(luò)邊界識(shí)別技術(shù)研究
電子技術(shù)應(yīng)用
張昊宇1,2,孫徹1,2,蘇馬婧1,2,趙靜1,2,包正晶1,2
1.中國(guó)信息安全研究院有限公司;2.華北計(jì)算機(jī)系統(tǒng)工程研究所
摘要: 網(wǎng)絡(luò)邊界識(shí)別是進(jìn)行網(wǎng)絡(luò)拓?fù)錅y(cè)量的一個(gè)重要環(huán)節(jié),當(dāng)前的區(qū)域網(wǎng)絡(luò)邊界識(shí)別技術(shù)主要基于對(duì)于區(qū)域網(wǎng)絡(luò)的抽樣探測(cè)和基于IP地址的地理定位技術(shù)進(jìn)行邊界篩選的方法進(jìn)行,此方法存在網(wǎng)絡(luò)拓?fù)浍@取不完善、邊界驗(yàn)證手段少等問(wèn)題。針對(duì)此問(wèn)題,提出了面向區(qū)域網(wǎng)絡(luò)邊界識(shí)別的高覆蓋探測(cè)策略和基于多源信息融合的區(qū)域邊界IP識(shí)別技術(shù),通過(guò)設(shè)計(jì)探測(cè)點(diǎn)部署位置和目標(biāo)覆蓋策略對(duì)區(qū)域拓?fù)溥吔邕M(jìn)行測(cè)量以提升發(fā)現(xiàn)邊界的概率,通過(guò)對(duì)WHOIS、時(shí)延、traceroute等多源信息進(jìn)行獲取以補(bǔ)充邊界驗(yàn)證數(shù)據(jù)來(lái)源,通過(guò)建立基于機(jī)器學(xué)習(xí)的驗(yàn)證模型提高了區(qū)域網(wǎng)絡(luò)邊界識(shí)別的可信度及覆蓋率。將此方法應(yīng)用于地區(qū)A的網(wǎng)絡(luò)邊界識(shí)別與驗(yàn)證工作中,驗(yàn)證了此方法的有效性。
中圖分類(lèi)號(hào):TP393.02 文獻(xiàn)標(biāo)志碼:A DOI: 10.16157/j.issn.0258-7998.256312
中文引用格式: 張昊宇,孫徹,蘇馬婧,等. 區(qū)域網(wǎng)絡(luò)邊界識(shí)別技術(shù)研究[J]. 電子技術(shù)應(yīng)用,2025,51(10):74-82.
英文引用格式: Zhang Haoyu,Sun Che,Su Majing,et al. Research on the recognition technology of regional network topology boundary[J]. Application of Electronic Technique,2025,51(10):74-82.
Research on the recognition technology of regional network topology boundary
Zhang Haoyu1,2,Sun Che1,2,Su Majing1,2,Zhao Jing1,2,Bao Zhengjing1,2
1.China Information Security Research Institute Co., Ltd.;2.National Computer System Engineering Research Institute of China
Abstract: Network boundary recognition is an important step in network topology measurement. Currently, regional network boundary recognition technology is mainly based on sampling detection of regional networks and boundary screening using IP address based geolocation technology. This method has problems such as incomplete network topology acquisition and limited boundary verification methods. In response to this issue, this article proposes a high coverage detection strategy for regional network boundary recognition and a regional boundary IP recognition technology based on multi-source information fusion. By designing the deployment location of detection points and target coverage strategy to measure the topological boundaries of the region, the probability of discovering boundaries is improved. Multiple sources of information such as WHOIS, latency, and traceroute are obtained to supplement the source of boundary verification data. A machine learning based verification model is established to improve the credibility and coverage of regional network boundary recognition. This article applies this method to the network boundary recognition and verification work in region A, and verifies the effectiveness of this method.
Key words : network topology measurement;network boundary recognition;multi-source information;machine learning

