• <tr id="yyy80"></tr>
  • <sup id="yyy80"></sup>
  • <tfoot id="yyy80"><noscript id="yyy80"></noscript></tfoot>
  • 99热精品在线国产_美女午夜性视频免费_国产精品国产高清国产av_av欧美777_自拍偷自拍亚洲精品老妇_亚洲熟女精品中文字幕_www日本黄色视频网_国产精品野战在线观看 ?

    System Architecture and Key Technologies of Network Security Situation Awareness System YHSAS

    2019-04-29 03:21:30WeihongHanZhihongTianZizhongHuangLinZhongandYanJia
    Computers Materials&Continua 2019年4期

    Weihong Han, Zhihong Tian, , Zizhong Huang, Lin Zhong and Yan Jia

    Abstract: Network Security Situation Awareness System YHSAS acquires, understands and displays the security factors which cause changes of network situation, and predicts the future development trend of these security factors. YHSAS is developed for national backbone network, large network operators, large enterprises and other large-scale network.This paper describes its architecture and key technologies: Network Security Oriented Total Factor Information Collection and High-Dimensional Vector Space Analysis, Knowledge Representation and Management of Super Large-Scale Network Security, Multi-Level,Multi-Granularity and Multi-Dimensional Network Security Index Construction Method,Multi-Mode and Multi-Granularity Network Security Situation Prediction Technology, and so on. The performance tests show that YHSAS has high real-time performance and accuracy in security situation analysis and trend prediction. The system meets the demands of analysis and prediction for large-scale network security situation.

    Keywords: Network security situation awareness, network security situation analysis and prediction, network security index, association analysis, multi-dimensional analysis.

    1 Introduction

    Network security incidents occur frequently in cyberspace and have a great impact, such as the “Stuxnet” incident in Iran and the “blackout incident in Ukraine” and so on. From the perspective of their respective goals and needs, various departments in cyberspace,such as government affairs, finance, e-commerce, banks and transportation, have deployed security products such as firewalls, intrusion detection and anti-virus. At present, all security products will give an alarm against network attacks. However, users still lack a macroscopic view of the overall situation of the network. Network attacks are related to asset vulnerabilities, resource consumption attacks are also related to the state of the system, and complex network attacks often run across systems and across administrative domains. Therefore, multi-channel data comprehensive analysis is needed to accurately discover network events. Therefore, it is difficult to discover large-scale and complex network attacks for locally deployed network security products.

    The network security situation awareness system YHSAS introduced in this paper is oriented to the needs of space network security. Based on large data acquisition and storage management technology, it uses data analysis, mining and intelligent deduction methods to discover security incidents, assess their hazards, and predict their development. It also makes a multi-level and multi-granularity grasp of the overall network security situation from micro to macro, and gives a global view to provide decision support for cyberspace security. The main challenges faced by large-scale network security situation analysis include: 1) There are many kinds of security attacks against cyberspace. At present, there are at least 50000 species, which are evolving and emerging. How can they be judged in real time and accurately? 2) Network system security involves many factors, such as attacks, vulnerabilities, assets, networks, and so on, and the correlation is complex. How to give its threat and security situation in real time, quantitatively and understandably? 3) Network attack incidents break out instantaneously and are extremely harmful? How to predict them in advance so as to take relevant preventive measures? In view of the above challenges, this paper analyzes the system architecture and the key technologies involved in the implementation of the network security situation awareness system YHSAS. The test and practical use verify the effectiveness of the YHSAS system and its key technologies, which can provide reference value for the implementation of large-scale network security situation awareness system.

    2 Related research

    Around the research on the large-scale network security situation analysis and prediction system, the United States, Japan, the European Union and China have established a national network security incident monitoring system. The United States has developed the Global Early Warning Information System [GEWIS (2018)]. The National Cybersecurity Protection System, commonly known as the “Einstein Plan” [NCPS (2018)],is an important component of the Comprehensive National Cyber Security Initiative(CNCI) of the United States, which is designed and operated by the United States Department of Homeland Security to provide global, local and operational levels of network event monitoring, analysis, early warning and situation awareness. Japan has developed an Internet Scan Data Acquisition System [ISDAS (2018)]. The European Lobster [LOBSTER (2018)] belongs to the European infrastructure pioneer experimental program, which uses sensors deployed in some schools, research organizations and some telecom operators to obtain relevant information for accurate Internet communication flows monitoring, and uses deep packet inspection and deep flow inspection to identify 0day worm propagation, recognize dynamic port applications, and measure Internet services. WOMBAT (Worldwide Malicious Behavior and Attack Threat Observatory)[Dacier, Leitaand and Thonnard (2010)] is a project funded by the European Union to collect and analyze current and emerging threats (especially malicious code) in the network by means of honey pots, crawlers and external data sources. China has developed the 863-917 network security monitoring platform to analyze the network security situation of the national backbone network. The above systems are self-contained and realize monitoring and early warning for specific problem areas.

    The network security situation analysis system involves many key technologies,including network security data collection[Wang, Tian and Zhang (2018); Tian, Cui and

    An (2018)] network security big data storage and processing[Li, Sun, Jiang et al. (2018);Han, Tian, Huang et al. (2018); Qiu, Chai, Liu et al. (2018)], network security data sharing[Sun, Li , Su et al.(2018); Tian, Su, Shi et al. (2018); Chen, Tian, Cuiet al. (2018)],network attack detection[Cui, Zhang, Cai et al. (2018); Wang, Liu, Qiu et al. (2018); Yu,Tian, Qiu et al. (2018); Tan, Gao, Shi et al. (2018)], and so on. The research on these key technologies has also achieved a lot of results, laying a technical foundation for the construction of the network security situation analysis system.

