Nowadays, the main communication object of Internet is human-human. But it is foreseeable that in the near future any object will have a unique identification and can be addressed and con- nected. The Internet will ex...Nowadays, the main communication object of Internet is human-human. But it is foreseeable that in the near future any object will have a unique identification and can be addressed and con- nected. The Internet will expand to the Internet of Things. IPv6 is the cornerstone of the Internet of Things. In this paper, we investigate a fast active worm, referred to as topological worm, which can propagate twice to more than three times faster tl^an a traditional scan-based worm. Topological worm spreads over AS-level network topology, making traditional epidemic models invalid for modeling the propagation of it. For this reason, we study topological worm propagation relying on simulations. First, we propose a new complex weighted network mod- el, which represents the real IPv6 AS-level network topology. And then, a new worm propagation model based on the weighted network model is constructed, which descries the topological worm propagation over AS-level network topology. The simulation results verify the topological worm model and demonstrate the effect of parameters on the propagation.展开更多
Vulnerability-testing Oriented Petri Net (VOPN), a vulnerability testing model for communication protocol is brought forward first, which is combined Petri Net system with protocol Syntax analysis. Then vulnerabilit...Vulnerability-testing Oriented Petri Net (VOPN), a vulnerability testing model for communication protocol is brought forward first, which is combined Petri Net system with protocol Syntax analysis. Then vulnerability testing of implementation of HTTP protocol based on VOPN is made and the process is analyzed to prove the feasibility of the model.展开更多
Mobile multicast is important for the emerging applications such as mobile video or audio conference and mobile IPTV.Some mobile multicast schemes have been proposed in the past few years, but most of them study the r...Mobile multicast is important for the emerging applications such as mobile video or audio conference and mobile IPTV.Some mobile multicast schemes have been proposed in the past few years, but most of them study the reconstruc-tion of multicast delivery tree, and few consider the group membership management for mobile sub-scribers.In this paper, we propose a new mobile multicast method based on the Two-Hop Multicast Listener Discovery(THMLD) protocol which pro-vides the mobile multicast membership manage-ment function by forwarding the traditional MLD messages to its neighboring subnets.To evaluate its performance, we analyze the THMLD and set up the simulation platform to compare it with the several traditional mobile multicast methods.The results show that THMLD can reduce the multicast join time, and the THMLD-based mobile multicast method can reduce the multicast join delay at a cost of increasing additional multicast maintenance cost.展开更多
Flow-based measurement is a popular method for various network monitoring usages.However, many flow exporting softwares have still low performance to collect all flows.In this paper, we propose a IPFIX-based flow expo...Flow-based measurement is a popular method for various network monitoring usages.However, many flow exporting softwares have still low performance to collect all flows.In this paper, we propose a IPFIX-based flow export engine with an enhanced and extensible data structure, called XFix, on the basis of a GPL tool,-nProbe.In the engine, we use an extensible two-dimensional hash table for flow aggregation, which is able to improve the performance of the metering process as well as support bidirectional flow.Experimental results have shown its efficiency in multi-thread processing activity.展开更多
Although the frequency of Internet worm's outbreak is decreased during the past ten years, the impact of worm on people's privacy security and enterprise's efficiency is still a severe problem, especially the emerg...Although the frequency of Internet worm's outbreak is decreased during the past ten years, the impact of worm on people's privacy security and enterprise's efficiency is still a severe problem, especially the emergence of botnet. It is urgent to do more research about worm's propagation model and security defense. The well-known worm models, such as simple epidemic model (SEM) and two-factor model (TFM), take all the computers on the internet as the same, which is not accurate because of the existence of network address translation (NAT). In this paper, we first analyze the worm's functional structure, and then we propose a three layer worm model named three layres worm model (TLWM), which is an extension of SEM and TFM under NAT environment. We model the TLWM by using deterministic method as it is used in the TFM. The simulation results show that the number of NAT used on the Internet has effects on worm propagation, and the more the NAT used, the slower the worm spreads. So, the extensive use of NAT on the Internet can restrain the worm spread to some extent.展开更多
基金supported by the Ministry of Education Research Project for Returned Talents after Studying Abroadthe Ministry of Education Project of Science and Technology Basic Resource Data Platform(No.507001)+1 种基金International Scientific and Technological Cooperation Program(S2010GR0902)Chinese Universities Scientific Fund(2009RC0502)
文摘Nowadays, the main communication object of Internet is human-human. But it is foreseeable that in the near future any object will have a unique identification and can be addressed and con- nected. The Internet will expand to the Internet of Things. IPv6 is the cornerstone of the Internet of Things. In this paper, we investigate a fast active worm, referred to as topological worm, which can propagate twice to more than three times faster tl^an a traditional scan-based worm. Topological worm spreads over AS-level network topology, making traditional epidemic models invalid for modeling the propagation of it. For this reason, we study topological worm propagation relying on simulations. First, we propose a new complex weighted network mod- el, which represents the real IPv6 AS-level network topology. And then, a new worm propagation model based on the weighted network model is constructed, which descries the topological worm propagation over AS-level network topology. The simulation results verify the topological worm model and demonstrate the effect of parameters on the propagation.
