摘要
数字化信息的爆炸性增长推动了以光、磁介质为载体的数据存储与处理技术的研究与应用,海量数据的可靠存储与有效利用成为问题的关键。随着计算机网络的快速发展及推广应用,数据的存储模式越来越呈现出非中心化的趋势。传统的以服务器为核心的中心存储模式,数据的存储与访问高度集中,极易产生严重的I/O性能瓶颈,影响数据的有效利用,而且在系统存储容量的扩展、数据管理及防灾能力等方面均存在严重隐患。研究高性能的新型存储子系统网络应用方案十分必要。
首先,论文突破传统的C/S(客户/服务器)模式,根据数据存储从单机转向网络、从集中转向分散的趋势,设计了模块式附网存储(NAS)设备作为企业内部网络的数据存储节点。模块化的体系结构使存储设备在网络中分布灵活,即插即用,具有良好的可扩展性;基于Linux平台优化的软件系统效率高、可升级、支持多种操作平台,提高了设备在网络中的适应性;远程管理方式也使设备的管理更加方便。
其次,针对NAS设备固有的访问安全方面的弱点,论文研究了NAS设备的防护策略。通过分析NAS设备用户的文件访问行为,对文件请求进程中序列化信息的特点进行了研究,重点针对进程的调度及系统调用的实现进行深入研究,总结出文件请求时间的经验公式。在此基础上,引入生物免疫机制,提出由用户认证、文件权限和用户阶梯组成的多层免疫模型,从时间延迟方面分析了免疫模型的性能。实现了对用户访问行为的异常检测及自动免疫,在保证数据可用性的同时,提高了数据的安全性。
在上述研究的基础上,实现了具备免疫功能的NAS文件服务器,并对设备的I/O性能进行了综合评测。结果表明,在多客户并发访问时,设备具有很高的数据吞吐性能;免疫策略的实施对文件读写性能的影响低于2%。这种基于生物免疫机制的NAS设备的研究,为超大容量数据存储子系统的网络化应用提供了一种新的方案,使非中心化数据存储节点具有高性能、高可用性、可扩展、易管理等特点。
The exploded increase in volume of digital information promotes the research of storage and processing technologies for data recorded with CDs and disks. It is important for large number of data to be stored reliably and utilized effectively. With the rapid development of network, the mode of data storage presents decentralized tendency increasingly. In traditional storage mode, the server plays a role of center and highly centralizes preservation of massive data and access to them, which easily incurs the serious I/O bottleneck on the server. Moreover, scalability, manageability and survivability are not well supported in the centralized storage framework. Therefore, it is necessary to research new schemes of network application for storage subsystem.
Firstly, according to the decentralized tendency of data storage, the conventional C/S mode is broken, and modularized network-attached storage (NAS) devices are designed to act as data storage nodes in LAN of enterprises. For the modularization of structure, NAS devices are easy to be distributed and utilized in network. The optimized OS based on Linux has high efficiency and scalability, and supports multiple platforms, which improves the adaptability of devices to changes in network conditions. The manageability of devices is well supported by Web-based management manner.
Secondly, aiming at the weakness of access security in present NAS products, the defending strategy of NAS devices is researched. Through the analysis of the access behaviors of users in NAS devices, the characteristics of sequence information in processes of file requests are studied. Scheduling of processes and realization of system calls are carefully researched, and an experiential formula of time for file requests is summarized. Then, inspired by biological immune mechanisms, a multilevel immune model, composed of user authentication, access authority of file system and user stair, is presented to enhance the security of data stored in NAS devices. The performance of model
is analyzed from delay-time of processes by the experiential formula. This multilevel immune model realizes the abnormity detection and automatic immunity to users’ operations, which enhances the availability and security of data in NAS devices.
Based on the research mentioned above, a NAS file server with function of immunity is realized. The experimental results of I/O performance evaluation indicate that this NAS device has observably high throughput when multiple clients call it at the same time. Further more, the performance slowdown of file reading/writing is less than 2% after implementing of multilevel immune model. The research on biological immunity-inspired NAS devices provides a new scheme of network application for massive data storage subsystem, and makes the decentralized storage nodes have excellent performance, availability, scalability, and manageability.