    The development of network security situation analysis technology has gone through three stages. The first phase focuses on feature-based security incident detection [Cai,Zhang and Li (2018); Liu, Meng and Wu (2013)], with the launch of the Einstein Plan of the United States in 2003 as the representative. The second stage focuses on the study of correlation analysis and threat quantitative assessment for complex security incidents[Niu and Wang (2011); Sang (2012); Zhang, Shiand and Chen (2013)], represented by Einstein Plan 2 of the United States in 2009. The third stage focuses on intelligent analysis for complex attacks, quantitative evaluation based on index system and development trend prediction research [Wang (2017); Luo (2017)], with the Einstein Plan 3 of the United States in 2013 as the representative.

    3 YHSAS system architecture

    The architecture of network security situation awareness system YHSAS is shown in Fig.1. The main functions of the system include 1) Security information collection: it can collect all kinds of data, including files, packets, streams, sessions, memory information,registry information, address information, protocol information, service information, load transmission information, etc. It supports 10PB data storage scale and can integrate 187 types of network security devices. 2) Security attack detection: it can detect network scan attack, password attack, Trojan horse attack, buffer overflow attack, tamper information attack, forgery information attack, denial of service attack, e-mail attack and other conventional attacks and APT attacks, and the coverage rate is 92.3%. 3) Situation quantification calculation: It is a quantifiable security index system, which can describe the current macro overall security situation of the national Internet. 4) Security Situation Analysis: It can analyze and discover network security incidents in depth, calculate current network security situation and output multi-mode and multi-dimensional visualization. 5) Security situation prediction: It can accurately predict the security trend in a certain period of time in the future. The prediction module of calculation can predict Trojan Horse attack propagation, DDoS attack, virus situation, botnet, and APT attack,and the prediction is in good agreement.

    4 Key technologies of the system

    The key technologies of large-scale network security situation awareness system mainly include: network security-oriented total factor information collection and highdimensional vector space analysis technology, knowledge graph technology supporting super-large-scale network security knowledge representation and management, multilevel, multi-granularity and multi-dimensional network security index system construction method and multi-mode and multi-granularity network security event prediction technology based on adaptive prediction model.

    4.1 Network security oriented total factor information collection and high-dimensional vector space analysis

    Traditional security devices and products usually collect data according to their local objectives, lacking support for global, unknown and complex security events analysis,therefore, YHSAS adopts a network security-oriented total factor information acquisition model, and greatly improves the support ability for accurate and real-time detection of complex security events by extracting and analyzing the security features of the multidimensional and multi-level high-dimensional vector full information.

    Aiming at the problem that traditional security devices lack support for global, unknown and complex security event analysis, YHSAS adopts a multi-level and multi-dimensional total factor acquisition model, as shown in Formula 1. By combining active acquisition with passive reception, fine-grained full information acquisition and extraction of 13-dimensional objects, such as files, packets, streams, sessions, protocols and network objects, is carried out from six levels: protocol layer, behavior layer, sensitive behavior layer, attack layer, broad spectrum content layer and accurate content layer, and a high-

    (1) Multi-level and multi-dimensional network security information total factor acquisition modeldimensional space vector reflecting the full information of the security object is obtained.

    Formula. 1 Total factor collection model

    (2) Analysis method of security event feature information in high-dimensional vector space

    In order to solve the problem of huge computational complexity in high-dimensional vector space caused by total factor information acquisition, YHSAS proposes a feature information extraction method for network security events based on high-dimensional vector space, as shown in Formula 2. Firstly, in this method, massive data samples are clustered on streams, and then filtered according to the characteristics of the generated categories. On the one hand, the scope of the subsequent analysis can be focused to reduce the computational complexity. On the other hand, suspicious new event categories can be found by clustering. Secondly, facing the category information generated, the trained feature recognition neural network is used to identify the feature information, so as to construct the feature vector space of network security event information and lay a foundation for the next event research and judgment.

    Formula. 2 Information analysis method of clustering and feature training in highdimensional vector space

    (3)Automatic deployment technology of network security information collection agent

    In view of the super heterogeneous complexity and on-line evolution of network system,as well as the huge scale characteristics of data acquisition agents, YHSAS proposes an online insertion and extraction technique of data acquisition agent based on lightweight component technology. Firstly, this technology carries out component-based packaging for all kinds of data acquisition agents, and through the integration of component application server technology, the online insertion and extraction of agents is realized.Secondly, the target data is extracted and integrated through the regular expression-based configuration file, and the automatic generation of configuration files and the automatic conversion of data patterns are supported. This technology can efficiently integrate network security devices and data. YHSAS system supports 187 kinds of network security devices, and its performance is second-level real-time.

    4.2 Knowledge representation and management of super large-scale network security

    In view of the large-scale, on-line evolution and space-time correlation characteristics of network security knowledge, YHSAS adopts the super knowledge graph model of network security knowledge representation and management, breaks through the automatic/semi-automatic construction method of multi-modal knowledge graph, as well as the key technologies of online evolution and fast matching, and builds a large-scale network security knowledge graph, breaking through the accurate and real-time detection technology of network security incidents. On the standard test set, the system has 99.8%de-duplication rate, 0.01% false alarm rate and 0.2% missing alarm rate.

    (1)The super knowledge graph model supporting large-scale network security

    To solve the problem of huge scale, high evolution and real-time utilization of cyberspace security knowledge, YHSAS adopts the super knowledge graph knowledge representation model. On the basis of the triad of the traditional knowledge graph, attributes and rules are added, and five tuplesare proposed to solve the problem of large scale, high evolution and real-time utilization of the cyberspace security knowledge.Instances are concrete instances of concepts, each of which has its own attributes and can evolve, which is the concretization of the relationship of network security events. Based on the proposed super knowledge graph, a large-scale network security knowledge graph is implemented, which covers 93578 vulnerability information, 51300 attack methods,151 mainstream operating systems, more than 200 mainstream applications, and 3507 malware information, breaking through the difficult problem of real-time and accurate research and judgement.

