域间路由安全实时监测系统的设计与实现
|
摘要
域间路由系统是Internet的基础设施和网络的关键支撑。然而,由于其自身的脆弱性而存在许多安全方面的问题。业界目前开展的工作主要集中在域间路由系统的三个平面:管理平面、控制平面与转发平面。我们深入分析了当前关于域间路由安全的研究工作,认为由于S-BGP等新型域间路由协议的部署存在重重障碍,要基于现有网络设备确保域间路由系统的健康,管理平面的域间路由监测是非常实际和真正能够发挥效用的技术途径。
本文从域间路由监测的角度出发,基于路由异常行为规则库和流量模式设计并实现了一个域间路由安全实时监测系统。我们主要开展了以下工作:
1、研究域间路由安全问题,考察已发生的域间路由安全事件,分析当前域间路由保护机制以及各种监测技术的不足,最后提出了一个域间路由安全实时监测系统模型;
2、设计了两个检测算法,基于学习的异常流量行为检测算法和基于规则库的异常路由行为检测算法。算法对整个系统的设计起到了指导意义,使得系统对异常的检测在保证准确性的同时也具备了良好的实时性和可扩展性;
3、实现了一个基于流量模式和异常路由判定规则的域间路由安全实时监测系统BGP-Censor。系统不仅具有单个监测点独立监测的能力,而且具备了基于多视图的分布式监测的能力,采用视图共享的方式,分析从各个报文采集点收集的BGP表,使得系统能够发现基于复杂拓扑结构的路由异常;
4、为了对BGP-Censor的功能进行验证和系统调测,我们开发了一系列域间路由测试工具。利用这些工具我们进行了一些BGP-Censor的系统实验;
5、基于IPv6特色安全问题,我们扩展了BGP-Censor对IPv6的支持,进一步增强了系统的能力。
Inter-domain routing system is critical part of the global communications infrastructure. However as a key part of the Internet, inter-domain routing system has severe healthy problems because of its own frangibility.
After analyzing current issues and researches about the security of inter-domain routing deeply, we conclude that the problem should be studied at three levels of inter-domain routing system, which are management plane, control plane and forwarding plane. Since the deployment of the new inter-domain routing protocol, e.g. S-BGP, is confronted with many obstacles, monitoring is an effectinve and pratical method to ensure the healthy inter-domain routing system base on the current network devices. The main contributions are follows:
1. Research about security problem of Inter-domain route. We design a real-time security monitoring system which has real-time ability to detect anomaly of traffic and illegal route after reviewing security accident of Inter-domain route, analyzing the protection of Inter-domain route and deficiencies of existent monitoring systems.
2. Design two detect arithmetics. Detection for anomalous traffic behavior base on learning and anomaly route base on ruler date-base. Design of whole system under the direction of arithmetics before.
3. Implementation of Real-Time Security Monitoring System. We call the system Packet-Censor. It is proved that Packet-Censor has ability of traffic pattern monitoring and anomalous routes monitoring. To detect latent anomalous routes system uses view-sharing to analyze BGP-Table collected from monitors. This method gives system ability to detect anomalous routes base on more complex topology.
4. We design and implement a series of initiative testing tools for test and experiment of system.
5. Extend system ability to support inter-domain monitoring under IPv6.
本文从域间路由监测的角度出发,基于路由异常行为规则库和流量模式设计并实现了一个域间路由安全实时监测系统。我们主要开展了以下工作:
1、研究域间路由安全问题,考察已发生的域间路由安全事件,分析当前域间路由保护机制以及各种监测技术的不足,最后提出了一个域间路由安全实时监测系统模型;
2、设计了两个检测算法,基于学习的异常流量行为检测算法和基于规则库的异常路由行为检测算法。算法对整个系统的设计起到了指导意义,使得系统对异常的检测在保证准确性的同时也具备了良好的实时性和可扩展性;
3、实现了一个基于流量模式和异常路由判定规则的域间路由安全实时监测系统BGP-Censor。系统不仅具有单个监测点独立监测的能力,而且具备了基于多视图的分布式监测的能力,采用视图共享的方式,分析从各个报文采集点收集的BGP表,使得系统能够发现基于复杂拓扑结构的路由异常;
4、为了对BGP-Censor的功能进行验证和系统调测,我们开发了一系列域间路由测试工具。利用这些工具我们进行了一些BGP-Censor的系统实验;
5、基于IPv6特色安全问题,我们扩展了BGP-Censor对IPv6的支持,进一步增强了系统的能力。
Inter-domain routing system is critical part of the global communications infrastructure. However as a key part of the Internet, inter-domain routing system has severe healthy problems because of its own frangibility.