引文
戎霭伦,陈强. 光数据存储的新进展. 物理,2001, 30(1): 6~17
干福熹. 高密度光数据存储技术的发展. 物理,1999, 28(6): 323~332
马斌,沈德芳,狄国庆,等. 超高密度磁存储的展望. 功能材料与器件学报,2001, 7(2): 205~210
孟泉水. 计算机硬盘磁存储密度的倍增研究. 西安公路交通大学学报,2001, 21(3): 115~117
Andrew S. Tanenbaum,et al. 计算机网络(第3版) (熊桂喜,王小虎,等译). 北京:清华大学出版社,1998
腾明华. 智能化数字技术在高速公路监控系统中的应用设计. 电脑开发与应用,2003, 16(4): 38~39
沈小庆,王珏,盛炳义. 医院制剂质量管理计算机网络的构建与应用. 中国医院医学杂志,2002, 22(8): 497~498
李孜,武建伟,张灵玲. 图书管理计算机网络系统集成方案及实施. 洛阳工业高等专科学校学报,2003, 13(2): 21~22
姜楚江. 政府计算机网络组建探讨. 信息化建设,1999, (9): 26~28
林卓然. 建立家庭网络. 现代计算机,2000, (1): 6~10
A. King, R. Hunt. Protocols and architecture for managing TCP/IP network infrastructures. Computer Communications, 2000, 23(16): 1558~1572
Neogi A, Raniwala A, Chiueh TC. Phoenix: A low-power fault-tolerant real-time network-attached storage device. In: Proceedings of the ACM International Multimedia Conference & Exhibition. ORLAND, FLORIDA: ASSOC COMPUTING MACHINERY, 1999. 447~456
Van Meter R, Hotz S, Finn GG. Task force on network storage architecture: Internet -attached storage devices. In: ElRewini H, Patt YN, eds. Proceedings of the annual Hawaii International Conference on System Sciences. WAILEA, HAWAII: IEEE, COMPUTER SOC PRESS, 10662 LOS VAQUEROS CIRCLE, LOS ALAMITOS, CA 90720 USA, 1997. 726~726
谭志虎,裴先登,谢长生,等. 附网存储—— 一种新的网络存储方案. 电子计算机与外设,1999, 23(1): 3~6
韩德志,钟铭. 附网存储服务器安全系统的设计与实现. 计算机应用研究,2001, (3): 40~44
罗东健,谢长生,王峻. 附网存储设备的安全机制. 电子计算机与外部设备,2000, 24(3): 10~12
韩德志,詹玲,万继光. 分布式的附网存储系统的设计与实现. 计算机应用,2001, 21(3): 28~30
Reed BC, Chron EG, Burns RC, et al. Authenticating network-attached storage. IEEE Micro, 2000, 20(1): 49~57
Hyer Robert, Ruef Rich, Watson Richard W. High-performance data transfers using network-attached peripherals at the National Storage Laboratory. Digest of Papers - IEEE Symposium on Mass Storage Systems, 1993. 275~284
Kramer Jay. Network attached system criteria. Storage Management Solutions, 1998, 3(5): 44~48
Miller E, Long D, Freeman W, et al. Strong security for distributed file systems. In: Clausen H, Diethelm MA, Helal A, et al. eds. Conference proceedings of the 2001 IEEE international performance, computing, and communications conference. PHOENIX, ARIZONA: IEEE, 345 E 47TH ST, NEW YORK, NY 10017 USA, 2001. 34~40
Anderson DC, Chase JS, Vahdat AM. Interposed request routing for scalable network storage. In: USENIX ASSOCIATION PROCEEDINGS OF THE FOURTH SYMPOSIUM ON OPERATING SYSTEMS DESIGN AND IMPLEMENTATION. SAN DIEGO, CALIFORNIA: USENIX ASSOC, SUITE 215, 2560 NINTH ST, BERKELEY, CA 94710 USA, 2000. 259~272
Akinlar C, Mukherjee S. A scalable distributed multimedia file system using network attached autonomous disks. In: Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems. SAN FRANCISCO, CALIFORNIA: IEEE COMPUTER SOC, 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA, 2000. 180~187
Preslan KW, Barry AP, Brassow JE, et al. A 64-bit, shared disk file system for Linux. In: INFORMATION-BASED ACCESS TO STORAGE: THE FOUNDATION OF INFORMATION SYSTEMS, PROCEEDINGS. SAN DIEGO, CALIFORNIA: IEEE, COMPUTER SOC PRESS, 10662 LOS VAQUEROS CIRCLE, LOS ALAMITOS, CA 90720 USA, 1999. 22~41
Gibson GA, Van MR. Network attached storage architecture. COMMUNICATIONS OF THE ACM, 2000, 43(11): 37~45
Yang J, Wang W, Nittel S, et al. Dynamo: design, implementation, and evaluation of cooperative persistent object management in a local area network. SOFTWARE -PRACTICE & EXPERIENCE. 2000, 30(4): 419~448