    (2)Automatic construction method of super knowledge graph

    Aiming at the bottleneck of knowledge acquisition of network security knowledge graph,YHSAS proposes a method of building large-scale network security knowledge graph based on multi-modal network security data by entity word recognition, relation extraction and entity link. The extended entity set E’ is obtained by recognizing other candidate entity words in free text based on syntactic dependency rules and other candidate entity words in table data based on pattern reasoning. As for relation extraction, firstly, the original data fragments where knowledge in G has appeared are found out from the network security big data, and the classifier Ct of t is obtained by training with LSTM depth learning model.Then, the data fragments where E’ has appeared in the original data are computed by Ct,and the possible relationship types between the entity words in E’ are obtained. In terms of entity link, entity genes are constructed according to the attributes and relations of knowledge. According to the similarity between entity genes and context features, the link between entity words mentioned in the data context and known entities in G is realized. For entity words that cannot be linked, they are regarded as new entities added to G to achieve disambiguation fusion and knowledge expansion.

    (3)Knowledge automatic evolution based on tensor decomposition and path sorting

    Aiming at the problems of large scale, high evolution, space-time attributes and real-time utilization of cyberspace security knowledge, YHSAS adopts the evolutionary method of network security super knowledge graph. Based on tensor decomposition, an edge-and-attribute oriented knowledge automatic evolution algorithm is proposed, that is,according to the attribute values of the nodes and adjacent nodes, the values of unknown attributes are predicted, and the possible new feasible edges between the two nodes are predicted based on the feasible path ordering method and all feasible paths between the two nodes. During the evolution of network security knowledge graph, the candidate entity recognition, entity relationship classification and entity determination techniques are used to automatically evolve and reason from network security vulnerability database and utilization methods. Based on automatic evolutionary reasoning algorithm, the data flow detected by the network security can be quickly studied and judged, which breaks through the difficult problem of real-time and accurate judgment of security events.

    (4)The network security event detection based on the incremental subgraph matching of tolerance K

    Based on the method of combining subgraph matching with activity pattern, YHSAS proposes an incremental fast attack subgraph matching research and judgement algorithm based on tolerance K, which realizes the detection of botnet and slow DDoS. On the experimental data set, a similarity measure method based on dynamic time warping distance is proposed, and the accuracy rate of Botnet migration detection is 92%. The results of the botnet collaborative detection method based on the botnet malicious behavior target and the time correlation analysis are as follows: when the time span is 2 months and the number of Botnet IP is more than 40, the missing alarm rate of the detection method is 0. A slow DDoS attack detection method based on traffic and service collaborative detection is proposed in order to solve the problem of difficulty and inefficiency of detecting slow DDoS attacks with strong concealment. In order to evaluate the effectiveness of this method, the network simulation experiment is carried out to test the detection system. The experimental results show that the correct detection rate is 99.7%, the missing alarm rate is 0.4%, the false alarm rate is 0.3%, and the performance of the detection system is good.

    4.3 Multi-level, multi-granularity and multi-dimensional network security index construction method

    There are many factors influencing large-scale network security situation analysis, and their importance is different. Therefore, the construction method of multi-level, multigranularity and multi-dimensional network security index system, and the configurable,real-time calculation and online evolution method of its index is given to accurately describe and quantify large-scale network from macro to micro network security situation.

    (1)Network security index extraction based on R clustering and factor analysis

    YHSAS adopts the method of R clustering and factor analysis combined with principalsubordinate analysis to extract the network security index. Firstly, the principal component analysis is used to determine the main factors and reasonable levels that affect the network situation. Secondly, Delphi method is used to determine the number of layers of network security situation index system, and then the indicators in the same layer are classified by R clustering, so that different categories represent different aspects of network situation assessment. Finally, indexes with large factor loading in each category are selected by factor analysis method, so that a few indexes can reflect the security situation of the whole network. The established network security situation index system only uses 16% indexes, reflecting 99% of the original information, which can effectively and objectively measure the network security situation.

    (2)Multi-mode network security index system calculation model

    By analyzing the characteristics of different network security factors and according to the characteristics of different network security indicators, different network security index quantification methods including extremum method, statistical standardization method,anti-cotangent function method, intermediate variable method and logarithm method are given. For the quantified network security index, the aggregation algorithm is used to aggregate the sub-indexes and calculate them into the upper-level index to form a hierarchical network security index system. The main calculation models include:weighted average method, which is intuitive and easy to understand; maximum method,which takes the maximum of one of them as the index result after aggregation by depicting the most serious degree locally; harmonic triangular norm method, which can reflect both global and local characteristics.

    Formula. 3 Multi-mode network security index system calculation model

    (3)Self-evolving technology of network security index system based on deep learning

    Aiming at the problem of continuous innovation and evolution of network security attack and the adaptability change of existing index system, the self-learning and self-evolution technology of network security index system based on convolutional neural network is adopted. Firstly, this technology constructs the evaluation method of index system to measure the coincidence between the index system and the reality from three aspects of correctness, stability and redundancy, so as to guide the quantitative method of deep learning algorithm on the network security index system and the feedback adjustment of the weights of aggregation operators and various parameters. The test shows that the coincidence rate between the index system based on this method and the reality is over 90%.