引言

近年來(lái),隨著互聯(lián)網(wǎng)技術(shù)的快速發(fā)展,網(wǎng)絡(luò)結(jié)構(gòu)越來(lái)越復(fù)雜,網(wǎng)絡(luò)管理的難度也在不斷提高。由于Internet具有異構(gòu)復(fù)雜、大規(guī)模、高動(dòng)態(tài)等特點(diǎn),對(duì)其網(wǎng)絡(luò)結(jié)構(gòu)的研究面臨著極大的挑戰(zhàn)。掌握互聯(lián)網(wǎng)的具體結(jié)構(gòu)對(duì)于分析網(wǎng)絡(luò)的健壯性以及對(duì)網(wǎng)絡(luò)管理優(yōu)化有著重要作用,因此,Internet網(wǎng)絡(luò)拓?fù)浣Y(jié)構(gòu)測(cè)量一直是學(xué)術(shù)界一個(gè)重要研究方向[1]。Internet拓?fù)淇梢园凑諏哟谓Y(jié)構(gòu)進(jìn)行劃分,自上而下可以劃分為AS(Autonomous System)級(jí)別、POP(Point Of Presence)級(jí)別、路由器級(jí)別以及IP(Internet Protocol)接口級(jí)別。不同層次根據(jù)AS的不同、地理位置的不同,出現(xiàn)了區(qū)域的劃分,進(jìn)而這些區(qū)域之間存在著“區(qū)域網(wǎng)絡(luò)邊界”,即也可以按照層次劃分為AS邊界、國(guó)家邊界、城市邊界、地區(qū)邊界等。這些區(qū)域邊界通常是網(wǎng)絡(luò)聯(lián)通交互的關(guān)鍵節(jié)點(diǎn),在互聯(lián)網(wǎng)組網(wǎng)和通信中起著重要的作用,因此,發(fā)現(xiàn)和識(shí)別這些區(qū)域邊界有助于進(jìn)一步了解網(wǎng)絡(luò)的連接方式、發(fā)現(xiàn)網(wǎng)絡(luò)脆弱點(diǎn)和關(guān)鍵點(diǎn)。

對(duì)網(wǎng)絡(luò)邊界的識(shí)別是進(jìn)行網(wǎng)絡(luò)拓?fù)錅y(cè)量的一個(gè)重要環(huán)節(jié),當(dāng)前對(duì)網(wǎng)絡(luò)邊界識(shí)別的研究主要集中在對(duì)AS邊界的識(shí)別,在地區(qū)網(wǎng)絡(luò)邊界上,相關(guān)研究較少。當(dāng)前對(duì)于區(qū)域網(wǎng)絡(luò)邊界的識(shí)別主要采取基于抽樣探測(cè)的網(wǎng)絡(luò)拓?fù)浍@取和基于IP地址地理定位技術(shù)的邊界篩選,通過(guò)大規(guī)模獲取網(wǎng)絡(luò)拓?fù)浜筮M(jìn)行篩選來(lái)獲取某一地區(qū)的網(wǎng)絡(luò)邊界,再通過(guò)IP地址的地理定位技術(shù)判斷節(jié)點(diǎn)位于地區(qū)內(nèi)還是地區(qū)外?;诔闃犹綔y(cè)的網(wǎng)絡(luò)拓?fù)浍@取存在網(wǎng)絡(luò)拓?fù)浍@取不完善的問(wèn)題;基于IP地址地理定位技術(shù)的邊界篩選存在IP地址定位不準(zhǔn)、IP地址定位庫(kù)更新不及時(shí)的問(wèn)題。因此,為更多、更高效地發(fā)現(xiàn)區(qū)域網(wǎng)絡(luò)拓?fù)溥吔绻?jié)點(diǎn),本文提出了一種面向邊界識(shí)別的高覆蓋探測(cè)策略和一種基于多源信息融合的區(qū)域邊界IP識(shí)別技術(shù),提高了獲取區(qū)域網(wǎng)絡(luò)邊界的完整性,提升篩選區(qū)域網(wǎng)絡(luò)邊界識(shí)別的可信度。


本文詳細(xì)內(nèi)容請(qǐng)下載:

http://ihrv.cn/resource/share/2000006810


作者信息:

張昊宇1,2,孫徹1,2,蘇馬婧1,2,趙靜1,2,包正晶1,2

(1.中國(guó)信息安全研究院有限公司,北京 100020;

2.華北計(jì)算機(jī)系統(tǒng)工程研究所,北京 100083)


subscribe.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。