CHEN PM, LEE EK, DRAPEAU AL, et al. PERFORMANCE AND DESIGN EVALUATION OF THE RAID-II STORAGE SERVER. DISTRIBUTED AND PARALLEL DATABASES. 1994, 2(3): 243~260
Tzi-cker Chiueh. Stonehenge: a fault-tolerant real-time network-attached storage device. In: Hot Interconnects 9. STANFORD UNIV, STANFORD, CALIFORNIA: IEEE COMPUTER SOC, 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA, 2001. 57~61
Hansen JS. Flexible network attached storage using remote DMA. In: Hot Interconnects 9. STANFORD UNIV, STANFORD, CALIFORNIA: IEEE COMPUTER SOC, 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA, 2001. 51~56
Jiong Yang, Wei Wang, Muntz R, et al. Dynamic adaptive file management in a local area network. In: Distributed Computing Systems, 2000, Proceedings, 20th International Conference on. Taipei Taiwan: 2000. 368~375
Gibson GA, Nagle DF, Amiri K, et al. File server scaling with Networ-Attached Secure Disks. In: Performance Evaluation Review. ACM, 1997, 25(1): 272~284
韩德志,袁俊红. 附网存储与存储局域网技术. 微机发展,2000, (3): 10~14
Chen Xiang, Zhang Jiangling. Scalable Storage Architecture for Multimedia Image Storage. In: Zhou J, Jain AK, Zhang T, et al. eds. PROCEEDINGS OF THE SOCIETY OF PHOTO-OPTICAL INSTRUMENTATION ENGINEERS (SPIE), 3545. WUHAN, P R CHINA: SPIE - INT SOC OPTICAL ENGINEERING, PO BOX 10, BELLINGHAM, WA 98227-0010 USA, 1998. 584~587
Pieterick J. NAS and SAN: Sizing up storage needs. ELECTRONIC PRODUCTS MAGAZINE, 2000, 42(12): 35~37
Reitman G. Streaming video with storage area networks. SMPTE JOURNAL, 2001, 110(8): 517~522
Voruganti K, Sarkar P. An analysis of three gigabit networking for storage area networks. In: Clausen H, Diethelm MA, Helal A, et al. eds. Conference proceedings of the 2001 IEEE international performance, computing, and communications conference. PHOENIX, ARIZONA: IEEE, 345 E 47TH ST, NEW YORK, NY 10017 USA, 2001. 259~265
谢长生,傅湘林,韩德志,等. 一种基于iSCSI的SAN的研究与实现. 计算机研究与发展,2003, 40(5): 746~751
胡俊达. 走向未来的存储新技术——iSCSI. 数据通信,2003, (4): 6~8
杨进,魏轶伟,何宁,等. iSCSI——基于IP的存储协议. 计算机工程,2003, 29(10): 1~2
周敬利,徐漾. 基于iSCSI的存储系统. 华中科技大学学报(自然科学版),2002, 30(11): 4~6
任劲,谢长生,李为. iSCSI协议及其Linux下的实现. 小型微型计算机系统,2003, 24(7): 1183~1186
高巍,谢长生. 一种基于iSCSI的SAN存储虚拟化实现. 华中科技大学学报(自然科学版),2003, 31(5): 25~27
Garth A. Gibson, David F. Nagle, Khalil Amiri, et al. A Case for Network-Attached Secure Disks. Technical Report CMU-CS-96-142, September 1996. http://www.pdl. cmu.edu/NASD
Marc Farley. SAN存储区域网络(孙功星,蒋文保,范勇,等译). 北京:机械工业出版社,2001
David A. Patterson, Garth A. Gibson, Randy H. Katz. A Case for Redundant Arrays of Inexpensive Disks (RAID). In: Proceeding of ACM SIGMOD Conference. Chicago: 1988. 109~116
Friedman, Mark B. Raid keeps going and going and…. IEEE Spectrum, 1996, 33(4): 73~79
金海,张江陵,周欣荣,等. 磁盘阵列的应用前景及发展趋势. 电子计算机外部设备,1995, 19(3): 10~14
Namgoong JC, Park CI. Design and implementation of a Fibre Channel network driver for SAN-attached RAID controllers. In: Proceedings of the Internatoinal Conference on Parallel and Distributed Systems. KYONGJU CITY, SOUTH KOREA: IEEE COMPUTER SOC, 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA, 2001. 477~483
