CN113595769B - Multi-node network delay time window calculation method for hopping network - Google Patents

Multi-node network delay time window calculation method for hopping network Download PDF

Info

Publication number
CN113595769B
CN113595769B CN202110776695.2A CN202110776695A CN113595769B CN 113595769 B CN113595769 B CN 113595769B CN 202110776695 A CN202110776695 A CN 202110776695A CN 113595769 B CN113595769 B CN 113595769B
Authority
CN
China
Prior art keywords
network
data packet
time period
hopping
time
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110776695.2A
Other languages
Chinese (zh)
Other versions
CN113595769A (en
Inventor
徐正全
方铸
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan University WHU
Original Assignee
Wuhan University WHU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan University WHU filed Critical Wuhan University WHU
Priority to CN202110776695.2A priority Critical patent/CN113595769B/en
Publication of CN113595769A publication Critical patent/CN113595769A/en
Application granted granted Critical
Publication of CN113595769B publication Critical patent/CN113595769B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/142Network analysis or design using statistical or mathematical methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Algebra (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Pure & Applied Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a method for calculating a multi-node network delay time window of a hopping network. The method comprises the master controller and a plurality of trusted devices. The master controller sets the time period of network parameter hopping in the hopping network and the network parameter set of the hopping network nodes; the trusted device reads a data packet observation window corresponding to each network parameter hopping time period, reads the transmission time mean value and the routing hop count mean value of a plurality of data packets through a time window algorithm, and calculates the network delay time window of each trusted device corresponding to each network parameter hopping time period according to the transmission time mean value and the routing hop count mean value; the invention has the advantages that a time window estimation algorithm suitable for network multi-hop transmission is provided, so that a time window method can be utilized to receive network delay data packets during hopping to the maximum extent under the condition of general network transmission, delay packet loss caused by hopping network is reduced as much as possible, and the service performance of the system is effectively improved when network resources are in shortage.

