本文選題：流量識別 + 流量控制　； 參考：《山東大學》2014年碩士論文

【摘要】：隨著互聯(lián)網(wǎng)技術(shù)的高速發(fā)展,網(wǎng)絡應用日趨豐富,網(wǎng)絡流量呈現(xiàn)爆炸式增長,流量種類也越來越復雜,隨之而來的是層出不窮的各種網(wǎng)絡問題,例如P2P下載類應用消耗大量帶寬,造成網(wǎng)絡擁塞,影響其他用戶的網(wǎng)絡體驗。這些問題不利于網(wǎng)絡監(jiān)管者提供優(yōu)質(zhì)平等的網(wǎng)絡服務。而能正確地識別辨析出各類網(wǎng)絡流量,并對流量進行有效控制是管理網(wǎng)絡的基礎。對此,本文設計并實現(xiàn)了一種基于特征庫識別的流量監(jiān)控系統(tǒng)。通過該系統(tǒng),網(wǎng)絡監(jiān)管者可以實時監(jiān)測流量,并能根據(jù)需要對網(wǎng)絡流量進行有效的控制。 首先本文研究了當前廣泛使用的四種流量識別技術(shù)。它們分別為：基于端口的流量識別技術(shù)、基于負載特征的流量識別技術(shù)、基于應用層網(wǎng)關(guān)的流量識別技術(shù)以及基于流量統(tǒng)計特征的識別技術(shù)。這四種技術(shù)各有優(yōu)缺點,分別針對某類流量有著較好的識別性能,但是單一使用某種識別技術(shù)已經(jīng)無法滿足精確識別日趨豐富復雜的網(wǎng)絡應用的需求。 因此本文借鑒參考前文所述的四種識別思想,對其綜合利用設計出了一種基于特征庫的流量識別技術(shù)。特征庫是一系列識別規(guī)則的合集,為流量識別提供匹配模板。特征庫流量識別技術(shù)即是指一種依靠特征庫中的規(guī)則來識別流量的技術(shù)。本文以實際應用舉例,分別詳細介紹了特征庫中三種不同類型規(guī)則的設計思路與規(guī)則構(gòu)成：單包規(guī)則、雙通道規(guī)則、統(tǒng)計規(guī)則。隨后詳細描述了特征庫流量識別技術(shù)通過AC算法匹配特征庫規(guī)則,精準識別網(wǎng)絡流量的具體識別流程。 然后本文以特征庫流量識別技術(shù)為核心,設計了一個完整的流量監(jiān)控系統(tǒng)。它包括特征庫流量識別模塊,流量預處理模塊,DB模塊,前臺管理模塊,輸出顯示模塊,流量控制模塊等六大功能單元。用戶可以通過該系統(tǒng)方便地實時查詢流量識別結(jié)果,以及流量統(tǒng)計識別信息,及時掌握網(wǎng)絡運行狀態(tài),并且可以通過下發(fā)策略阻斷或者放行某應用,從而有效地管理控制網(wǎng)絡流量。 最后本文針對不同的實際應用環(huán)境,設計了兩種系統(tǒng)部署方式：直路串聯(lián)部署方式與旁路并聯(lián)部署方式。并且按照直路串聯(lián)部署方式實際部署流量監(jiān)控系統(tǒng)用于測試驗證。測試結(jié)果證明本文設計的基于特征庫識別的流量監(jiān)控系統(tǒng)有著良好的流量識別性能與流量控制性能。
[Abstract]:With the rapid development of Internet technology, network applications are becoming more and more abundant, network traffic is increasing explosively, traffic types are becoming more and more complex, followed by various network problems. For example, P2P download applications consume a lot of bandwidth, causing network congestion and affecting other users' network experience. These problems are not conducive to network regulators to provide quality and equal network services. The basis of network management is to identify and analyze all kinds of network traffic correctly and to control the traffic effectively. Therefore, this paper designs and implements a flow monitoring system based on signature database identification. Through this system, the network supervisor can monitor the traffic in real time and control the network traffic according to the need. Firstly, four widely used traffic identification techniques are studied in this paper. They are: traffic identification technology based on port, traffic identification technology based on load feature, traffic identification technology based on application layer gateway and identification technology based on traffic statistics. Each of the four technologies has its own advantages and disadvantages, and it has better identification performance for certain traffic, but the single use of some identification technology can no longer meet the needs of accurate identification of increasingly complex network applications. Therefore, this paper uses the four recognition ideas mentioned above for reference, and designs a new flow recognition technology based on the feature library for its comprehensive utilization. The feature library is a set of recognition rules that provide matching templates for traffic identification. The characteristic database flow identification technology is a kind of technology which relies on the rules in the signature bank to identify the flow. This paper introduces in detail the design ideas and rules constitution of three different types of rules in the feature library: single package rule, double channel rule and statistical rule. Then it describes in detail the specific identification flow of network traffic recognition using AC algorithm to match the feature library rules. Then, a complete flow monitoring system is designed based on the characteristic database flow identification technology. It includes six functional units, such as characteristic database flow identification module, traffic preprocessing module, foreground management module, output display module, flow control module, and so on. Through the system, users can conveniently query the result of traffic identification in real time, as well as traffic statistics identification information, grasp the running state of the network in time, and can block or release an application by sending down policies. In order to effectively manage and control the network flow. Finally, this paper designs two kinds of system deployment modes: direct series deployment and bypass parallel deployment. And the actual deployment of the flow monitoring system is used for testing and verification according to the direct series deployment mode. The test results show that the flow monitoring system designed in this paper has good traffic identification performance and flow control performance.
【學位授予單位】：山東大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.06

【參考文獻】

相關(guān)期刊論文 前7條

1 張衛(wèi)東,王偉,韓維桓;網(wǎng)絡流量測量與監(jiān)控系統(tǒng)的設計與實現(xiàn)[J];計算機工程與應用;2005年32期

2 陳亮;龔儉;徐選;;應用層協(xié)議識別算法綜述[J];計算機科學;2007年07期

3 瞿裕忠,張劍鋒,陳崢,王叢剛;XML語言及相關(guān)技術(shù)綜述[J];計算機工程;2000年12期

4 陶卿;姚穗;范勁松;方廷健;;一種新的機器學習算法:Support Vector Machines[J];模式識別與人工智能;2000年03期

5 蘇金樹;張博鋒;徐昕;;基于機器學習的文本分類技術(shù)研究進展[J];軟件學報;2006年09期

6 陳平;郭蘭珂;方俊湘;;微信業(yè)務的識別方法研究[J];移動通信;2013年18期

7 ;2012年第2屆IEEE云計算與智能系統(tǒng)國際會議[J];智能系統(tǒng)學報;2012年02期

，

本文編號：1843282