    4.4 Multi-mode and multi-granularity network security situation prediction technology

    To solve the problem that it is difficult to predict the development trend of current technology to network security, YHSAS proposes a multi-mode and multi-granularity network security situation prediction technology based on adaptive prediction model,including: network security situation prediction technology based on organic combination of multiple forecasting methods, prediction technology based on frequent episodes of characteristic event sequences, prediction technology based on wavelet decomposition and ARMA model, and multi-dimensional entropy anomaly detection method based on improved support vector regression prediction to realize the accurate prediction of network security.

    (1)Network security situation prediction framework supporting multiple prediction modes

    There are many factors that affect the evolution of network security situation, and it is difficult to predict only by single prediction technology, so YHSAS adopts a network security situation prediction system architecture which combines multiple prediction methods. The related technologies of time series data prediction are applied to the field of network security. According to the characteristics and application requirements of different network security data, a reasonable prediction model is selected, and modeling is carried out by using historical security event data. Then, according to different prediction models, multiple-granularity prediction is carried out for different security data sources. For short-term prediction, the development rule of recent historical data is mainly considered for modeling prediction. For medium-term and long-term prediction,the seasonal factors and the overall long-term trend of historical security events over a long period of time are mainly considered. Tests show that the system supports shortterm, medium-term, long-term and other time granularity prediction, supports Trojan horse, worm, botnet and other major network security events prediction, and the prediction effect is ideal.

    (2)Prediction technology of time series data based on frequent episodes of characteristic events

    Botnets, worms and other network security events with long-term propagation characteristics often have the characteristics of self similarity, so YHSAS proposes a new solution for time series data prediction: Firstly, the time series data is transformed into event sequences by segmenting the time series data and discretizing the time series subsegment features. Then, the related concepts and methods of frequent episodes in the field of event sequence processing are introduced to extract the knowledge needed for prediction, and then the future development of time series data is predicted by using these knowledge. The specific prediction process of the proposed method can be divided into two stages: knowledge extraction and prediction: in the prediction stage, the extracted frequent episode prefix events are used to match the characteristic event sequences formed by the recent time series data, and then the selected frequent episode suffix events are used to predict the characteristic events on the future time series sub-segments.Practical application shows that the prediction based on characteristic time frequent episodes can improve the prediction accuracy of botnets and worms by about 15% in long-term multi-step prediction episodes.

    (3)Multi-dimensional entropy prediction method based on support vector regression model

    Aiming at the characteristics of noise and disturbance factors in large-scale network traffic data, YHSAS proposes a method of applying least squares support vector machines (LSSVM) to the prediction of entropy values in various dimensions of network traffic data, which can effectively shield the noise and disturbance factors in network traffic data and detect the abnormal value of traffic entropy in time. The main technological breakthroughs include: Fast multi-dimensional entropy calculation. The detection accuracy is improved by correlating through entropy mutation on multiple dimensions, and for large-scale network anomaly detection, massive traffic data needs to be processed in real time. Genetic algorithm improves support vector regression.Adaptive crossover and mutation operators are used to cross and mutate all individuals in the population, which improves the searching ability of the algorithm, and only the individuals with large fitness are retained, ensuring the direction of evolution,accelerating the convergence speed and avoiding the degeneration of excellent individuals produced by crossover caused by variation. Tests show that the early detection and early warning of DDoS attacks and worm attacks that may cause abnormal traffic flow are effective.

    5 Performance analysis

    5.1 Accuracy of network security index

    We use Blade IDS Data Set to test the accuracy of network security index construction and calculation. Blade IDS send 10,241attack packets last a day, and the attack packets have 101 different types of alerts. The alerts are divided into 15 categories, which cover the main categories of network security events. Network security experts have analyzed the network security situation of one day by the way of the manual classification, and give the index of network security, as shown by red lines in Fig. 2.The blue line shows the network security situation calculated by YHSAS. It is shown by the test that YHSAS basically reflects the trends of network security situation.

    Figure 2: Accuracy of network security index

    5.2 Sensitivity of network security index

    By simulating a Dos attack, we verify whether the network security index can effectively reflect the changes in network security status when the network is facing a network attack.We use TFN2K [Barlow and Thrower (2000)] to initiate a DoS attack. TFN2K can perform a denial-of-service attack on the target server through ICMP flooding, SYN flooding, and smurf. We first use ICMP flooding to consume the resources of the target service, and continuously increase the intensity of the flood attack per minute to observe the change of the network security index. The attack strength is sent from 10 attack packets per minute to Send 300 attack packets per minute, and then we gradually reduce the intensity of the ICMP flood attack until the attack stops completely. Fig. 3 shows the change of the network security index in the simulated DoS attack in the experimental environment. The point on the curve is obtained by the YHSAS system every 6s.Through the trend of the curve, it can be seen that the basic running index suddenly increases when the simulated attack strength reaches 250, because the attacked host reaches the performance bottleneck then. When the attack strength is weakened to about 150 again, The basic running index value returns to its normal level. The trend of risk index and composite index mainly increases with the increase of attack intensity, and decreases with the decrease of attack intensity. The vulnerability in the network did not change during the simulated attack, so the vulnerability index showed a stable trend throughout the test. Therefore, the network security index of YHSAS reflects the change of network security situation in real time and has good sensitivity.

    Figure 3: Sensitivity of network security index

    5.3 Accuracy of network security situation prediction

    We use UCI data set to compare the prediction accuracy between Short-term prediction and long-term prediction. The result is shown in Fig. 4(a) and Fig. 4(b). In the case of the single-step prediction, the regression-based method considers the continuity of data,which has a good effect in the short-term prediction. But its advantage reduces with the increases of prediction length. The errors of these prediction methods are all at a lower level. For the long-term projection, the data fitting curve cannot accurately reflect the data law after a period of time. At this time, regression-based prediction error increases rapidly and predictions based on wavelet neural network and frequent item sets are suitable for this prediction scene. Prediction accuracy has been significantly improved compared to a regression-based method. Because YH-SSAS integrates several different prediction methods, the short-term prediction accuracy is not less than 95% and the longterm forecast accuracy is not less than 90%.