Description

Multi-node network delay time window calculation method for hopping network
Technical Field
The invention belongs to the field of network security, and particularly relates to a method for calculating a multi-node network delay time window of a hopping network.
Background
Conventional network defense techniques such as security vulnerability scanning, firewalling, intrusion detection, and the like have been developed in succession. These have greatly improved the level of network defense and are gradually becoming the standard for network security defense. However, with the continuous update of network attack means, the defense technology widely adopted at present is increasingly inattentive in the face of unknown attack means such as trojan port hopping, hop agent attack, protocol conversion attack, DDoS attack and the shape and the color. Hop networks are intended to construct a dynamic, heterogeneous, uncertain network that can prevent, delay or block network attacks by increasing the randomness or decreasing the predictability of the system. And the hopping network is always the most active research direction, and the remarkable research results are obtained.
With the development of research and the gradual maturity of technical solutions, people also pay attention to the influence of the hopping network on normal network functions and performances and how to reduce the influence. On one hand, the problem of so-called delay packet loss is that when nodes in a network hop synchronously, due to transmission network delay, a part of data transmitted by a network address before hopping cannot reach a node to be received at the time of hopping, and certainly cannot be correctly received by the node after hopping, so that certain extra transmission packet loss is caused. The problem of delayed packet loss not only causes the reduction of transmission performance, but also interferes with the normal network function when the problem is serious, and particularly, the problem is more serious when the network resources are short, the transmission path is long and the hopping is frequent.
In order to solve the problem of network delay packet loss, a time window is added to a sending end host or a receiving end host, and the method is to lag the time when the receiving end parameter jumps by a period of time (so-called time window) relative to the time when the sending end parameter jumps, so as to reserve a time window or a gap for recovering the part of the data packet being transmitted, which is sent in the previous cycle of the jump. It is clear that the reserved time window (gap) cannot be too small nor too large. If the time window is too small, a considerable part of data packets which are delayed to arrive and jump in the previous period cannot be received due to the change of network parameters; if the time window is too large, although all the data packets in the delay sent in the previous cycle can be recovered, a part of the data packets sent in the new hop cycle network parameters cannot be normally received because the network parameters at the receiving end do not change in time. Theoretically, the optimal time window is equal to the network delay when the network is hopped. However, in practice, since the network delay always changes dynamically, that is, the network delay cannot be predicted accurately in advance, how to estimate the network delay at the time of the transition (i.e., the optimal time window estimation) according to the past network delay monitored at that time has been the key of the time window technology research. At present, research on a hopping network time window estimation algorithm mainly focuses on an end-to-end hopping network transmission scene, and the basic idea is that the average network delay of a data packet in a period of time before hopping between two nodes is monitored as an estimation result of a time window, and the algorithms can generally receive the network delay data packet during hopping to the maximum extent. However, the end-to-end hopping network time window estimation algorithm is not suitable for general hopping network transmission scenarios. This is because, in a general network communication scenario, data is no longer limited to end-to-end transmission, and in many cases, data transmission from a sending node to a receiving node often needs to be completed through multi-hop forwarding. At this time, the data packet needs to pass through one or more intermediate nodes, and the intermediate nodes also generate network delay packet loss when the network is hopped, and the total transmission delay packet loss is equal to the sum of packet losses generated by all nodes on the transmission path. The existing time window estimation algorithms applicable to end-to-end transmission are no longer applicable. Aiming at the problems, theoretical analysis shows that a time window estimation algorithm suitable for network multi-hop transmission is provided, so that a network delay data packet during hopping can be received to the maximum extent by using a time window method even if multi-hop forwarding transmission conditions exist under the condition of general network transmission, and delay packet loss caused by a hopping network is reduced as much as possible.
The invention provides a time window estimation method, which has the following characteristics:
the method can be applied to network multi-hop transmission, so that the network hopping time window technology can be applied to general network transmission and is not limited to end-to-end transmission.
Disclosure of Invention
The technical scheme of the invention is a method for calculating a delay time window of a multi-node network of a hopping network.
In order to guarantee the computational reliability of the time window estimation method, it needs to complete the computation in a trusted system.
The trusted system comprises: the system comprises a master controller and a plurality of trusted devices;
the master controller is sequentially connected with the network node where each trusted device is located; the trusted device is embedded in each hop node in the network;
the master controller is used for setting an initial value and sending an instruction signal and a synchronous signal to a network node where the trusted device is located; after receiving the instruction signal and the synchronous signal, the network node of the trusted device calculates a network delay time window;
the technical scheme of the method is a method for calculating the delay time window of a multi-node network of a hopping network, which comprises the following specific steps:
step 1: the master controller sets the time period of network parameter hopping in the hopping network and the network parameter set of the hopping network nodes; the trusted device sets the length of a data packet reading observation window; reading a plurality of data packets by each trusted device through a time window algorithm in combination with a read data packet observation window corresponding to each network parameter hopping time period within a time period corresponding to each network parameter hopping time period;
step 2, calculating the transmission time of each read data packet read in by the read data packet observation window corresponding to the time period of network parameter hopping, and calculating the accumulated sum of the transmission times of the read data packets read in by the read data packet observation window corresponding to the time period of network parameter hopping according to the transmission time;