文摘Vulnerability-testing Oriented Petri Net (VOPN), a vulnerability testing model for communication protocol is brought forward first, which is combined Petri Net system with protocol Syntax analysis. Then vulnerability testing of implementation of HTTP protocol based on VOPN is made and the process is analyzed to prove the feasibility of the model.
基金supported in part by 973 program under con-tract 2007CB307101National High Technology of China ("863 program") under contract No. 2008AA01A326 National Natural Science Foundation of China under Grant No. 60870015 and No. 60833002
文摘Mobile multicast is important for the emerging applications such as mobile video or audio conference and mobile IPTV.Some mobile multicast schemes have been proposed in the past few years, but most of them study the reconstruc-tion of multicast delivery tree, and few consider the group membership management for mobile sub-scribers.In this paper, we propose a new mobile multicast method based on the Two-Hop Multicast Listener Discovery(THMLD) protocol which pro-vides the mobile multicast membership manage-ment function by forwarding the traditional MLD messages to its neighboring subnets.To evaluate its performance, we analyze the THMLD and set up the simulation platform to compare it with the several traditional mobile multicast methods.The results show that THMLD can reduce the multicast join time, and the THMLD-based mobile multicast method can reduce the multicast join delay at a cost of increasing additional multicast maintenance cost.
文摘Flow-based measurement is a popular method for various network monitoring usages.However, many flow exporting softwares have still low performance to collect all flows.In this paper, we propose a IPFIX-based flow export engine with an enhanced and extensible data structure, called XFix, on the basis of a GPL tool,-nProbe.In the engine, we use an extensible two-dimensional hash table for flow aggregation, which is able to improve the performance of the metering process as well as support bidirectional flow.Experimental results have shown its efficiency in multi-thread processing activity.
基金supported by the Ministry of Education Science and Technology Basic Resource Data Platform (507001)the Ministry of Education Research Project for Returned Talents after Studying Abroad,and the Chinese Universities Scientific Fund (2009RC0502)the International Scientific and Technological Cooperation Program (S2010GR0902)
文摘Although the frequency of Internet worm's outbreak is decreased during the past ten years, the impact of worm on people's privacy security and enterprise's efficiency is still a severe problem, especially the emergence of botnet. It is urgent to do more research about worm's propagation model and security defense. The well-known worm models, such as simple epidemic model (SEM) and two-factor model (TFM), take all the computers on the internet as the same, which is not accurate because of the existence of network address translation (NAT). In this paper, we first analyze the worm's functional structure, and then we propose a three layer worm model named three layres worm model (TLWM), which is an extension of SEM and TFM under NAT environment. We model the TLWM by using deterministic method as it is used in the TFM. The simulation results show that the number of NAT used on the Internet has effects on worm propagation, and the more the NAT used, the slower the worm spreads. So, the extensive use of NAT on the Internet can restrain the worm spread to some extent.
