摘要
网络性能度量与调控具有重要的社会意义和军事意义。对网络性能的度量和调控技术的研究不仅其本身具有相当高的学术价值,对网络安全策略的制定也有一定的指导作用。
本文对影响网络性能的诸因素进行了比较全面和深入的定性分析。对其中的一些因素进行了合理的假设,重点分析了网络拓扑对网络性能的影响。在图论的基础上分析了图的整体结构特征与图的节点结构特征。参照节点的中心性度量指标,研究了网络中路由器(集)对网络性能的影响。
在研究了图及其节点的结构特征的基础上,结合路由器攻击的相关手段,提出了网络攻击性价比的概念,然后进一步提出了网络性能敏感路由器极小集的概念,并给出了网络性能敏感路由器极小集的发现算法,简要分析了网络性能敏感路由器极小集的基本特征。
网络拓扑结构是本文研究的重要基础,为此,本文深入研究了网络拓扑发现算法,对这些算法的设计思想和设计方法进行了比较全面的综述,其中对网络拓扑发现算法的设计提出了一些建议和展望。但限于时间和精力,本文并没有设计相关的拓扑发现算法,而是针对一些特殊的规则(Power-law)模拟了一个网络拓扑结构,作为模拟系统的一个输入。
本文的主要创新点如下:
提出了网络攻击性价比的概念。这个概念指出了网络攻击的效果和网络攻击代价之间的比值是衡量攻击手段的优劣的合理的标准。
在网络攻击性价比的基础上,本文提出了网络性能敏感路由器极小集的概念,并设计了相应的发现算法。网络性能敏感路由器极小集的概念指出,对于特定的最少的网络攻击对象(路由器)实施攻击,可以以最小的代价达到预期的攻击效果。根据已知的信息,对网络性能敏感路由器极小集的研究在国内外尚属首次。
最后,本文还研制了相应的模拟系统,对网络流特征、路由算法、路由器攻击手段(Smurf)等进行了模拟实验,实验结果表明,本文发现的网络性能敏感路由器极小集的状态对网络性能有非常关键的影响,应该成为网络攻防的首选对象。这对网络攻防手段的研究和网络攻防策略的制定都将有一定的指导作用。
Network performance metrics and control can be of great social value and economic value. They not only show meaningful academic value but also are instructive to the decision of network security policy.
In this paper, we give general and thorough qualitative analysis on factors effecting network performance, and mainly analysis the effects on network performance by its topology, based on reasonable suppose of some of these factors. With the guidance of the graph theory, we also explore graph structure characters and the characters of the nodes in the graph, further, we analyse the effects on network performance by router (set) referring to the node’s centrality metrics.
With the search on router attacks, we introduce a new conception——network attack performance cost ration, standing on the analysis of graph and its nodes’structure characters, and further introduce the network performance sensitive router minimum set. We design an algorithm for discovering the network performance sensitive router minimum set, and analyse the set’s basic characters.
Since network topology is the important base on which we head on our exploration, we do a search in topology discovering algorithms, presenting a survey on the their basic ideals and methodology. We have a forward looking at and make suggestions on the way in which Network Topological Discovery Algorithms are designed. Limited by time and energy, we simulate the network topology according to some special rules (power-law) serving as one input of the system, instead of designing a new topology discovery algorithm.
The main innovations in this paper are as follows.
The new conception of network attack performance cost ration. This ideal shows that the ration between network attack performance and cost can be an advice to distinguish good attacks from bad ones.
Network performance sensitive router minimum set and it’s discovering algorithm are proposed in this paper with the help of the above concept. With this concept, we can see that it’s easy to achieve the anticipant effect at lowest cost to attack least objects (routers). According to the known message, it’s the first time to search the network performance sensitive router minimum set inland and aboard.
In the last, a simulating system is developed in which we simulate the network data flow, routing algorithm and router attack. The results show that the network performance sensitive router minimum set discovered in this paper has critical effects on the network performance. They should be the best objects to be attacked or be defensed, this can be a guidance to both network attack and network security policy decision.