Baek SH, Kim BW, Joung EJ, et al. Reliability and performance of hierarchical RAID with multiple controllers. In: Proceedings of the twentieth annual ACM symposium on Principles of distributed computing. Newport, Rhode Island, United States: ACM Press New York, NY, USA, 2001. 246~254
钟铭,蔡长安,袁俊红. 专用的网络存储服务器WEB管理设计与实现. 微机发展,2000, (4): 12~15
朱立谷,赵青梅,赵卫国,等. 一种基于以太网的网络存储研究. 计算机工程与科学,2003, 25(4): 36~38
王艳春,陈,葛明霞. Linux源代码分析——存储管理. 长春理工大学学报,2003, 26(3): 30~33
Ma XN, Reddy ALN. MVSS: an active storage architecture. IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, 2003, 14 (10): 993~1005
Lu YP, Du DHC. Performance study of iSCSI-based storage subsystems. IEEE COMMUNICATIONS MAGAZINE, 2003, 41(8): 76~82
Anilkumar Pochiraju. Securing networked storage using defense in depth. 2003, http://www.giac.org/practical/GSEC/Anilkumar_Pochiraju_GSEC.pdf
Wilson, D.L. Airport information systems security. IEEE Aerospace and Electronic Systems Magazine, 2003, 18(4): 25~27
Paul Williams, Andersen. Information security governance. Information Security Technical Report, 2001, 6(3): 60~70
Thomas Finne. What are the information security risks in decision support systems and datawarehousing? Computers & Security, 1997, 16(3): 197~204
Information security – the great balancing act. Computer Fraud & Security, 2002, 2002(2): 12~14
Lech Janczewski, Frank Xinli Shi. Development of information security baselines for healthcare information systems in New Zealand. Computers & Security, 2002, 21(20): 172~192
Skorodumov B.I. Internet information security strategies. Elektrosvyaz, 2001, (4): 31~35
Howard Brett, Paridaens Olivier, Gamm Bernhard. Information security: Threats and protection mechanisms. Alcatel Telecommunications Review, 2001, (2): 117~121
Fung ARW, Farn KJ, Lin AC. Paper: a study on the certification of the information security management systems. Computer Standards & Interfaces, 2003, 25(5): 447~461
Rees J, Bandyopadhyay S, Spafford EH. PFIRES: a policy framework for information security. Communications of the ACM, 2003, 46(7): 101~106
齐嘉,李翔. 对实现网络安全防护的一些认识和考虑. 电信科学,2001, (9): 49~51
熊松韫,张志平. 构建网络信息的安全防护体系. 情报学报,2003, 22(1): 72~78
邓素平. 构建网络安全防护体系. 山东通信技术,2001, (2): 17~19
崔成. 浅谈计算机网络信息安全. 长春光学精密机械学院学报,1999, 22(3): 95~97
陆浪如. 信息安全评估标准的研究与信息安全系统的设计:[博士学位论文]. 郑州:解放军信息工程大学军事情报学系,2001
李守鹏. 信息安全及其模型与评估的几点新思路:[博士学位论文]. 成都:四川大学应用数学系,2002
桂兵祥,姚微微,尹兰,等. 建立动态的网络信息安全防护体系. 现代计算机,2002, (1): 36~39
何志勇. 入侵检测系统(IDS). 微机发展,2003, 13(S2): 69~71
贾春福. 系统级入侵检测技术研究. 计算机工程与应用,2002, (13): 24~25
D Dasgupta, Z Ji, F González. Artificial Immune System (AIS) Research in the Last Five Years. In: Proceedings of the international conference on Evolutionary Computation Conference (CEC). Canbara, Australia: 2003. http://issrl.cs.memphis.edu/AIS/pubs.html
肖人彬,王磊. 人工免疫系统:原理、模型、分析及展望. 计算机学报,2002, 25(12): 1281~1293
Z Tang, et al. Multiple valued immune network model and its simulations. In: Proceedings of The International Symposium on Multiple-Valued Logic. Autigonish, Canada: 1997. 233~238
刘克胜,张军,曹先彬,等. 一种基于免疫原理的自律机器人行为控制算法. 计算机工程与应用,2000, (5): 30~32
De Castro LN, Von Zuben FJ. An evolutionary immune network for data clustering. In: Proc 6th Brazilian Symposium on Neural Networks. Rio de Janeiro, Brazil: 2000. 84~89
Stephanie Forrest, Steven A Hofmeyr. Immunology as Information Processing. In: LA Segel, IR Cohen, eds. Desgn Principles for Immune System & Other Distributed Autonomous Systems. Oxford Univ. Press, 2000. 361~387