After analyzing current issues and researches about the security of inter-domain routing deeply, we conclude that the problem should be studied at three levels of inter-domain routing system, which are management plane, control plane and forwarding plane. Since the deployment of the new inter-domain routing protocol, e.g. S-BGP, is confronted with many obstacles, monitoring is an effectinve and pratical method to ensure the healthy inter-domain routing system base on the current network devices. The main contributions are follows:
1. Research about security problem of Inter-domain route. We design a real-time security monitoring system which has real-time ability to detect anomaly of traffic and illegal route after reviewing security accident of Inter-domain route, analyzing the protection of Inter-domain route and deficiencies of existent monitoring systems.
2. Design two detect arithmetics. Detection for anomalous traffic behavior base on learning and anomaly route base on ruler date-base. Design of whole system under the direction of arithmetics before.
3. Implementation of Real-Time Security Monitoring System. We call the system Packet-Censor. It is proved that Packet-Censor has ability of traffic pattern monitoring and anomalous routes monitoring. To detect latent anomalous routes system uses view-sharing to analyze BGP-Table collected from monitors. This method gives system ability to detect anomalous routes base on more complex topology.
4. We design and implement a series of initiative testing tools for test and experiment of system.
5. Extend system ability to support inter-domain monitoring under IPv6.
引文
[1] Y. Rekhter and T. Li. A Border Gateway Protocol. RFC 1771 (BGP version 4), 1995.
[2] S.A. Misel. Wow, AS70071 NANOG mail archives.
[3] http://www.merit.edu/mail.archives/nanog/1997-04/msg00340.html.
[4] J. Cowie, A. Ogielski, B. Premore, and Y. Yuan. Global Routing Instabilities during Code Red Ⅱ and Nimda Worm Propagation.
[5] http://www.renesys.com/projects/bgp_instability.
[6] M. Liljenstam, et al. BGP instabilities and worms: Data to models. 2002.
[7] IRPAS-Internetwork routing Protocol Attack Suite. http://www.phenoelit.de/irpas/.
[8] Barry Raveendran Greene. BGPv4 Security Risk Assessment. http://www.cisco.com/public/cons/isp/essentials/, June 11, 2002.
[9] Y. Rekhter, et al. Multiprotocol Extensions for BGP-4. RFC 2858, June 2000.
[10] A. Heffernan. Protection of BGP Sessions via the TCP MD5 Signature Option. RFC2385, August 1998.
[11] V. Gill, et al. The BGP TTL Security Hack (BTSH). draft-gill-btsh-01. txt, December 2002.
[12] URL ftp://ftp-eng.cisco.com/sobgp/index.htm.
[13] Meeting Notes from S-BGP Oregon Workshop. http://www.net-tech.bbn.com/sbgp/021030.OregonWorkshopNotes.html, October 2002.
[14] Ng James. Extensions to BGP to Support Secure Origin BGP (soBGP). draft-ng-sobgp-bgp-extensions-01. txt, November 2002.
[15] J. De Clercq, et al. Connecting IPv6 Islands across IPv4 Clouds with BGP. draft-ooms-v6ops-bgp-tunnel-00. txt, October 2002.
[16] T. Senvirathne. Identification of IPv6 Routes that need Tunneling-Use of BGP Extended Community Attribute. Draft-tsenevir-ipv6-bgp-tun-00.txt, June 2002.
[17] James Cowie, Andy T. Ogielski, BJ Premore, Internet worms and global routing ins-tabilites February 2003.
[18] Draft-ietf-ptomaine-nopeer-02. txt, February 2003.
[19] N. Spring, R. Mahajan, D. Wetherall, Measuring ISP Topologies with Rocketfuel, SIGCOMM, 2002.
[20] Zhuoqing, Morley Mao, Jennifer Rexford, Jia Wang, Randy H. Katz, Towards an Accurate AS-Level Traceroute Tool, SIGCOMM, 2003.
[21] R. Siamwalla, R. Sharma, S. Keshav. Discovering Internet Topology, IEEE INFOCOM, 1999.