引文
[1] http://www.china.org.cn/chinese/zhuanti/zghlw/921358.htm
[2] V. Paxson, G. Almes, J. Mahdavi etc., Framework for IP Performance Metrics, RFC2330, 1998, http://www.ietf/org/rfc/rfc2330.txt
[3] V. Paxson, Towards a Framework for Defining Internet Performance Metrics, 1996, http://www.isoc.org/inet96/proceedings/d3/d3-3.htm
[4] V. Cerf, Guidelines for Internet Measurement Activities. RFC1262, 1991. http://www.ietf.org/rfc/rfc1262.txt
[5] G. Almes, S. Kalidindi, M. Zekauskaas, A One-way Delay Metric for IPPM. RFC2679,1999. http://www.ietf.org/rfc/rfc2679.txt
[6] G. Almes, S. Kalidindi, M. Zekauskaas, A Round-Trip Delay Metric for IPPM. RFC2681,1999. http://www.ietf.org/rfc/rfc1262.txt
[7] J. Mahdavi, V. Person, IPPM Metrics for Measureing Connectivity. RFC2678, 1999. http://www.ietf.org/rfc/rfc2678.txt
[8] G. Almes, S. Kalidindi, M. Zekauskaas, A One-way Packet Loss Metric for IPPM. RFC2680,1999. http://www.ietf.org/rfc/rfc2680.txt
[9] Warren Mathews, Les Cottell, Charles Granieri, International Networks Connectivity and Performance. The Challenge from High Energy Physics, 2002
[10] Warren Mathews, Les Cottell, The PingER Project: Active Internet Performance Monitoring for the HENP Community, [j] IEEE Communication, 2000
[11] Vern Paxson, An Architecture for Large-Scale Internet Measurement. IEEE Communications, 1998
[12] Vern Paxson, End-to-End Routing Behavior in the Internet. IEEE/ACM Transactions on Networking, 1997:5(5):601-615
[13] Vern Paxson, End-to-End Internet Packet Dynamics. IEEE/ACM Transactions on Networking, 1999:7(3)
[14] A. J. McGregor, H-W Braun, J. A. Brown, The NLANR Network Analysis Infrastructure. IEEE Communication, 2002:38(5):122-128
[15] Bradley Huffaker, Marina Fomenkov, David Moore etc., Measurement of Internet Topology in the Asia-Pacific Region. INET, Yokohama, 1999, http://www.isoc.org/inet2000/
[16] Sunil Kalidindi, Surveyor: An Infrastructure for Internet Performance Measurements. INET, Stockholm, 1999, http://www.isco.org.inet 99/
[17] 张文杰、钱德沛、张然、杨新宇、张兴军,互联网应用性能测量系统的研究宇实现,计算机研究与发展,2003:40(1):60-67
[18] 张文杰、钱德沛、白跃彬、许大炜、栾钟治,一种网络性能评价指标制定框架,计算机工程与应用,2003:10:14-21
[19] V. Paxson, Towards a Framework for Defining Internet Performance Metrics,1996, http://www.isoc.org/inet96/proceedings/d3/d3-3.htm
[20] 张梅、张燕春、陈常嘉,网络性能的测量与分析,通信世界,2002.1.23: 49
[21] Balachander Krishamurthy, Jia Wang, Topology Modeling via Cluster Graphics, in proc. ACM. SIGCOMM, 2001
[22] Jiang Yu, Fang BinXing, Hu MingZeng, Zhang HongLi, Yun XiaoChun, A Distributed Architecture for Internet Router Lever Topology Discovering Systems, IEEE Communications, 2003
[23] http://research.lumeta.com/ches/map/ yu/index.html
[24] http://www.caida.org/analysis/security/code-red/coderedv2_analysis.xml
[25] Hwa-ChunLin, Shou-Chuan Lai, Ping-Wen Chen, An Algorithm for Automatic Topology Discovery of IP Networks, IEEE Communications, 1998
[26] 廖丽惠、陈琳、龚正虎,网络管理系统中的拓扑发现,计算机工程与应用, 2003:(30)
[27] V. Jacobson, Traceroute, ftp://ftp.ee.lbl.gov/traceroute.tar.z
[28] http://research.lumeta.com/ches/map/ yu/index.html
[29] H.Buech, B. Cheswick, Mapping the Internet, in IEEE Computer, April 1999
[30] R.Siamwalla, R.Sherma, S.Keshav, Discovering Internet Topology, http://www.cs.cornell.edu/skeshav/papers/discovery.pdf
[31] Skitter project at CAIDA, http://www.caida.org/tools/measurement/skitter
[32] Neil Spring, Ratul Mahajan, David Wetherall, Measuring ISP topologies with Rocketfuel, in proc. ACM SIGCOMM, 2000
[33] Ramesh Govindan, Hong Suda Tangm-unarunkit, Heuristics for Internet Map Discovery, in IEEE INFOCOM 2000, IEEE, Mar 2000:1371-1380
