中圖分類號：TP309文獻(xiàn)標(biāo)識碼：ADOI:10.19358/j.issn.2097-1788.2024.06.004
引用格式：王斌，李琪，張宇，等.一種多機(jī)制融合的可信網(wǎng)絡(luò)探測認(rèn)證技術(shù)［J］.網(wǎng)絡(luò)安全與數(shù)據(jù)治理，2024，43（6）：23-32.

An authentication scheme for trusted network probing based on multiple mechanisms integrating

Abstract： To ensure the security of network topology information while maintaining the network′s flexibility and tunability, this paper introduced an authentication technology for trusted network probing that integrates multiple mechanisms. This technology combines trusted authentication based on IP addresses, token-based authentication, and hash chain-based authentication, balancing efficiency and security. Through this method, network administrators can protect network topology information without blocking legitimate topology probing. A topology probing tool supporting this technology was developed, and the technique was implemented on Linux hosts using Netfilter technology. Experimental results demonstrated that this technology can effectively identify trusted probes, with a slight increase in latency compared to traditional Traceroute.

Key words : trusted probe authentication; hash chain; network topology; Traceroute