Chun Jang-Sung, Jang Hyun-Kyo, Hahn Song-Yop. A study on comparison of optimization performances between immune algorithm and other heuristic algorithms. IEEE Trans On Magnetics, 1998, 34(5): 2972~2975
Endoh S, Toma N, Yamada K. Immune algorithm for n-TSP. In: Proc IEEE International Conference on Systems, Man, and Cybernetics. San Diego, California: 1998: 3844~3849
Kim J, Bentley PJ. Towards an artificial immune system for network intrusion detection: An investigation of clonal selection with a negative selection operator. In: Proc of the 2001 Congress on Evolutionary Computation. Seoul South Korea: 2001. 1244~1252
刘树林,王日新,黄文虎,等. 基于反面选择算法的压缩机振动在线监测方法研究. 压缩机技术,2001, (5): 9~10
韩生廉,周文愚. 基于免疫更新机制的遗传算法及其在规划问题中的应用. 控制与决策,2002, 17(3): 343~345
葛红. 免疫算法综述. 华南师范大学学报(自然科学版),2002, (3): 120~126
Forrest S, Hofmeyr SA, Somayaji A. Computer immunology. Communications of the ACM, 1997, 40(10): 88~96
Warrender C, Forrest S, Pearlmutter B. Detecting intrusions using system calls: Alternative data models. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy. Oakland, California: IEEE, COMPUTER SOC PRESS, 10662 LOS VAQUEROS CIRCLE, LOS ALAMITOS, CA 90720 USA, 1999. 133~145
Anil Somayaji, Stephanie Forrest. Automated Response Using System-Call Delays. In: Proceedings of the 9th USENIX Security Symposium. Denver, Colorado: USENIX ASSOC, SUITE 215, 2560 NINTH ST, BERKELEY, CA 94710 USA, 2000. 185~197
张四海,罗文坚,曹先彬,等. 用于网络入侵检测的免疫学习子系统. 小型微型计算机系统,2003, 24(8): 1441~1444
莫宏伟,金鸿章. 人工免疫系统在计算机安全中的应用. 哈尔滨工程大学学报,2003, 24(3): 278~282
吴作顺. 基于免疫学的入侵检测系统研究:[博士学位论文]. 长沙:国防科学技术大学计算机学院,2003
谭文虎. 基于嵌入式数据库的NAS管理系统:[硕士学位论文]. 武汉:华中师范大学物理学系,2003
Khalil S Amiri. Scalable and manageable storage systems: [Ph.D. Dissertation]. Pittsburgh: Department of Electrical and Computer Engineering, Carnegie Mellon University, 2000
Ikjun Yeom. Bandwidth Assurance in a Differentiated Services Network: [Ph.D. Dissertation]. Texas: Dept. of Electrical Engineering at Texas A&M University, 2001
Ravi Wijayaratne. PRISM: A File Server Architecture For Providing Integrated Services: [Ph.D. Dissertation]. Texas: Department of Electrical Engineering at Texas A&M University, 2001
Ma Gang, Khaleel Adnan, Reddy AL. Perfermance evaluation of storage systems based on network-attached disks. IEEE Transactions on Parallel and Distributed Systems, 2000, 11(9): 956~968
Burns RC, Rees RM, Long DDE. Safe caching in a distributed file system for network attached storage. In: Proceedings of the 14th International Parallel and Distributed Processing Symposium. Cancun, Mexico: IEEE Computer Society, 2000. 155~162
李旭东. 将摩尔定律引入通信领域——谈模块化网络的发展. 通讯世界,2002, (9): 66~68
Suzuki J, Suda T. Middleware support for super distributed autonomic services in pervasive networks. In: Proceedings of 2004 INTERNATIONAL SYMPOSIUM ON APPLICATIONS AND THE INTERNET WORKSHOPS. TOKYO, JAPAN: IEEE COMPUTER SOC, 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA, 2004. 375~381
童时中. 模块化原理设计方法及应用. 北京:中国标准出版社,2000
陈莉君. 深入分析Linux内核源代码. 北京:人民邮电出版社,2002
鸵鸟工作室. Linux网络应用大全. 北京:机械工业出版社,2001
Kurt Wall, et al. GNU/Linux编程指南(第二版)(张辉,译). 北京:清华大学出版社,2002
S Forrest, S A Hofmeyr, A Somayaji, et al. A sense of self for UNIX processes. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy. Oakland, California: IEEE Computer Society, 1996. 120~128
