摘要
提出基于MPI堡垒主机防火墙的可疑IP预警系统.系统防火墙规则集合划分为子集形式,各个子集相互独立,动态调整规则库,运行并行任务,实现安全报警机制和并行实现检测过程;能够快速、准确的对可疑IP进行跟踪和预警,采用针对网络地址转换的内部IP地址监控,更加有效地填补防火墙对内防范的不足.实验结果显示,并行防御策略具有较大的优势,能够实现优化防火墙整体防御性能.
The system of a warning method for suspicious IP with MPI and bastion host firewall is presented.The firewall rule set of this system is divided into the form of subsets.Each subset is independent of each other.It dynamically adjusts the rule database,runs parallel tasks to realize the security alarm mechanism,and parallelly implements the checking process.It can track and warn suspicious IP quickly and accurately.It monitors the IP address of internal network with NAT.The method can more effectively fill the firewall inadequacy of inner prevention.The experimental results show that the parallel defense strategy has a great advantage and can optimize the overall defense performance of firewall.
作者
宋大华
李喆
刘碧纯
SONG Dahua;LI Zhe;LIU Bichun(Center of Educational Technology and Information,Mudanjiang Medical University,Mudanjiang 157011,China;College of Computer Science and Techology,Harbin University of Scienceand Technology,Harbin 150080,China)
出处
《牡丹江师范学院学报(自然科学版)》
2020年第2期12-17,共6页
Journal of Mudanjiang Normal University:Natural Sciences Edition
基金
黑龙江省自然科学基金项目(F201304)
黑龙江省省属高等学校基本科研业务费科研项目(2018-KYYWFMY-0093)。
关键词
MPI
防火墙
堡垒主机
并行计算
Message Passing Interface
firewall
bastion host
parallel computing