[22] H. Chang, R. Govindan, S. Jamin, S. Shenker, W. Willinger, Towards Capturing Representative AS-level Internet Topologies, ACM, 2002.
[23] D. Meyer. RouteViews Project. http://www.routeviews.org/.
[24] http://archive.routeviews.org/oix-route-views/.
[25] RIPE RIS project. URL http://data.ris.ripe.net.
[26] Cernet bgp view project. URL http://bgpview.6test.edu.cn.[27] 徐恪,熊勇强,吴建平。边界网关协议BGP-4的安全扩展。电子学报。2002年2月。第2期。Pp271-273.
[28] Kruegel C, Mutz D, Robertson S, et al. Topology-based detection of anomalous BGP messages[A]. In 6th Symposium on Recent Advances in Intrusion Detection (RAID) [C].USA, September 2003. 17-35.
[29] RENESYS Corp.Real Time Monitoring of Global Internet Routing [EB/OL]. http://www.renesys.com/services.html.
[30] Chang H, Govindan R, Jamin S, et al. On Inferring AS-Level Connectivity from BGP Routing Tables[R]. Tech. Rep. UM-CSE-TR-454-02, University of Michigan, 2002.
[31] Ruiz-Sanchez, M.A.Biersack, E.W. Dabbous, W. Survey and taxonomy of IP address lookup algorithms 2001.
[32] ZHU P D, LIU X. An Efficient Algorithm to Infer the Internet Hierarchy [A]. Advances on Computer Architecture, ACA'04[C]. Jinan, August 2004. 358-361.
[33] L. GAO. On inferring autonomous system relationships in the Internet.[J]. IEEE/ACM Transactions on Networking, vol. 9, no. 6. Dec, 2000. 733-745.
[34] BATTISTA G, PATRIGNANI M, and PIZZONIA M. Computing the types of the relationships between autonomous systems [A]. Proceedings of IEEE Infocom[C]. California, USA, 2003.
[35] R.Mahajan, et al. Understanding BGP Misconfiguration. ACM SIGCOMM' 2002.
[36] Winpcap project,http://www.polito.it.
[37] JUNOS Strict ISP Prefix Filter Template.
[38] Wang and L. Gao, Inferring and Characterizing Internet Routing Policies, ACM SIGCOMM Internet Measurement Conference, 2003.
[39] G. Huston, IPv4-How long have we got? The ISP Column, July 2003.
[40] H. Kong. The Consistency Verification of Zebra BGP Data Collection, RIPE, 2003.
[41] R. Bush, T. Griffin, etc. Route Flap Damping: Harmful? NANOG 25. October 2002.
[42] G. Huston. BGP '01: An Examination of the Internet's BGP Table Behaviour in 2001, Telstra. Presentation to Internet2 Joint Techs Workshop, January 2002.
[43] Q. Chen, H. Chang, R. Govindan, S. Jamin, S. Shenker, W Willinger. The Origin of Power Laws in Internet Topologies Revisited, to appear in Proceedings of IEEE Infocom 2002, New York, June 23-27, 2002.
[44] A. Broido, kc claffy. Analysis of RouteViews BGP data: policy atoms, Cooperative Association for Internet Data Analysis - CAIDA, San Diego Supercomputer Center, University of California, San Diego. Proceedings of network-related data management (NRDM) workshop Santa Barbara, May 2001.
[45] H. Tangmunarunkit, R. Govindan, S. Shenker, D. Estrin. The Impact of Routing Policy on Internet Paths. 2001.
[46] Zebra project,http://www.zebra.org.
[47] G Huston, Interconnection, peering and settlements. In Proceedings of the 9th Annual Conference on the Internet Society, 1999.
[48] C. Alaettinoglu, Scalable router configuration for the Internet. In Proc. IEEE IC3N,??October 1996.
[49] Norton, W.B. (2000). Internet service providers and peering. Available on request from: http://www.equinix,com/press/whtppr.htm.
[50] A. Broido, E. Nemeth, and K. Claffy. Internet expansion, refinement and chum. European Transactions on Telecommunications, January 2002.
[51] Public route server and looking glass list. http://www.traceroute.org/.
[52] Geoff Huston. Analyzing the Internet's BGP Routing Table. The Internet Protocol Journal, vol. 4, Mar 2001.