    Figure 4: Accuracy of network security situation prediction

    6 Conclusions

    Large-scale Network Security Situation Awareness System (YHSAS) is developed for national backbone network, large network operators, large enterprises and other largescale network. The system acquires, understands and displays the security factors which cause changes of network situation, and predicts the future development trend of these security factors. The key technologies of YHSAS system are deeply studied in this paper,including: network security oriented total factor information acquisition and highdimensional vector space analysis technology, knowledge graph technology supporting super-large-scale network security knowledge representation and management, multilevel, multi-granularity and multi-dimensional network security index system construction method, multi-mode and multi-granularity network security event prediction technology based on adaptive prediction model, and so on. The performance tests show that YHSAS has high real-time performance and accuracy in security situation analysis and trend prediction, and meets the demands of analysis and prediction for large-scale network security situation.

    Large-scale network security situation awareness system also faces many new challenges.In terms of accuracy of large-scale network security event prediction, there are too many factors affecting the occurrence of security incidents, new means of attack is unknown,and there are lots of operation situations of network hackers for various purposes, so it is difficult to accurately predict the occurrence and development trend of major network attack events. As one of the acknowledged worldwide problems in the field, it needs further study.

    Acknowledgement:This work is funded by the National Natural Science Foundation of China under Grant U1636215 and the National key research and development plan under Grant Nos. 2018YFB0803504, 2016YFB0800303.