step 3, obtaining the routing hop count from the sending end to the receiving end of each data packet of each trusted device reading the data packet observation window corresponding to the time period of each network parameter hopping, and calculating the sum of the routing hop counts of the data packets in the corresponding reading data packet observation window read by each trusted device reading the data packet observation window corresponding to the time period of each network parameter hopping;
step 4, calculating the average value of the network delay time window of each credible device corresponding to the time period of each network parameter jump;
step 5, calculating the network delay time window of the credible equipment corresponding to the time period of the (k + 1) th network parameter jump according to the output value of the iterative network delay time window of the credible equipment corresponding to the time period of the (k) th network parameter jump; and the master controller obtains a network delay time window fed back by each trusted device, namely a hopping node in the hopping network, corresponding to each network parameter hopping time period and a summary of total routing hops fed back by each trusted device, namely the hopping node in the hopping network, corresponding to each network parameter hopping time period. And calculating the weighted average of the network delay time windows of each corresponding trusted device, namely the jump nodes in the jump network, in the time period of the jump of the network parameters.
Step 6, the weighted average network delay time window of the step 5 is further transmitted to each trusted device through a master controller;
preferably, the time period of network parameter hopping in the hopping network in step 1 is: t, the default unit of time is second;
the network parameter set of the hopping network node in the step 1 is as follows:
P={v1,v2,...,vn},
where P represents a set of network parameters of a hop network node, viThe network parameter is the ith type of network parameter in the network parameter set of the jump network node, and n represents the number of the network parameter types in the network parameter set of the jump network node;
the window length of the observation window for reading the data packet in the step 1 is as follows: l, the default unit of time is second;
t is far more than 0.1, T is not less than 1s, L is far more than 0.1, and L is not less than 0 and not more than T-0.1;
step 1, the time period corresponding to the time period of each network parameter jump is defined as:
[time0+T*(k-1),time0+T*k],k∈[1,K]
wherein, time0+ T (K-1) represents the starting time of the time period of the kth network parameter jump, time0+ T K represents the ending time of the time period of the kth network parameter jump, and K represents the number of the total time period of the network parameter jump;
step 1, the observation window of the read data packet corresponding to the time period of each network parameter jump is defined as:
Sk=[time_startk,time_endk],k∈[1,K]
L=time_endk-time_startk
wherein, time _ startkThe start time, time _ end, of the corresponding read packet observation window representing the time period of the kth network parameter hopkThe end time of a corresponding read data packet observation window representing the time period of the kth network parameter jump, L represents the window length of the read data packet observation window, and K represents the number of the total time period of the network parameter jump;
step 1, the number of data packets read in a window for reading a data packet observation window corresponding to each network parameter hopping time period of each trusted device is as follows:
datak={numk,1,numk,2,...numk,N}
wherein, the datakSet of number of packets, num, read in of observation window of read packets corresponding to time period of kth network parameter jumpk,jJ belongs to [1, N ] the number of data packets read in by jth credible equipment, namely jth jump node in jump network, of corresponding read data packet observation window representing the time period of kth network parameter jump]And N represents the number of hopping nodes in the hopping network.
Preferably, the calculating of the transmission time of each data packet read in the read data packet observation window corresponding to the time period of network parameter hopping in step 2 specifically includes:
dk,j,l=startk,j,l-endk,j,l
dk,j,l,k∈[1,K],j∈[1,N],l∈[1,numk,j]
wherein, dk,j,lThe transmission time and start of the ith data packet read by the jth trusted device of the jth data packet observation window which represents the time period of the kth network parameter jumpk,j,lThe sending time and end of the ith data packet read in by the jth credible device of the jth data packet observation window which represents the time period of the kth network parameter jumpk,j,lThe receiving time of the ith data packet read by the jth trusted device reading the data packet observation window corresponding to the time period of the kth network parameter jump is represented, K represents the total time period of the network parameter jump, N represents the number of jump nodes in the jump network, numk,jThe number of the read-in data packets of the corresponding read data packet observation window representing the time period of the kth network parameter jump;
the startk,j,lThe specific acquisition mode is as follows:
reading the parameter of the ith data packet of the jth credible device, namely the jth jump node in the jump network, of the network delay time window corresponding to the time period of the kth network parameter jump, wherein the parameter is dataThe transmission time of the packet is recorded as startk,j,lThe start is obtained from the echo value of the timestamp option for the transmission of the ith packetk,j,l
Said endk,j,lThe specific acquisition mode is as follows:
reading the parameter of the ith data packet of the jth trusted device, namely the jth jump node in the jump network, of the network delay time window corresponding to the time period of the kth network parameter jump, wherein the parameter is the receiving time of the data packet and is marked as endk,j,lEnd is taken from the echoed value of the received timestamp option for the ith packetk,j,l
D isk,j,lThe specific acquisition mode is as follows:
dk,j,l=startk,j,l-endk,j,l
step 2, calculating the sum of the transmission times of the read-in data packets of the read-in data packet observation window corresponding to the time period of network parameter hopping, specifically:
the sum of the transmission times of the data packets in step 2 is represented as the accumulation of the transmission times of the data packets in the data observation window, that is, at the start time of the data packet observation window, the trusted device receives one data packet and accumulates the transmission time of one data packet, and the trusted device does not receive any data packet at the expiration time of the observation window. The sum of the transmission times of the data packets is equivalent to the following equation:
Figure GDA0003590999230000051
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein S isk,jThe transmission time of all read-in data packets in a corresponding read data packet observation window read by a jth trusted device of a corresponding read data packet observation window representing the time period of kth network parameter jump, K represents the total time period number of network parameter jump, N represents the number of jump nodes in a jump network, numk,jRepresenting kth network parametersAnd the quantity of the read-in data packets of the corresponding read data packet observation window of the jumping time period.