[53] http://www.telstra.net/gih/papers/ipj/4-1-bgp.pdf.
[54] B. Huffaker, A. Broido, k. claffy, M. Fomenkov, K. Keys, E. Lagache, and D. Moore, Skitter AS Internet Graph. Oct 2000.
[55] http://www.caida.org/analysis/topology/as_core_network/.
[56] Y. Rekhter, B. Moskowitz, D. Karrenberg, G. J. de Groot, and E. Lear, Address Allocation for Private Internets, RFC1918. February 1996.
[57] H. Tangmunarunkit, et al. Does AS size determine degree in AS topology? ACM Computer Communication Review, 2001.
[58] H. Tangmunanmkit, R. Govindan, and S. Shenker. Internet path inflation due to policy routing. In SPIE ITCom, 2001.
[59] L. Subramanian, V. N. Padmanabhan, and R. H. Katz. Geographic properties of Internet routing. In USENIX Annual Technical Conference, 2002.
[60] V. Paxson. End-to-end routing behavior in the Internet. In ACM SIGCOMM, 1997.
[61] K. Moore, RFC 3056 - Connection of IPv6 Domains via IPv4 Clouds, 2001.
[62] P. Savola, C. Patel, RFC 3964 on Security Considerations for 6to4, 2004.
[63] Internic Directory Services, January 1998.
[64] C. Labovitz, A. Ahuja, R. Wattenhofer, S. Venkatachary. The Impact of Internet Policy and Topology on Delayed Routing Convergence. Proc. of INFOCOM 2001.
[65] 候俊杰,深入浅出MFC, 2001.
[66] R. Govindan, C. Alaettinoglu, G. Eddy, D. Kessens, S. Kumar, and W. Lee. An architecture for stable, analyzable Internet routing. IEEE Network Magazine, January-Feburary 1999.
[67] C. Labovitz, A. Ahuja, A. Abose, and F. Jahanian, An experimental study of delayed internet routing convergence. Stockholm, Sweden, Aug. 2000.
[68] http://www.acm.org/sigcomm/sigcomm2000/conf/paper/sigcomm2000-5-2.pdf
[69] L. GAO and J. Rexford, Stable internet routing without global coordination. In Proceedings of ACM/SIGMETRICS, 2000, pp. 307-317.
[70] http://citeseer.nj.nec.com/gao00stable.html.
[71] L. GAO, T. G. Griffin, and J. Rexford. Inherently Safe Backup Routing with BGP. In Proc. IEEE INFOCOM 2001, 1: 547-556, April 2001.
[72] 白建军,核心路由器边界网关协议BGP-4实现技术的研究.国防科技大学计算机学院硕士学位论文.2002年.
[73] 刘欣,基于BGP路由表的域间路由监测.国防科技大学计算机学院硕士学位论文.??2004年.
[74] 黄道颖,黄建华,庄雷。基于主动网络的分布式P2P网络模型 软件学报2003年.
[75] Terry Slattery著,苏金树等译.Cisco网络高级IP路由技术.机械工业出版社.1999年6月.
[2] S.A. Misel. Wow, AS70071 NANOG mail archives.
[3] http://www.merit.edu/mail.archives/nanog/1997-04/msg00340.html.
[4] J. Cowie, A. Ogielski, B. Premore, and Y. Yuan. Global Routing Instabilities during Code Red Ⅱ and Nimda Worm Propagation.
[5] http://www.renesys.com/projects/bgp_instability.
[6] M. Liljenstam, et al. BGP instabilities and worms: Data to models. 2002.
[7] IRPAS-Internetwork routing Protocol Attack Suite. http://www.phenoelit.de/irpas/.
[8] Barry Raveendran Greene. BGPv4 Security Risk Assessment. http://www.cisco.com/public/cons/isp/essentials/, June 11, 2002.
[9] Y. Rekhter, et al. Multiprotocol Extensions for BGP-4. RFC 2858, June 2000.
[10] A. Heffernan. Protection of BGP Sessions via the TCP MD5 Signature Option. RFC2385, August 1998.
[11] V. Gill, et al. The BGP TTL Security Hack (BTSH). draft-gill-btsh-01. txt, December 2002.
[12] URL ftp://ftp-eng.cisco.com/sobgp/index.htm.