    真人做人爱边吃奶动态| 五月伊人婷婷丁香| 国产精品爽爽va在线观看网站| 亚洲精品影视一区二区三区av| 国产日本99.免费观看| 中文字幕人妻熟人妻熟丝袜美 | 亚洲av美国av| 久久天躁狠狠躁夜夜2o2o| 夜夜夜夜夜久久久久| 看片在线看免费视频| 亚洲国产高清在线一区二区三| 热99在线观看视频| 日韩av在线大香蕉| 法律面前人人平等表现在哪些方面| 国产精品99久久久久久久久| 搡老岳熟女国产| 叶爱在线成人免费视频播放| 首页视频小说图片口味搜索| 免费人成在线观看视频色| 亚洲中文字幕日韩| 亚洲精品色激情综合| 日韩欧美精品免费久久 | 国产精品99久久99久久久不卡| 搡老岳熟女国产| 免费大片18禁| 免费看日本二区| 免费一级毛片在线播放高清视频| 好男人电影高清在线观看| 天堂√8在线中文| 午夜福利在线观看吧| 欧美另类亚洲清纯唯美| 国产精品98久久久久久宅男小说| 精品国产美女av久久久久小说| 免费人成视频x8x8入口观看| 精品人妻一区二区三区麻豆 | 日本免费a在线| 亚洲人与动物交配视频| 18+在线观看网站| 国产精品综合久久久久久久免费| 久久精品综合一区二区三区| aaaaa片日本免费| 免费人成在线观看视频色| 婷婷丁香在线五月| 国产乱人伦免费视频| 亚洲国产精品999在线| av在线天堂中文字幕| 无人区码免费观看不卡| 久久精品国产综合久久久| 波多野结衣高清无吗| 欧美性猛交黑人性爽| 最近在线观看免费完整版| 亚洲在线自拍视频| 精品电影一区二区在线| 免费看美女性在线毛片视频| 亚洲欧美精品综合久久99| 日韩国内少妇激情av| 欧美av亚洲av综合av国产av| 免费人成视频x8x8入口观看| 久久国产精品人妻蜜桃| 一区二区三区高清视频在线| or卡值多少钱| 精品午夜福利视频在线观看一区| 在线观看66精品国产| 国产精品久久久久久精品电影| 日本 欧美在线| 国产久久久一区二区三区| 国产熟女xx| av中文乱码字幕在线| av在线天堂中文字幕| 女人被狂操c到高潮| 欧美日韩国产亚洲二区| 亚洲片人在线观看| 嫁个100分男人电影在线观看| 欧美大码av| 国产精品98久久久久久宅男小说| 天堂动漫精品| 日本撒尿小便嘘嘘汇集6| netflix在线观看网站| 99国产极品粉嫩在线观看| 一个人免费在线观看的高清视频| 99久久精品国产亚洲精品| 亚洲无线观看免费| 亚洲片人在线观看| 午夜福利在线观看吧| 中文在线观看免费www的网站| 九九在线视频观看精品| 九色成人免费人妻av| 日韩有码中文字幕| 在线播放无遮挡| 久久人人精品亚洲av| 少妇裸体淫交视频免费看高清| 久久久国产成人精品二区| 一个人看视频在线观看www免费 | 一区二区三区国产精品乱码| 在线视频色国产色| 成人无遮挡网站| 国产色爽女视频免费观看| 国产极品精品免费视频能看的| 老汉色av国产亚洲站长工具| 桃色一区二区三区在线观看| 免费av不卡在线播放| 高清日韩中文字幕在线| 国产真实乱freesex| 一级毛片高清免费大全| www日本黄色视频网| 啪啪无遮挡十八禁网站| 国产成人av激情在线播放| 国内少妇人妻偷人精品xxx网站| 色综合站精品国产| 熟女少妇亚洲综合色aaa.| 国产精品1区2区在线观看.| 精品国产美女av久久久久小说| 欧美乱妇无乱码| 啦啦啦韩国在线观看视频| 欧美+亚洲+日韩+国产| 免费大片18禁| 真实男女啪啪啪动态图| 午夜福利在线在线| 免费观看人在逋| 精品99又大又爽又粗少妇毛片 | 白带黄色成豆腐渣| 国产av不卡久久| 热99re8久久精品国产| 国产精品亚洲美女久久久| 日韩欧美精品v在线| 99国产精品一区二区蜜桃av| 看免费av毛片| 美女大奶头视频| 久久久久久久精品吃奶| 欧美最黄视频在线播放免费| 午夜影院日韩av| 99久久无色码亚洲精品果冻| 免费一级毛片在线播放高清视频| 国产一区二区在线观看日韩 | 色老头精品视频在线观看| 久久99热这里只有精品18| 免费观看的影片在线观看| 窝窝影院91人妻| 亚洲乱码一区二区免费版| 99国产精品一区二区蜜桃av| 看免费av毛片| 国内揄拍国产精品人妻在线| 精品欧美国产一区二区三| 可以在线观看毛片的网站| av中文乱码字幕在线| 母亲3免费完整高清在线观看| 观看免费一级毛片| 男女午夜视频在线观看| 欧美乱妇无乱码| 欧美高清成人免费视频www| 少妇人妻一区二区三区视频| 久久九九热精品免费| a级一级毛片免费在线观看| 女人高潮潮喷娇喘18禁视频| 国产成人影院久久av| 亚洲在线自拍视频| 美女免费视频网站| 国产精华一区二区三区| 熟妇人妻久久中文字幕3abv| 久久精品影院6| 狂野欧美白嫩少妇大欣赏| 香蕉久久夜色| 久久中文看片网| 51国产日韩欧美| 亚洲va日本ⅴa欧美va伊人久久| 国产精品久久久人人做人人爽| 亚洲欧美日韩高清专用| 久久久久国产精品人妻aⅴ院| 国产精品一及| 国产v大片淫在线免费观看| 国产亚洲精品久久久久久毛片| 床上黄色一级片| 欧美黄色淫秽网站| 日韩欧美 国产精品| 超碰av人人做人人爽久久 | 精品人妻1区二区| 母亲3免费完整高清在线观看| 一级毛片女人18水好多| 久久国产乱子伦精品免费另类| 午夜亚洲福利在线播放| 国内精品久久久久精免费| 国产精品影院久久| 亚洲五月婷婷丁香| 欧美+日韩+精品| 色综合亚洲欧美另类图片| 校园春色视频在线观看| 成人国产一区最新在线观看| 国产成人影院久久av| 在线国产一区二区在线| 美女黄网站色视频| 在线免费观看不下载黄p国产 | 亚洲午夜理论影院| 亚洲国产欧洲综合997久久,| 亚洲精品乱码久久久v下载方式 | 一本精品99久久精品77| 久久人人精品亚洲av| 嫁个100分男人电影在线观看| netflix在线观看网站| 色综合亚洲欧美另类图片| 少妇人妻精品综合一区二区 | 男人舔奶头视频| 天天躁日日操中文字幕| 好看av亚洲va欧美ⅴa在| www.