S A Hofmeyr, S Forrest, A Somayaji. Intrusion Detection Using Sequences of system Calls. Journal of Computer Security, 1998, 6(3): 151~180
Nguyen N, Reiher P, Kuenning G H. Detecting insider threats by monitoring system call activity. In: Proceedings of the 2003 IEEE Information Assurance Workshop. West Point, New York: IEEE Systems, Man and Cybernetics Society, 2003. 45~52
Ariel N Burton, Paul H J Kelly. Tracing and reexecuting operating system calls for reproducible performance experiments. Computers and Electrical Engineering, 2000, (26): 261~278
刘德祥,纪传珍,刑杰. 医学免疫学与病原生物学. 北京:人民军医出版社,2000
Jon Timmis, Thomas Knight. Artificial immune systems: Using the immune system as inspiration for data mining. In: Hussein A Abbass, Ruhul A Sarker, Charles S Newton, eds. Data Mining: A Heuristic Approach, chapter XI. Group Idea Publishing, 2001. 209~230
Paul K Harmer, Paul D Williams, Gregg H Gunsch, et al. An artificial immune system architecture for computer security applications. IEEE Transactions on Evolutionary Computation, 2003, 6(3): 252~280
闫巧,谢维信,喻建平. 自然免疫机理对信息安全防护技术的启示. 系统工程与电子技术,2002, 24(11): 94~99
徐进明,施红芹. Linux系统管理. 北京:电子工业出版社,2002
施威铭研究室. Red Hat Linux7.2实务应用. 北京:清华大学出版社,2002
戴英侠,连一峰,王航. 系统安全与入侵检测. 北京:清华大学出版社,2002
Anil Buntwal Somayaji. Operating System Stability and Security through Process Homeostasis: [Ph.D. Dissertation]. Albuquerque, New Mexico: Dept. of Computer Science, University of New Mexico, 2002
Wenkee Lee, Dong Xiang. Information-theoretic measures for anomaly detection. In: Proceedings of the IEEE Computer Society Symposium on Research in Secuirty and Privacy. Oakland, CA: Institute of Electrical and Electronics Engineers Inc, 2001. 130~143
Maxion RA, Tan KMC. Benchmarking anomaly-based detection systems. In: Proceedings of DSN 2000: 1st International Conference on Dependable Systems and Networks. NEW YORK, NEW YORK, USA: IEEE COMPUTER SOC, 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA, 2000. 623~630
闫巧,喻建平,谢维信. 入侵检测系统的可信问题. 计算机研究与发展,2003, 40(8): 1203~1208
赵俊忠,黄厚宽,田盛丰. 免疫机制在计算机网络入侵检测中的应用研究. 计算机研究与发展,2003, 40(9): 1293~1299
阎会峰,徐问之. PCI总线高速接口卡设计技术. 计算机应用,2001, 21(6): 86~87
蒋昌龙. 柔性并行高速数据记录系统的研究与实现:[博士学位论文]. 北京:清华大学精密仪器与机械学系,2003
孙垚,孙新亚,古吟东. 一种基于Intel x86平台和Linux操作系统的数据采集器. 自动化仪表,2003, 24(5): 38~41
吴敬莲,董永贵,孙照焱,等. 模块式CD镜像服务器的实现及性能评测. 计算机工程与应用,2002, 38(24): 126~128
Robert Eckstein, David Collier-Brown, Peter Kelly. Using Samba. O'Reilly & Associates, Inc. 1999, http://www.oreilly.com/catalog/samba/chapter/book/appb_03. html#appb-67604
http://www.veritest.com/benchmarks/netbench/default.asp
http://www.scl.ameslab.gov/netpipe/
http://www.eecs.harvard.edu/vino/perf/hbench/
Aaron B Brown, Margo I Seltzer. Operating system benchmarking in the wake of lmbench: a case study of the performance of NetBSD on the Intel x86 architecture. In: Proceedings of the 1997 ACM SIGMETRICS international conference on Measurement and modeling of computer systems. Seattle, Washington: ACM Press, New York, NY, USA, 1997. 214~224
Ghiselli A. Distributed applications monitoring at system and network level. Computer Physics Communications, 2001, 140(1-2): 219~225
Sumanth J V, Xiao Qin, Ala Qadi, et al. Performance evaluation of parallel I/O in cluster environments. Technical Report, 2002. http://www.cse.unl.edu/~xqin/papers/tr02-2.ps