[13] Meeting Notes from S-BGP Oregon Workshop. http://www.net-tech.bbn.com/sbgp/021030.OregonWorkshopNotes.html, October 2002.
[14] Ng James. Extensions to BGP to Support Secure Origin BGP (soBGP). draft-ng-sobgp-bgp-extensions-01. txt, November 2002.
[15] J. De Clercq, et al. Connecting IPv6 Islands across IPv4 Clouds with BGP. draft-ooms-v6ops-bgp-tunnel-00. txt, October 2002.
[16] T. Senvirathne. Identification of IPv6 Routes that need Tunneling-Use of BGP Extended Community Attribute. Draft-tsenevir-ipv6-bgp-tun-00.txt, June 2002.
[17] James Cowie, Andy T. Ogielski, BJ Premore, Internet worms and global routing ins-tabilites February 2003.
[18] Draft-ietf-ptomaine-nopeer-02. txt, February 2003.
[19] N. Spring, R. Mahajan, D. Wetherall, Measuring ISP Topologies with Rocketfuel, SIGCOMM, 2002.
[20] Zhuoqing, Morley Mao, Jennifer Rexford, Jia Wang, Randy H. Katz, Towards an Accurate AS-Level Traceroute Tool, SIGCOMM, 2003.
[21] R. Siamwalla, R. Sharma, S. Keshav. Discovering Internet Topology, IEEE INFOCOM, 1999.
[22] H. Chang, R. Govindan, S. Jamin, S. Shenker, W. Willinger, Towards Capturing Representative AS-level Internet Topologies, ACM, 2002.
[23] D. Meyer. RouteViews Project. http://www.routeviews.org/.
[24] http://archive.routeviews.org/oix-route-views/.
[25] RIPE RIS project. URL http://data.ris.ripe.net.
[26] Cernet bgp view project. URL http://bgpview.6test.edu.cn.[27] 徐恪,熊勇强,吴建平。边界网关协议BGP-4的安全扩展。电子学报。2002年2月。第2期。Pp271-273.
[28] Kruegel C, Mutz D, Robertson S, et al. Topology-based detection of anomalous BGP messages[A]. In 6th Symposium on Recent Advances in Intrusion Detection (RAID) [C].USA, September 2003. 17-35.
[29] RENESYS Corp.Real Time Monitoring of Global Internet Routing [EB/OL]. http://www.renesys.com/services.html.
[30] Chang H, Govindan R, Jamin S, et al. On Inferring AS-Level Connectivity from BGP Routing Tables[R]. Tech. Rep. UM-CSE-TR-454-02, University of Michigan, 2002.
[31] Ruiz-Sanchez, M.A.Biersack, E.W. Dabbous, W. Survey and taxonomy of IP address lookup algorithms 2001.
[32] ZHU P D, LIU X. An Efficient Algorithm to Infer the Internet Hierarchy [A]. Advances on Computer Architecture, ACA'04[C]. Jinan, August 2004. 358-361.
[33] L. GAO. On inferring autonomous system relationships in the Internet.[J]. IEEE/ACM Transactions on Networking, vol. 9, no. 6. Dec, 2000. 733-745.
[34] BATTISTA G, PATRIGNANI M, and PIZZONIA M. Computing the types of the relationships between autonomous systems [A]. Proceedings of IEEE Infocom[C]. California, USA, 2003.
[35] R.Mahajan, et al. Understanding BGP Misconfiguration. ACM SIGCOMM' 2002.
[36] Winpcap project,http://www.polito.it.
[37] JUNOS Strict ISP Prefix Filter Template.
[38] Wang and L. Gao, Inferring and Characterizing Internet Routing Policies, ACM SIGCOMM Internet Measurement Conference, 2003.
[39] G. Huston, IPv4-How long have we got? The ISP Column, July 2003.
[40] H. Kong. The Consistency Verification of Zebra BGP Data Collection, RIPE, 2003.
[41] R. Bush, T. Griffin, etc. Route Flap Damping: Harmful? NANOG 25. October 2002.
[42] G. Huston. BGP '01: An Examination of the Internet's BGP Table Behaviour in 2001, Telstra. Presentation to Internet2 Joint Techs Workshop, January 2002.
[43] Q. Chen, H. Chang, R. Govindan, S. Jamin, S. Shenker, W Willinger. The Origin of Power Laws in Internet Topologies Revisited, to appear in Proceedings of IEEE Infocom 2002, New York, June 23-27, 2002.
