| ID | 原文 | 译文 |
| 1843 | 该方法利用前一个脉冲稀疏位置估计信息,构造分段产生干扰的正交补空间,将子段压缩测量投影到构造的正交补空间,有效地抑制了相邻段引入的干扰。 | Utilizing the estimation of sparse positionsin the previous pulse, the scheme projects the measurements of the current segment onto the orthogonal complement subspace spanned by the interference generated in the segmentation process and then the adjacent interference is greatly rejected. |
| 1844 | 数值仿真验证了方法的有效性。 | Simu-lations show the effectiveness of the OP-WSegSR scheme. |
| 1845 | 从网络内部探测目标终端的脆弱性是网络攻击发起的主要途径,当前网络的静态特性利于攻击者目标侦察的实施,网络内部的 L2 /L3 地址是攻击者期望侦察的主要信息。 | The detection of the vulnerability of the target host from the intranet is the main way to initiate the networkattack. The static characteristics of the current network are beneficial to the implementation of attacker reconnaissance, andthe L2 /L3 address inside the network is the main information that the attacker expects to scout. |
| 1846 | 为了改变目标侦察阶段网络攻防的易攻难守态势,基于拟态伪装的思想,提出了一种 L2 和 L3 地址协同动态化技术,在不影响正常业务条件下有策略地隐藏真实网络主机。 | In order to change the net-work attack and defense situation in the reconnaissance stage, based on the idea of mimicry camouflage, a collaborative dy-namic technology of L2 and L3 addresses is proposed to strategically hide the real network host without affecting normal business conditions. |
| 1847 | 首先,建立网络侦察的博弈模型(CRG),基于 NASH 均衡解指导 L2 /L3 地址的拟态伪装策略,并给出最优的跳变周期计算公式; | Firstly, the cyber reconnaissance game (CRG)is established. Based on the NASH equilibrium solution, the mimetic camouflage strategy of L2 /L3 address is solved, and the optimal mutation period calculation formula is given. |
| 1848 | 其次,基于软件定义网络架构,设计并实现了协同动态化的内网防护系统(CMID),由 SDN 控制器协同控制 L2 /L3 地址的伪装变换; | Secondly, based on the software-defined network architecture, the cooperative mutation intranet defense system (CMID)isdesigned and implemented, and the SDN controller cooperatively controls the camouflage transformation of the L2 /L3 ad-dress. |
| 1849 | 最后,理论分析与实验结果表明:上述方法能够有效切断 L2 /L3 地址与真实网络身份、上层服务的关联性,最大化地隐藏网络内部主机,延缓侦察速度,阻断网络攻击的连续性。 | Finally, the theoretical analysis and experimental results show that the above method can effectively cut off the correla-tion between L2 /L3 address and real network identity and upper-layer services, maximally hide the internal hosts of the net-work, delay the reconnaissance speed, and block the continuity of network attacks. |
| 1850 | 软件定义网络(Software-Defined Networking,SDN)作为一种数据转发与控制逻辑相解耦、并开放底层编程接口的创新网络架构,为降低核心网的部署运营成本、提升应用业务性能提供了全新的解决思路。 | As an innovative network architecture decoupling data forwarding and control logic, and opening underly-ing programming interfaces, software-defined networking (SDN)provides a novel solution to reduce deployment and opera-tion costs and improve business application performance in core networks. |
| 1851 | 然而,在 SDN 架构下,逻辑上集中的控制平面容易出现性能瓶颈,进而加大分组转发时延,因此有必要理解其分组转发性能特性。 | However, logically centralized control plane underthe SDN architecture is prone to performance bottlenecks, and increases packet forwarding delay. |
| 1852 | 为此,本文首先介绍了软件定义核心网的典型部署场景,分析了控制平面的 Packet-in 消息到达过程和数据平面的分组到达过程, | Thus it is necessary to un-derstand the characteristics of its packet forwarding performance. To this end, we first introduce typical deployment scenarios of software-defined core networks, and analyze Packet-in message arrival process in its control plane and packet arrival process in its data plane. |