Preferably, the step 3 of obtaining the routing hop count of the data packet of the trusted device reading the data packet observation window, that is, the hop node in the hop network, corresponding to the time period of each network parameter hop specifically includes:
based on the IP data packet format and the application layer transmission protocol, reading the routing hop count of an option field corresponding to the routing hop count of the read data packet in the IP data packet message header of the jth data packet of the jth hop node in the jth credible device, namely the hop node, of the jth data packet observation window corresponding to the time period of the kth network parameter hop, and recording the routing hop count as:
mk,j,l,l∈{numk,1,numk,2,...numk,N},k∈[1,K],j∈[1,N]
wherein m isk,j,lAnd the routing hop count of the ith data packet of the jth trusted device, namely the jth hop node in the hop network, of the corresponding read data packet observation window representing the time period of the kth network parameter hop.
The cumulative sum of the route hops of all the data packets in the data packet observation window corresponding to the jth hop node in the hop network, which is the jth trusted device of the network delay time window corresponding to the time period of the kth network parameter hop, is specifically recorded as:
and 3, the sum of the routing hops of the data packets in the step 3 is expressed as the accumulated sum of the routing hops of the data packets in the data observation window, namely at the starting time of the data packet observation window, the trusted device receives a data packet and starts to accumulate the routing hops of the data packet once, and the trusted device does not receive the data packet at the ending time of the observation window. The sum of the accumulated number of route hops for the data packet within the observation window of the data packet is equivalent to the following equation:
Figure GDA0003590999230000061
wherein, the first and the second end of the pipe are connected with each other,
Figure GDA0003590999230000062
and the cumulative sum of the routing hops of all the data packets in the data packet observation window corresponding to the jth hop node in the hop network, which is the jth trusted device of the corresponding network delay time window of the time period for the kth network parameter hop.
Preferably, the step 4 calculates an average of network delay time windows of j +1 th trusted devices, i.e. j +1 th hopping nodes in the hopping network, of the time period of the hopping of the k +1 th network parameter. The method specifically comprises the following steps:
the step 4 is to average the network delay time windows of the data packets in the read data packet observation window corresponding to the jth trusted device, i.e. the jth hop node in the hop network, in the time period of the kth network parameter hop, specifically:
Figure GDA0003590999230000071
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein the content of the first and second substances,
Figure GDA0003590999230000075
and averaging the network delay time windows of the data packets read in the corresponding read data packet observation window by the jth trusted device of the corresponding read data packet observation window representing the time period of the kth network parameter jump.
Preferably, the master controller in step 5 summarizes a sum of network delay time windows and a sum of routing hops of a kth trusted device, that is, a kth hopping node of the hopping network, corresponding to a time period of the kth network parameter hopping reported by the whole network. Calculating a weighted average of network delay time windows of a kth credible device, namely a kth jump node of the jump network, corresponding to the time period of the kth network parameter jump according to the method in the step 5, wherein the weighted average is used as a network delay time window of a k +1 credible device, namely a k +1 jump node in the jump network, corresponding to the time period of the kth network parameter jump; the method specifically comprises the following steps:
Figure GDA0003590999230000072
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein the content of the first and second substances,
Figure GDA0003590999230000073
weighted average of network delay time windows of the corresponding j +1 th trusted device, namely the j +1 th jump node in the jump network, of the time period of the jump of the (k + 1) th network parameter
The weighting of the network delay time window of the j +1 th trusted device in the time period of the (k + 1) th network parameter hopping in step 5, that is, the hop node in the j +1 th hop network, specifically is:
Figure GDA0003590999230000074
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein the content of the first and second substances,
Figure GDA0003590999230000081
and weighting the network delay time windows of the corresponding k +1 trusted device, namely the hop node of the j +1 th hop node in the hop network, of the time period of the k +1 th network parameter hop in the whole network.
The invention provides a multi-node network delay time window estimation algorithm, which can approach to a theoretical optimal time window and can receive network delay data packets at the maximum in practical application, so that delay packet loss caused by network hopping is close to the minimum. Meanwhile, the effectiveness of the algorithm is verified through simulation experiments and actual tests. The algorithm has the main advantages that the delay packet loss caused by network hopping can be reduced to the greatest extent no matter in the multi-node forwarding or end-to-end transmission condition, so that the algorithm has universality and universality.
The invention has the advantages that a time window estimation algorithm suitable for network multi-hop transmission is provided, so that a time window method can be utilized to receive network delay data packets during hopping to the maximum extent under the condition of general network transmission, delay packet loss caused by hopping network is reduced as much as possible, and the service performance of the system is effectively improved when network resources are in shortage.
Drawings
FIG. 1: the method of the invention is a flow chart.
FIG. 2: the time window implements the flow chart.
Detailed Description
The concept, specific structure and technical effects of the present invention will be further described with reference to fig. 1 and 2 and the following embodiments to fully understand the objects, features and effects of the present invention. It is to be understood that these examples are for illustrative purposes only and are not intended to limit the scope of the invention, which is to be given the full breadth of the appended claims and any and all equivalent modifications thereof which would occur to one skilled in the art upon reading the present specification.
The time window proposed in the invention works in a trusted environment, which is calculated in a trusted system in order to guarantee the calculation reliability of the time window estimation method, said trusted system comprising: the system comprises a master controller and a plurality of trusted devices;