[34] C. A. Waldspurger, W.E. Weihl,Lotttery Scheduling: Flexible Proportional Share Resource Management, In First Symposium on Operating Systems Design and Implementation (OSDI), USENIX Association, 1995
[35] R. Cāceres, N. G. Duffield, J. Horowitz, D. Towsley, T. Bu, Multicast-Based Inference of Network Internal Characteristics: Accuracy of Packet Loss Estimation, in proc. IEEE INFOCOM 1999, NewYork (1999)
[36] N. G. Duffield, F. Lo Presti, Multicast Inference of Packet Delay Variance at Interior Network Links, in proc. IEEE Inforcomm 2000,Tel Aviv, March 2000
[37] S. Ratnasamy, S. McCanne, Inference of Multicast Routing Trees and Bottleneck Bandwidths using End-To-End Measurements, in proc. IEEE INFOCOM 1999, NewYork, NY(1999)
[38] N. G. Duffield, J. Horowitz, F. loPresti, D. Towsley, Multicast Topology Inference from Measured End-To-End Loss, in proc. ITC Specialist Seminar on IP Traffic Measurement, Modeling and Management, Monterey, CA, September 2000
[39] Balachander Krishnarnurthy, Jia Wang, On Network-Aware Clustering of Web clients, in proc. ACM SIGCOMM, August 2000
[40] N. G. Duffield, J. Horowitz, F. loPresti, D. Towsley, Multicast Topology Inference from Measured End-To-End Loss, Submitted for publication
[41] David G. Anderson, Nick Feamster, Steve Bauer, Hari Balakrishnan, Topology Inference from BGP Routing Dynamics, in proc. ACM SIGCOMM Internet Measurement Workshop 2002:243-248
[42] Jangwon Lee, Gustavo de Veciana, Resource and Topology Discovery for IP Multicast Using a Fan-Out Decrement Mechanism, in proc. IEEE INFOCOM 2001
[43] Sally Floyd, Vern Paxson, Difficulties in Simulating the Internet, in proc. Winter Simulation Conference Atlanta GA, 1997
[44] John D. Howard, An Analysis of Security Incident on the Internet [D], Carnegie Mellon University, West Lafayette, USA , 1997
[45] Jules G. McNeff, The Global Position System, IEEE TRANSACTION, 2002:50(3):645-652
[46] Venkata N. Padmanabhan, Lakshminarayanan Subramanian, An Investigation of Gcographic Mapping Technigues for Internet Hosts, SIGCOMM, 2001:173-185
[47] Lakshminarayanan Subramanian, Venkata N.Padmanabhan, Randy H.Katz, Geographic Properties of Internet Routing:Analysis and Implications, Microsoft Reasearch, Micorosoft Corporation, One Microsoft Way Redmond, WA 98052, USA
[48] Anukool Lakhina, John W. Byers, Mark Crorella, Brahim, Matta, On the Geographic Location of Internet Resources, http://www.caida.org/
[49]P.Bshl, V.N.Padmanabham, RADAR:An In-Building RF-Based Vser Location and Tracking System, IEEE INFOCOM 2000
[50] D. C. Vixie, P. Gooduim, T. Dickinson, A Means for Expressing Location Information in the Domain Name System, RFC1876, IETF, January1996
[51] K. Aarrenstien, M. Stahl, E. Feinler, NICKNAME/WHOIS, RFC954, IEFF, October 1985
[52] V. Jacobson, Tramceroute Software, August 1999 ftp://ftp.ee.lbl.gov/traceroute.tar.gz
[53] Akamai Inc. http://www.akamai.com/
[54] Digital Island Inc. http://www.digitalisland.com/
[55] 谢政、戴丽编著,组合图论,湖南.长沙,国防科技大学出版社,2003.5
[56] Thay R. Coffman, Sherry E. Marcus, Pattern Classification in Social Network Analysis: A Case Study, IEEE Aerospace Conference Proceedings, 2004:3162-3167
[57] Wasserman S., K. Faust, Social Network Analysis, Cambridge University Press, Cambridge, 1994
[58] Freeman, Linton C., Centrality in Social Networks: I. Conceptual Clarification Social Networks, 1979:1:215-239
[59] http://www.nada.kth.se/~viggo/wwwcompendium/node10.html#3020
[60] Faloutsos, etc., On power-law relations of the internet topology, ACM SIGCOMM, computer communication, 1999: 29:251-263
[61] R. Albert, etc., Error and attack tolerance of complex networks, Nature, 2000, 406:378-382
[62] 徐野、赵海、苏威积、张文波、张昕,Internet 网络的访问直径分析,计算机学报,2006.5:29(5):690-698