色视频.com| 非洲黑人性xxxx精品又粗又长| 岛国在线观看网站| 久久香蕉国产精品| 蜜桃久久精品国产亚洲av| 悠悠久久av| 欧美成人性av电影在线观看| 麻豆一二三区av精品| 午夜福利欧美成人| 在线观看免费午夜福利视频| 成人国产综合亚洲| 叶爱在线成人免费视频播放| 欧美大码av| 亚洲自拍偷在线| 色精品久久人妻99蜜桃| 亚洲欧美日韩东京热| 99在线人妻在线中文字幕| 成人亚洲精品av一区二区| 久久久久久人人人人人| www.www免费av| 亚洲成av人片在线播放无| 精品国产美女av久久久久小说| 两人在一起打扑克的视频| 亚洲中文字幕日韩| 日本 欧美在线| 国产亚洲精品av在线| 精品乱码久久久久久99久播| 日韩欧美在线二视频| 大型黄色视频在线免费观看| 中国美女看黄片| 国产午夜精品论理片| 亚洲国产欧洲综合997久久,| 天堂影院成人在线观看| 亚洲成人精品中文字幕电影| 国产成人aa在线观看| 手机成人av网站| 久久久久久大精品| 看免费av毛片| 久久久久久久久久黄片| 国产精品久久久久久久久免 | av国产免费在线观看| 别揉我奶头~嗯~啊~动态视频| 白带黄色成豆腐渣| 亚洲七黄色美女视频| 啦啦啦韩国在线观看视频| 久久精品国产亚洲av香蕉五月| 国产日本99.免费观看| 成年女人看的毛片在线观看| 69人妻影院| 可以在线观看毛片的网站| 丰满的人妻完整版| 亚洲av电影不卡..在线观看| 村上凉子中文字幕在线| 欧美日韩福利视频一区二区| 动漫黄色视频在线观看| 中国美女看黄片| 国产精品99久久久久久久久| 久久久精品欧美日韩精品| 国产色婷婷99| 一进一出好大好爽视频| 亚洲精品乱码久久久v下载方式 | 精品国内亚洲2022精品成人| 色吧在线观看| 精品久久久久久久久久久久久| 国产真实伦视频高清在线观看 | 桃红色精品国产亚洲av| 内射极品少妇av片p| 国产一区二区在线av高清观看| 尤物成人国产欧美一区二区三区| avwww免费| 国产亚洲欧美98| 日韩欧美 国产精品| 在线观看午夜福利视频| 亚洲av二区三区四区| 香蕉丝袜av| 真人做人爱边吃奶动态| 有码 亚洲区| 欧美大码av| 最新中文字幕久久久久| 欧美成人免费av一区二区三区| 97碰自拍视频| 热99re8久久精品国产| 国产一级毛片七仙女欲春2| 国产精品 国内视频| 欧美日韩国产亚洲二区| 黄色视频,在线免费观看| 欧美一级a爱片免费观看看| 热99在线观看视频| 法律面前人人平等表现在哪些方面| 色在线成人网| 首页视频小说图片口味搜索| 色在线成人网| 成人鲁丝片一二三区免费| 亚洲精品亚洲一区二区| 国产成人aa在线观看| 国产99白浆流出| 欧美成人一区二区免费高清观看| h日本视频在线播放| 香蕉丝袜av| 午夜日韩欧美国产| 国产一区二区亚洲精品在线观看| 99精品在免费线老司机午夜| 亚洲熟妇熟女久久| 国产色婷婷99| 哪里可以看免费的av片| 中文字幕人妻熟人妻熟丝袜美 | 99精品在免费线老司机午夜| 哪里可以看免费的av片| 免费在线观看日本一区| 波多野结衣高清作品| 最新美女视频免费是黄的| 一a级毛片在线观看| av片东京热男人的天堂| 亚洲真实伦在线观看| 成人性生交大片免费视频hd| 国产高潮美女av| 久久九九热精品免费| 女同久久另类99精品国产91| 久久精品91无色码中文字幕| 国产精品1区2区在线观看.| 亚洲aⅴ乱码一区二区在线播放| 欧美日韩国产亚洲二区| 欧美日韩乱码在线| a级一级毛片免费在线观看| 色综合亚洲欧美另类图片| 国产精品美女特级片免费视频播放器| 亚洲成av人片在线播放无| 丰满的人妻完整版| 久久久久精品国产欧美久久久| 村上凉子中文字幕在线| 女人被狂操c到高潮| 人人妻人人澡欧美一区二区| 国产视频内射| 国产野战对白在线观看| 免费看日本二区| 亚洲自拍偷在线| 桃色一区二区三区在线观看| 日韩成人在线观看一区二区三区| 欧美丝袜亚洲另类 | 国产视频一区二区在线看| 少妇裸体淫交视频免费看高清| 国产精品野战在线观看| 亚洲熟妇熟女久久| 怎么达到女性高潮| 亚洲精品色激情综合| 日本三级黄在线观看| 最好的美女福利视频网| 久久久久性生活片| 在线观看av片永久免费下载| 一进一出抽搐动态| 精品电影一区二区在线| 一级黄片播放器| 精品电影一区二区在线| 成人av在线播放网站| 网址你懂的国产日韩在线| 中文字幕熟女人妻在线| 看片在线看免费视频| 久久精品夜夜夜夜夜久久蜜豆| 国产精品嫩草影院av在线观看 | 欧美一区二区亚洲| 亚洲国产日韩欧美精品在线观看 | 精品久久久久久久久久久久久| av国产免费在线观看| av片东京热男人的天堂| 女人高潮潮喷娇喘18禁视频| 国内精品久久久久久久电影| 国内精品美女久久久久久| 国产精华一区二区三区| 免费av不卡在线播放| 亚洲av第一区精品v没综合| 国产熟女xx| 久久精品国产综合久久久| 国产高清激情床上av| 黄色片一级片一级黄色片| 身体一侧抽搐| 久久久色成人| 12—13女人毛片做爰片一| 一边摸一边抽搐一进一小说| 国产亚洲精品久久久久久毛片| 一个人观看的视频www高清免费观看| 亚洲一区二区三区不卡视频| 少妇丰满av| 亚洲人与动物交配视频| 国产99白浆流出| 国产高清有码在线观看视频| 成人高潮视频无遮挡免费网站| 舔av片在线| 国产亚洲精品av在线| 天天添夜夜摸| 欧美高清成人免费视频www| 露出奶头的视频| 免费人成在线观看视频色| 国产av不卡久久| 亚洲人成网站高清观看| 床上黄色一级片| 亚洲av成人精品一区久久| 亚洲av美国av| 日韩大尺度精品在线看网址| 国产欧美日韩一区二区三| 日本在线视频免费播放| 久久婷婷人人爽人人干人人爱| 婷婷丁香在线五月| 婷婷六月久久综合丁香| 91麻豆av在线| 久久精品夜夜夜夜夜久久蜜豆| 成人亚洲精品av一区二区| av国产免费在线观看| 中出人妻视频一区二区| 18禁黄网站禁片免费观看直播| 在线免费观看不下载黄p国产 | 