the trusted device is described as being implemented based on TrustZone and TNP time synchronization services.
The TrustZone is a security architecture proposed by the ARM aiming at the security of the consumer electronics equipment, so that the effective resources of the equipment are effectively prevented from being copied, damaged or tampered, and the equipment information is prevented from being damaged or acquired by means of malicious attack, hardware monitoring, intervention and the like.
TNP time synchronization is a time synchronization service based on a time synchronization mechanism.
The master controller is sequentially connected with the network node where each trusted device is located;
the trusted device is embedded in each hop node in the network;
the master controller is used for setting a system initial value and sending an instruction signal and a synchronous signal to a network node where the trusted device is located; after receiving the instruction signal and the synchronous signal, the network node of the trusted device calculates a network delay time window;
the type of the master controller is selected from an X86 server provided with master controller software;
the type of each trusted device is ARMv8 containing TrustZone function;
the technical scheme of the method is a multi-node network delay time window calculation method, which comprises the following specific steps:
step 1: the master controller sets the time period of network parameter hopping in the hopping network and the network parameter set of the hopping network nodes; the trusted device sets the length of a data packet reading observation window; reading a plurality of data packets by each trusted device through a time window algorithm in combination with a read data packet observation window corresponding to each network parameter hopping time period within a time period corresponding to each network parameter hopping time period;
step 1, the time period of network parameter hopping in the hopping network is as follows: t;
the network parameter set of the hopping network node in the step 1 is as follows:
P={v1,v2,...,vn},
where P represents a set of network parameters of a hop network node, viThe network parameter is the ith type of network parameter in the network parameter set of the jump network node, and n represents the number of the network parameter types in the network parameter set of the jump network node;
the window length of the observation window for reading the data packet in the step 1 is as follows: l;
t is far more than 0.1, and is more than or equal to 1 and less than or equal to T, L is far more than 0.1, and is more than or equal to 0 and less than or equal to T-0.1;
the T is specifically as follows: t is 20s, and L is specifically: l ═ 19.9 s;
step 1, the time period corresponding to the time period of each network parameter jump is defined as:
[time0+T*(k-1),time0+T*k],k∈[1,K]
wherein, time0+ T (K-1) represents the starting time of the time period of the kth network parameter jump, time0+ T K represents the ending time of the time period of the kth network parameter jump, and K represents the number of the total time period of the network parameter jump;
step 1, the observation window of the read data packet corresponding to the time period of each network parameter jump is defined as:
Sk=[time_startk,time_endk],k∈[1,K]
L=time_endk-time_startk
wherein, time _ startkThe start time, time _ end, of the corresponding read packet observation window representing the time period of the kth network parameter hopkThe end time of a corresponding read data packet observation window representing the time period of the kth network parameter jump, L represents the window length of the read data packet observation window, and K represents the number of the total time period of the network parameter jump;
step 1, the number of data packets read in a window for reading a data packet observation window corresponding to each network parameter hopping time period of each trusted device is as follows:
datak={numk,1,numk,2,...numk,N}
wherein, the datakSet of read-in packet numbers, num, of read-in packet observation windows corresponding to time period of kth network parameter transitionk,jJ belongs to [1, N ] the number of data packets read in by jth credible equipment, namely jth jump node in jump network, of corresponding read data packet observation window representing the time period of kth network parameter jump]N represents the number of hop nodes in the hop network;
step 2, calculating the transmission time of each read data packet read in the read data packet observation window corresponding to the time period of network parameter hopping, and calculating the transmission time average value of the read data packets read in the read data packet observation window corresponding to the time period of network parameter hopping according to the transmission time;
step 2, calculating the transmission time of each data packet read in by the read data packet observation window corresponding to the time period of network parameter hopping, specifically:
dk,j,l=startk,j,l-endk,j,l
dk,j,l,k∈[1,K],j∈[1,N],l∈[1,numk,j]
wherein d isk,j,lThe transmission time and start of the ith data packet read by the jth trusted device of the jth data packet observation window which represents the time period of the kth network parameter jumpk,j,lThe sending time and end of the ith data packet read in by the jth credible device of the jth data packet observation window which represents the time period of the kth network parameter jumpk,j,lThe receiving time of the ith data packet read by the jth trusted device reading the data packet observation window corresponding to the time period of the kth network parameter jump is represented, K represents the total time period of the network parameter jump, N represents the number of jump nodes in the jump network, numk,jThe number of the read-in data packets of the corresponding read data packet observation window representing the time period of the kth network parameter jump;
the startk,j,lThe specific acquisition mode is as follows:
reading the parameter of the ith data packet of the jth trusted device, namely the jth jump node in the jump network, of the network delay time window corresponding to the time period of the kth network parameter jump, wherein the parameter is the sending time of the data packet and is marked as startk,j,lThe start is obtained from the echo value of the timestamp option for the transmission of the ith packetk,j,l
Said endk,j,lThe specific acquisition mode is as follows:
reading the parameter of the ith data packet of the jth trusted device, namely the jth jump node in the jump network, of the network delay time window corresponding to the time period of the kth network parameter jump, wherein the parameter is the receiving time of the data packet and is marked as endk,j,lEnd is taken from the echoed value of the received timestamp option for the ith packetk,j,l
D isk,j,lThe specific acquisition mode is as follows:
dk,j,l=startk,j,l-endk,j,l
step 2, calculating the sum of the transmission times of the read-in data packets of the read-in data packet observation window corresponding to the time period of network parameter hopping, specifically:
