Toggle navigation
Home
About
About Journal
Historical Evolution
Indexed In
Awards
Reference Index
Editorial Board
Journal Online
Archive
Project Articles
Most Download Articles
Most Read Articles
Instruction
Contribution Column
Author Guidelines
Template
FAQ
Copyright Agreement
Expenses
Academic Integrity
Contact
Contact Us
Location Map
Subscription
Advertisement
中文
Journals
Publication Years
Keywords
Search within results
(((LIN Senjie[Author]) AND 1[Journal]) AND year[Order])
AND
OR
NOT
Title
Author
Institution
Keyword
Abstract
PACS
DOI
Please wait a minute...
For Selected:
Download Citations
EndNote
Ris
BibTeX
Toggle Thumbnails
Select
Compression method based on bit extraction of independent rule sets for packet classification
WANG Xiaolong, LIU Qinrang, LIN Senjie, Huang Yajing
Journal of Computer Applications 2018, 38 (
8
): 2375-2380. DOI:
10.11772/j.issn.1001-9081.2018010069
Abstract
(
504
)
PDF
(940KB)(
304
)
Knowledge map
Save
The continuous expansion in scale of multi-field entries and the growing increase in bit-width bring heavy storage pressure in hardware on the Internet. In order to solve this problem, a compression method based on Bit Extraction of Independent rule Subsets (BEIS) was proposed. Firstly, some fields were merged based on the logical relationships among multiple match fields, thus reducing the number of match fields and the width of flow tables. Secondly, with the division of independent rule subsets for the merged rule set, some differentiate bits in the divided subsets were extracted to achieve the matching and searching function, further reducing the used Ternary Content Addressable Memory (TCAM) space. Finally, the lookup hardware architecture of this method was put forward. Simulation results show that, with certain time complexity, the storage space of the proposed method can be reduced by 20% compared with Field Trimmer (FT) in OpenFlow flow table; in addition, for common packet classification rule sets such as access control list and firewall in practical application, the compression ratio of 20%-40% can be achieved.
Reference
|
Related Articles
|
Metrics
Select
Load-aware dynamic scheduling mechanism based on security strategies
GU Zeyu, ZHANG Xingming, LIN Senjie
Journal of Computer Applications 2017, 37 (
11
): 3304-3310. DOI:
10.11772/j.issn.1001-9081.2017.11.3304
Abstract
(
575
)
PDF
(1196KB)(
458
)
Knowledge map
Save
Concerning the flow rule tampering attacks and other single point vulnerability threats towards Software Defined Network (SDN) controller, traditional security solutions such as backup and fault-tolerant mechanisms which are based on passive defense defects, cannot fundamentally solve the control layer security issues. Combined with the current moving target defense and cyberspace mimic defense, a dynamic security scheduling mechanism based on heterogeneous redundant structure was proposed. A controller scheduling model was established in which the dynamic scheduling strategy was designed based on security principle combined with attack exception and heterogeneity. By considering the system load, the scheduling problem was transformed into a dynamic two-objective optimization problem by LA-SSA (Load-Aware Security Scheduling Algorithm) to achieve an optimal scheduling scheme. Simulation results show that compared with static structure, the dynamic scheduling mechanism has obvious advantages in cumulative number of exceptions and output safety rate, and the dynamic and diversity in the security scheduling mechanism can significantly improve the system's ability to resist attacks.The load variance of LA-SSA is more stable than that of safety priority scheduling, and the security imbalance is avoided, and the effectiveness of the security scheduling mechanism is verified.
Reference
|
Related Articles
|
Metrics