国产精品98久久久久久宅男小说| 免费观看的影片在线观看| 国产免费一级a男人的天堂| 在线观看日韩欧美| 亚洲乱码一区二区免费版| 色综合欧美亚洲国产小说| 在线观看一区二区三区| 最新美女视频免费是黄的| 一二三四社区在线视频社区8| 免费人成在线观看视频色| 成人特级av手机在线观看| 免费av观看视频| 观看美女的网站| 又黄又爽又免费观看的视频| 高清毛片免费观看视频网站| 91久久精品电影网| 国产视频内射| 国产主播在线观看一区二区| 欧美一级a爱片免费观看看| 色综合站精品国产| 亚洲最大成人中文| 高清毛片免费观看视频网站| 好男人电影高清在线观看| 最新在线观看一区二区三区| 午夜a级毛片| 男女那种视频在线观看| 久久精品综合一区二区三区| 免费看光身美女| 精品久久久久久久末码| 成人av一区二区三区在线看| 最新在线观看一区二区三区| 国产蜜桃级精品一区二区三区| 精品一区二区三区av网在线观看| 国产一区二区三区在线臀色熟女| 亚洲成人久久爱视频| 在线a可以看的网站| 免费观看的影片在线观看| 在线观看av片永久免费下载| 狂野欧美激情性xxxx| 亚洲美女视频黄频| 日韩大尺度精品在线看网址| 国产精品精品国产色婷婷| 又黄又爽又免费观看的视频| 毛片女人毛片| 亚洲精品一区av在线观看| 欧美一级毛片孕妇| 亚洲,欧美精品.| 日本一本二区三区精品| 舔av片在线| 激情在线观看视频在线高清| 男人和女人高潮做爰伦理| 婷婷精品国产亚洲av在线| 99久国产av精品| 一进一出好大好爽视频| 真人做人爱边吃奶动态| 久久6这里有精品| 夜夜看夜夜爽夜夜摸| 可以在线观看的亚洲视频| 国产午夜精品久久久久久一区二区三区 | 成年女人毛片免费观看观看9| 一区福利在线观看| 免费观看精品视频网站| 天美传媒精品一区二区| 国产精品久久久久久久电影 | 欧美在线黄色| 国产成人av激情在线播放| 国产精品自产拍在线观看55亚洲| 欧美不卡视频在线免费观看| 99在线视频只有这里精品首页| 国产av在哪里看| svipshipincom国产片| 亚洲av成人av| 欧美日韩国产亚洲二区| 99riav亚洲国产免费| 一进一出抽搐gif免费好疼| 亚洲成a人片在线一区二区| 国产主播在线观看一区二区| 窝窝影院91人妻| 51午夜福利影视在线观看| 中文亚洲av片在线观看爽| 三级毛片av免费| 最新中文字幕久久久久| 窝窝影院91人妻| 亚洲欧美一区二区三区黑人| 亚洲国产高清在线一区二区三| 99热6这里只有精品| 一区福利在线观看| 国产av麻豆久久久久久久| 男女之事视频高清在线观看| 夜夜看夜夜爽夜夜摸| 在线看三级毛片| 国产蜜桃级精品一区二区三区| 丁香六月欧美| 免费搜索国产男女视频| 我的老师免费观看完整版| e午夜精品久久久久久久| 日韩欧美一区二区三区在线观看| 99久久精品一区二区三区| а√天堂www在线а√下载| 午夜福利在线观看免费完整高清在 | 亚洲久久久久久中文字幕| 日本精品一区二区三区蜜桃| 亚洲无线观看免费| 国产欧美日韩一区二区精品| 美女大奶头视频| 精品久久久久久久久久免费视频| 欧美性感艳星| 在线a可以看的网站| 中文字幕精品亚洲无线码一区| 国产一区二区在线观看日韩 | 香蕉av资源在线| 亚洲中文日韩欧美视频| 久久精品91无色码中文字幕| 欧美又色又爽又黄视频| 亚洲第一电影网av| 欧美性猛交黑人性爽| 婷婷精品国产亚洲av| 国产美女午夜福利| 久久99热这里只有精品18| 亚洲中文日韩欧美视频| 成人无遮挡网站| av天堂在线播放| 国产av一区在线观看免费| 欧美性猛交黑人性爽| 亚洲精品一卡2卡三卡4卡5卡| 51国产日韩欧美| 久久婷婷人人爽人人干人人爱| 成人精品一区二区免费| 国产精品 国内视频| 国产三级中文精品| 中文字幕人妻熟人妻熟丝袜美 | 国产精品亚洲一级av第二区| e午夜精品久久久久久久| 黄片小视频在线播放| 欧美乱色亚洲激情| 国产精品嫩草影院av在线观看 | 国产黄片美女视频| 非洲黑人性xxxx精品又粗又长| 他把我摸到了高潮在线观看| 91九色精品人成在线观看| 国产精华一区二区三区| 亚洲成人中文字幕在线播放| 99热精品在线国产| 老鸭窝网址在线观看| 亚洲专区中文字幕在线| 久久久久精品国产欧美久久久| 乱人视频在线观看| 精品一区二区三区视频在线观看免费| 亚洲精品456在线播放app | 18禁国产床啪视频网站| 午夜精品一区二区三区免费看| 女生性感内裤真人,穿戴方法视频| h日本视频在线播放| 免费在线观看亚洲国产| 久久久久久久久久黄片| 成人高潮视频无遮挡免费网站| 精品熟女少妇八av免费久了| 无遮挡黄片免费观看| 高清在线国产一区| 麻豆国产97在线/欧美| 在线播放无遮挡| 69av精品久久久久久| 动漫黄色视频在线观看| 国产主播在线观看一区二区| 欧美另类亚洲清纯唯美| 99热只有精品国产| 99久久99久久久精品蜜桃| 在线免费观看的www视频| 国产激情偷乱视频一区二区| 嫩草影院精品99| 天堂av国产一区二区熟女人妻| 舔av片在线| 色老头精品视频在线观看| 岛国在线免费视频观看| 国产精品国产高清国产av| 国产精品久久视频播放| 国产极品精品免费视频能看的| 女警被强在线播放| 18禁黄网站禁片免费观看直播| 中文字幕人妻熟人妻熟丝袜美 | www国产在线视频色| 久久99热这里只有精品18| 人妻丰满熟妇av一区二区三区| 久久久国产精品麻豆| 天天一区二区日本电影三级| 久久精品91无色码中文字幕| 免费在线观看影片大全网站| 午夜激情福利司机影院| eeuss影院久久| 国产成人a区在线观看| 欧美性猛交黑人性爽| 成人高潮视频无遮挡免费网站| 桃红色精品国产亚洲av| 亚洲 国产 在线| 首页视频小说图片口味搜索| 国产免费av片在线观看野外av| 窝窝影院91人妻| 亚洲欧美一区二区三区黑人| 国产精品久久久久久久电影 | 午夜影院日韩av| 国产高清videossex| 欧美日韩中文字幕国产精品一区二区三区|