the sum of the transmission times of the data packets in the step 2 is expressed as the accumulated sum of the transmission times of the data packets in the data observation window, namely, at the starting time of the data packet observation window, the trusted device receives one data packet and starts to accumulate the transmission time of one data packet, and the trusted device does not receive the data packet at the deadline time of the observation window. The cumulative sum of the transmission times of the data packets within the observation window of the data packet is equivalent to the following equation:
Figure GDA0003590999230000111
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein S isk,jAnd the accumulated sum of the transmission time of all the read-in data packets in the corresponding read data packet observation window read by the jth trusted device of the corresponding read data packet observation window representing the time period of the kth network parameter jump.
Step 3, obtaining the route hop count from the sending end to the receiving end of each data packet of each trusted device of each data packet observation window of each network parameter hopping time period, specifically:
based on the IP data packet format and the application layer transmission protocol, reading the routing hop count of an option field corresponding to the routing hop count of the read data packet in the IP data packet message header of the jth data packet of the jth hop node in the jth credible device, namely the hop node, of the jth data packet observation window corresponding to the time period of the kth network parameter hop, and recording the routing hop count as:
mk,j,l,l∈{numk,1,numk,2,...numk,N},k∈[1,K],j∈[1,N]
wherein m isk,j,lAnd the routing hop count of the ith data packet of the jth trusted device, namely the jth hop node in the hop network, of the corresponding read data packet observation window representing the time period of the kth network parameter hop.
Further, the sum of the routing hops of all the data packets in the data packet observation window corresponding to the jth trusted device, i.e. the jth hop node in the hop network, of the network delay time window corresponding to the time period of the kth network parameter hop is specifically:
the sum of the transmission times of the data packets in the step 3 is expressed as the accumulated sum of the transmission times of the data packets in the data observation window, namely, at the starting time of the data packet observation window, the trusted device receives one data packet and starts to accumulate the transmission time of one data packet, and the trusted device does not receive the data packet at the deadline time of the observation window. The cumulative sum of the transmission times of the data packets within the observation window of the data packet is equivalent to the following equation:
Figure GDA0003590999230000121
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein, the first and the second end of the pipe are connected with each other,
Figure GDA0003590999230000122
and the routing hop counts of all the data packets in the data packet observation window corresponding to the jth credible device, namely the jth hop node in the hop network, and representing the network delay time window corresponding to the time period of the kth network parameter hop, are accumulated in the data packet observation window.
Step 4, calculating the average of network delay time windows of data packets in a reading data packet observation window corresponding to a jth credible device, namely a jth jump node in the jump network, in the time period of the kth network parameter jump, specifically:
Figure GDA0003590999230000123
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein, the first and the second end of the pipe are connected with each other,
Figure GDA0003590999230000131
and averaging the network delay time windows of the data packets read in the corresponding read data packet observation window by the jth trusted device of the corresponding read data packet observation window representing the time period of the kth network parameter jump.
And 5, the master controller summarizes the sum of network delay time windows and the sum of routing hops of the kth credible device, namely the kth hopping node of the hopping network, corresponding to the time period of the kth network parameter hopping reported by the whole network. Calculating a weighted average of network delay time windows of a kth credible device, namely a kth jump node of the jump network, corresponding to the time period of the kth network parameter jump according to the method in the step 5, wherein the weighted average is used as a network delay time window of a k +1 credible device, namely a k +1 jump node in the jump network, corresponding to the time period of the kth network parameter jump; the method specifically comprises the following steps:
Figure GDA0003590999230000132
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein the content of the first and second substances,
Figure GDA0003590999230000135
weighted average of network delay time windows of the corresponding j +1 th trusted device, namely the j +1 th jump node in the jump network, of the time period of the jump of the (k + 1) th network parameter
The weighting of the network delay time window of the j +1 th trusted device in the time period of the (k + 1) th network parameter hopping in step 5, that is, the hop node in the j +1 th hop network, specifically is:
Figure GDA0003590999230000133
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein the content of the first and second substances,
Figure GDA0003590999230000134
and weighting the network delay time windows of the corresponding k +1 trusted device, namely the hop node of the j +1 th hop node in the hop network, of the time period of the k +1 th network parameter hop in the whole network.
And 6, the master controller returns the weighted average of the network delay time window in the step 5 to a kth credible device corresponding to the reported time period of the kth network parameter hopping, namely a kth hopping node of the hopping network, and the kth hopping node in the whole network is issued to the hopping control module.
As in fig. 2, assume that there is a network node N1,N2,N3,N4,N5The time period of the jumping of the nodes is 20s, and the average value of the network delay of the nodes is 50 ms; in N110000 data packets are continuously transmitted to N within 20s from a certain time5At N without network delay510000 packets may be received. But actually, network delay exists, 9860 packets can be received by selecting the multi-node network delay time window method of the invention through tests, and the average packet loss rate of the data packets is only 1.4%. 9360 packets can be received using the general time window method. The average packet loss rate of the data packets is 6.4%. Compared with the performance of a general time window method, the time window in the method has the advantage that the packet loss rate error is reduced by 5%.
In this embodiment, in order to help the IT technical staff of the company or the security staff of the third-party internet security company to reduce the data packet loss by using the time window technology, the system can better obtain the service performance, resist the network attack, and realize the network security protection.
Thus providing a solution that the skilled person can implement a time window. The above embodiments are provided only for illustrating the present invention and not for limiting the present invention, and those skilled in the art can make various changes or modifications without departing from the spirit and scope of the present invention, and therefore all equivalent technical solutions are within the scope of the present invention.