[44] A. Broido, kc claffy. Analysis of RouteViews BGP data: policy atoms, Cooperative Association for Internet Data Analysis - CAIDA, San Diego Supercomputer Center, University of California, San Diego. Proceedings of network-related data management (NRDM) workshop Santa Barbara, May 2001.
[45] H. Tangmunarunkit, R. Govindan, S. Shenker, D. Estrin. The Impact of Routing Policy on Internet Paths. 2001.
[46] Zebra project,http://www.zebra.org.
[47] G Huston, Interconnection, peering and settlements. In Proceedings of the 9th Annual Conference on the Internet Society, 1999.
[48] C. Alaettinoglu, Scalable router configuration for the Internet. In Proc. IEEE IC3N,??October 1996.
[49] Norton, W.B. (2000). Internet service providers and peering. Available on request from: http://www.equinix,com/press/whtppr.htm.
[50] A. Broido, E. Nemeth, and K. Claffy. Internet expansion, refinement and chum. European Transactions on Telecommunications, January 2002.
[51] Public route server and looking glass list. http://www.traceroute.org/.
[52] Geoff Huston. Analyzing the Internet's BGP Routing Table. The Internet Protocol Journal, vol. 4, Mar 2001.
[53] http://www.telstra.net/gih/papers/ipj/4-1-bgp.pdf.
[54] B. Huffaker, A. Broido, k. claffy, M. Fomenkov, K. Keys, E. Lagache, and D. Moore, Skitter AS Internet Graph. Oct 2000.
[55] http://www.caida.org/analysis/topology/as_core_network/.
[56] Y. Rekhter, B. Moskowitz, D. Karrenberg, G. J. de Groot, and E. Lear, Address Allocation for Private Internets, RFC1918. February 1996.
[57] H. Tangmunarunkit, et al. Does AS size determine degree in AS topology? ACM Computer Communication Review, 2001.
[58] H. Tangmunanmkit, R. Govindan, and S. Shenker. Internet path inflation due to policy routing. In SPIE ITCom, 2001.
[59] L. Subramanian, V. N. Padmanabhan, and R. H. Katz. Geographic properties of Internet routing. In USENIX Annual Technical Conference, 2002.
[60] V. Paxson. End-to-end routing behavior in the Internet. In ACM SIGCOMM, 1997.
[61] K. Moore, RFC 3056 - Connection of IPv6 Domains via IPv4 Clouds, 2001.
[62] P. Savola, C. Patel, RFC 3964 on Security Considerations for 6to4, 2004.
[63] Internic Directory Services, January 1998.
[64] C. Labovitz, A. Ahuja, R. Wattenhofer, S. Venkatachary. The Impact of Internet Policy and Topology on Delayed Routing Convergence. Proc. of INFOCOM 2001.
[65] 候俊杰,深入浅出MFC, 2001.
[66] R. Govindan, C. Alaettinoglu, G. Eddy, D. Kessens, S. Kumar, and W. Lee. An architecture for stable, analyzable Internet routing. IEEE Network Magazine, January-Feburary 1999.
[67] C. Labovitz, A. Ahuja, A. Abose, and F. Jahanian, An experimental study of delayed internet routing convergence. Stockholm, Sweden, Aug. 2000.
[68] http://www.acm.org/sigcomm/sigcomm2000/conf/paper/sigcomm2000-5-2.pdf
[69] L. GAO and J. Rexford, Stable internet routing without global coordination. In Proceedings of ACM/SIGMETRICS, 2000, pp. 307-317.
[70] http://citeseer.nj.nec.com/gao00stable.html.
[71] L. GAO, T. G. Griffin, and J. Rexford. Inherently Safe Backup Routing with BGP. In Proc. IEEE INFOCOM 2001, 1: 547-556, April 2001.
[72] 白建军,核心路由器边界网关协议BGP-4实现技术的研究.国防科技大学计算机学院硕士学位论文.2002年.
[73] 刘欣,基于BGP路由表的域间路由监测.国防科技大学计算机学院硕士学位论文.??2004年.
[74] 黄道颖,黄建华,庄雷。基于主动网络的分布式P2P网络模型 软件学报2003年.
[75] Terry Slattery著,苏金树等译.Cisco网络高级IP路由技术.机械工业出版社.1999年6月.