Claims (5)

1. A multi-node network delay time window calculation method of a jump network is characterized in that,
the calculation method of the jump network multi-node network delay time window is calculated in a credible environment, and the credible system provides the credible environment;
the trusted system comprises: the system comprises a master controller and a plurality of trusted devices;
the master controller is sequentially connected with the network node where each trusted device is located; the trusted device is embedded in each hop node in the network;
the method for calculating the delay time window of the multi-node network comprises the following specific steps:
step 1: the master controller sets the time period of network parameter hopping in the hopping network and the network parameter set of the hopping network nodes; the trusted device sets the length of a data packet reading observation window; reading a plurality of data packets by each trusted device through a time window algorithm in combination with a read data packet observation window corresponding to each network parameter hopping time period within a time period corresponding to each network parameter hopping time period;
step 2, calculating the transmission time of each read data packet read in the read data packet observation window corresponding to the time period of network parameter hopping, and calculating the accumulation of the transmission time of the read data packet read in the read data packet observation window corresponding to the time period of network parameter hopping according to the transmission time;
step 3, calculating the route hop count of each data packet read in by the read data packet observation window corresponding to the time period of network parameter hopping, and calculating the accumulation of the route hop counts of all data packets read in by the read data packet observation window corresponding to the time period of network parameter hopping according to the route hop count;
step 4, calculating the average value of the network delay time window of each credible device corresponding to the time period of each network parameter jumping according to the accumulation of the transmission time and the accumulation of the routing jumping number;
step 5, the master controller obtains the sum of the average value of the network delay time window fed back by each credible device, namely the jump node in the jump network, corresponding to the time period of each network parameter jump and the route jump number fed back by each credible device, namely the jump node in the jump network, corresponding to the time period of each network parameter jump, and calculates the weighted average of the network delay time window according to the sum result;
and 6, the master controller distributes the weighted average of the network delay time window to the jump control module in the current time period.
2. The method according to claim 1, wherein the time period for network parameter hopping in the hopping network in step 1 is: t;
the network parameter set of the hopping network node in the step 1 is as follows:
P={v1,v2,...,vn},
where P represents a set of network parameters of a hop network node, v1,v2,...,vnIs a network parameter;
the window length of the observation window for reading the data packet in the step 1 is as follows: l;
0≤L≤T-0.1;
step 1, the time period corresponding to the time period of each network parameter jump is defined as:
[time0+T*(k-1),time0+T*k],k∈[1,K]
wherein, time0+ T (K-1) represents the starting time of the time period of the kth network parameter jump, time0+ T K represents the ending time of the time period of the kth network parameter jump, and K represents the number of the total time period of the network parameter jump;
step 1, the observation window of the read data packet corresponding to the time period of each network parameter jump is defined as:
Sk=[time_startk,time_endk],k∈[1,K]
L=time_endk-time_startk
wherein, time _ startkThe start time, time _ end, of the corresponding read packet observation window representing the time period of the kth network parameter hopkThe end time of a corresponding read data packet observation window representing the time period of the kth network parameter hopping, L representing the window length of the read data packet observation window, and K representing the total time period number of the network parameter hopping;
step 1, the number of data packets read in a window for reading a data packet observation window corresponding to the time period of each network parameter jump of each trusted device is as follows:
datak={numk,1,numk,2,...numk,N}
wherein, the datakSet of number of packets, num, read in of corresponding read packet observation windows indicating time period of kth network parameter jumpk,1,numk,2,...numk,NAnd the data packet is read in by a corresponding read data packet observation window which represents the time period of the kth network parameter jump.
3. The method according to claim 2, wherein the step 2 of calculating the transmission time of each data packet read in the read data packet observation window corresponding to the time period of network parameter hopping specifically comprises:
dk,j,l=startk,j,l-endk,j,l
dk,j,l,k∈[1,K],j∈[1,N],l∈[1,datak]
wherein d isk,j,lThe transmission time and the start of the ith data packet read by the jth credible device of the jth data packet observation window which represents the time period of the kth network parameter jumpk,j,lCorrespondence of time periods representing k-th network parameter transitionsThe transmission time, end, of the first data packet read in by the jth trusted device reading the data packet observation windowk,j,lThe receiving time of the ith data packet read by the jth trusted device reading the data packet observation window corresponding to the time period of the kth network parameter hopping is represented, K represents the total time period number of the network parameter hopping, and N represents the number of hopping nodes in the hopping network;
the startk,j,lThe specific acquisition mode is as follows:
reading the parameter of the ith data packet of the jth trusted device, namely the jth jump node in the jump network, of the network delay time window corresponding to the time period of the kth network parameter jump, wherein the parameter represents the sending time of the data packet and is marked as startk,j,lThe start is obtained from the echo value of the timestamp option for the transmission of the ith packetk,j,l
Said endk,j,lThe specific acquisition mode is as follows:
reading the parameter of the ith data packet of the jth credible equipment, namely the jth jump node in the jump network, of the network delay time window corresponding to the time period of the kth network parameter jump, wherein the parameter represents the receiving time of the data packet and is marked as endk,j,lEnd is taken from the echoed value of the received timestamp option for the ith packetk,j,l
D isk,j,lThe specific acquisition mode is as follows:
dk,j,l=startk,j,l-endk,j,l
the sum of the transmission times of the data packets in the step 2 is expressed as the accumulated sum of the transmission times of the data packets in the data observation window, namely, at the starting time of the data packet observation window, the trusted device receives a data packet and starts to accumulate the transmission time of the data packet once, and the trusted device does not receive the data packet any more at the deadline time of the observation window; the accumulation of the transmission time of the data packets in the observation window of the data packet is equivalent to the following formula:
Figure FDA0003590999220000031
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein S isk,jThe transmission time of all read-in data packets in a corresponding read data packet observation window read by a jth trusted device of a corresponding read data packet observation window representing the time period of kth network parameter jump is accumulated, K represents the number of total time periods of network parameter jump, N represents the number of jump nodes in a jump network, numk,jAnd the number of the read-in data packets of the corresponding read data packet observation window representing the time period of the kth network parameter jump.
4. The method according to claim 3, wherein the calculating the route hop count of each data packet read in by the read data packet observation window corresponding to the time period of network parameter hopping in step 3 specifically comprises:
based on the IP data packet format and the application layer transmission protocol, reading the value of an option field corresponding to the routing hop count of the read data packet in the IP data packet message header of the jth credible device of the read data packet observation window corresponding to the time period of the kth network parameter hop, namely the jth hop node in the hop network, and recording the value as:
mk,j,l,l∈{numk,1,numk,2,...numk,N},k∈[1,K],j∈[1,N]
wherein m isk,j,lThe routing hop count of the ith data packet of the jth trusted device, namely the jth hop node in the hop network, of the read data packet observation window corresponding to the time period of the kth network parameter hop;
the cumulative number of route hops of all data packets in the data packet observation window corresponding to the jth trusted device reading the data packet observation window corresponding to the time period of the kth network parameter hopping, that is, the jth hopping node in the hopping network, is recorded as:
Figure FDA0003590999220000041
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein the content of the first and second substances,
Figure FDA0003590999220000042
accumulating the routing hop counts of all data packets in a data packet observation window corresponding to a jth credible device, namely a jth hop node in a hop network, which reads the data packet observation window corresponding to the kth network parameter hop time period;
step 4, calculating the mean value of the network delay time window of each credible device corresponding to the time period of each network parameter jump
Figure FDA0003590999220000043
The method specifically comprises the following steps:
Figure FDA0003590999220000051
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein the content of the first and second substances,
Figure FDA0003590999220000052
and averaging the network delay time windows of the data packets read in the corresponding read data packet observation window by the jth trusted device of the corresponding read data packet observation window representing the time period of the kth network parameter jump.
5. The method according to claim 4, wherein the master controller in step 5 obtains the average value of the network delay time windows fed back by each trusted device, i.e. the hop nodes in the hop network, corresponding to the time period of each network parameter hop, and each network parameterSummarizing the route hop numbers fed back by each credible device corresponding to the hop time period, namely the hop nodes in the hop network, and calculating the weighted average of the network delay time window according to the summarized result
Figure FDA0003590999220000053
The method specifically comprises the following steps:
Figure FDA0003590999220000054
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
Figure FDA0003590999220000055
representing a weighted average of network delay time windows of a (j + 1) th trusted device corresponding to a time period of the (k + 1) th network parameter hopping, namely a hop node of the (j + 1) th hop network;
the weighting of the network delay time window of the trusted device in the time period of network parameter hopping, that is, the hopping node in the hopping network in step 5, specifically includes:
Figure FDA0003590999220000056
k∈[1,K],j∈[1,N],l∈{numk,1,numk,2,...numk,N}
wherein, thetak,j,lWeighting the network delay time window of the j +1 th trusted device in the time period of the k +1 th network parameter hopping of the whole network, namely the j +1 th hopping node in the hopping network; the master controller will use the said step 5
Figure FDA0003590999220000057
And returning to the corresponding kth trusted device in the time period of the kth network parameter hopping, namely the kth hopping node of the hopping network.
CN202110776695.2A 2021-07-09 2021-07-09 Multi-node network delay time window calculation method for hopping network Active CN113595769B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110776695.2A CN113595769B (en) 2021-07-09 2021-07-09 Multi-node network delay time window calculation method for hopping network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110776695.2A CN113595769B (en) 2021-07-09 2021-07-09 Multi-node network delay time window calculation method for hopping network

Publications (2)

Publication Number Publication Date
CN113595769A CN113595769A (en) 2021-11-02
CN113595769B true CN113595769B (en) 2022-06-07

Family

ID=78246632

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110776695.2A Active CN113595769B (en) 2021-07-09 2021-07-09 Multi-node network delay time window calculation method for hopping network

Country Status (1)

Country Link
CN (1) CN113595769B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108540461A (en) * 2018-03-26 2018-09-14 河南工程学院 A kind of addresses IPv6 saltus step active defense method based on sliding time window
CN110198270A (en) * 2019-05-10 2019-09-03 华中科技大学 A kind of active defense method in SDN network based on path and IP address jump

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3294014B1 (en) * 2016-09-08 2019-12-18 ADVA Optical Networking SE A method for scheduling a transmission of packets within a network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108540461A (en) * 2018-03-26 2018-09-14 河南工程学院 A kind of addresses IPv6 saltus step active defense method based on sliding time window
CN110198270A (en) * 2019-05-10 2019-09-03 华中科技大学 A kind of active defense method in SDN network based on path and IP address jump

Also Published As

Publication number Publication date
CN113595769A (en) 2021-11-02

Similar Documents

Publication Publication Date Title
Siaterlis et al. Towards multisensor data fusion for DoS detection
EP3817298A1 (en) Data message detection method, device and system
US7266754B2 (en) Detecting network denial of service attacks
US7426634B2 (en) Method and apparatus for rate based denial of service attack detection and prevention
EP1774716B1 (en) Inline intrusion detection using a single physical port
CN108737447B (en) User datagram protocol flow filtering method, device, server and storage medium
Talpade et al. NOMAD: Traffic-based network monitoring framework for anomaly detection
US20070201474A1 (en) Device for protection against illegal communications and network system thereof
US7043756B2 (en) Method and apparatus for detecting denial-of-service attacks using kernel execution profiles
CN113194504B (en) Method and system for optimizing transmission protocol based on multiplex detection and opposite-end remote measurement
Lu et al. A novel path‐based approach for single‐packet IP traceback
CN113595769B (en) Multi-node network delay time window calculation method for hopping network
Nur et al. Single packet AS traceback against DoS attacks
Mazloum et al. A survey on rerouting techniques with P4 programmable data plane switches
Desai et al. Packet forwarding misbehavior detection in next-generation networks
KR20220014796A (en) System and Method for Identifying Compromised Electronic Controller Using Intentionally Induced Error
KR100643215B1 (en) Analyzing system for network device
Kim et al. How to make content centric network (CCN) more robust against DoS/DDoS attack
CN116366367A (en) DDoS attack detection method and device based on PCUSUM algorithm
Xie et al. Host-based Flow Table Size Inference in Multi-hop SDN
JP6746541B2 (en) Transfer system, information processing device, transfer method, and information processing method
Wang et al. C3P: a cooperant congestion control protocol in high bandwidth-delay product networks
Lin et al. Adaptive CUSUM for anomaly detection and its application to detect shared congestion
Ruddle A location information server for the internet
Mazálek et al. Optimization of the Low-Speed Network Performance for Voice Services

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant