發(fā)布時間：2018-05-29 23:15

  本文選題：WinPcap + 高速文件分片存儲��； 參考：《華中師范大學》2015年碩士論文

【摘要】：當今互聯(lián)網(wǎng)技術發(fā)展迅猛,與商業(yè)交互日益頻繁,越來越多的經(jīng)濟活動轉(zhuǎn)移到了線上。網(wǎng)絡已經(jīng)滲透到我們生活的方方面面：我們用網(wǎng)絡進行通信、搜索、購物；我們的生活已經(jīng)離不開網(wǎng)絡。在工業(yè)生產(chǎn)過程中可以通過網(wǎng)絡監(jiān)視手段,檢測網(wǎng)絡中的設備及工業(yè)生產(chǎn)中各個環(huán)節(jié)的運行狀態(tài),全面掌握并管理追蹤所有生產(chǎn)過程和細節(jié)。網(wǎng)絡數(shù)據(jù)包的抓取和解析已成為分析管理網(wǎng)絡及監(jiān)視網(wǎng)絡設備的重要工具。本文針對特殊的工業(yè)應用網(wǎng)絡環(huán)境,利用WinPcap編程接口在Windows平臺下實現(xiàn)一個基本網(wǎng)絡監(jiān)聽捕獲軟件,包括網(wǎng)絡數(shù)據(jù)包捕獲、抓包文件存儲、網(wǎng)絡協(xié)議過濾、協(xié)議解析、數(shù)據(jù)查詢、流量統(tǒng)計分析等基本網(wǎng)絡抓包分析功能。為了滿足特殊工業(yè)網(wǎng)絡環(huán)境的工作特性,解決網(wǎng)絡中瞬時大量數(shù)據(jù)的捕獲、長時抓包工作的容量和健壯性要求,以及要求網(wǎng)絡抓包軟件不能丟包的高可靠性問題,本文從以下幾個方面展開了特色研究：(1)為了無丟失地捕獲網(wǎng)絡中突發(fā)的大數(shù)據(jù)量傳輸時的所有數(shù)據(jù)包,本文在建立了特殊工業(yè)網(wǎng)絡應用環(huán)境的網(wǎng)絡數(shù)據(jù)傳輸變化模型的基礎上,針對最大的瞬時數(shù)據(jù)量,利用Endace DAG(?) 9.2x2網(wǎng)絡監(jiān)視采集卡支持大于1Gbps的局域網(wǎng)數(shù)據(jù)捕獲。(2)為了解決在極大網(wǎng)絡數(shù)據(jù)包存儲速度大于硬盤讀寫速度的問題,利用網(wǎng)絡長時平均傳輸數(shù)據(jù)量不高的特點,通過對緩沖區(qū)的動態(tài)管理機制,保障數(shù)據(jù)包的無丟失存儲；為解決長時工作中存儲數(shù)據(jù)總量巨大的問題,并方便抓包數(shù)據(jù)的快速處理和分析調(diào)用,本文提出了分片文件管理存儲機制,數(shù)據(jù)包捕獲文件能夠自動分文件存儲或按用戶設置的文件大小分別存儲。(3)工業(yè)網(wǎng)絡中不同設備的數(shù)據(jù)依靠應用層數(shù)據(jù)類型區(qū)分,不同類型的數(shù)據(jù)解析過程、語義、語法各不相同。利用網(wǎng)絡協(xié)議過濾和XML可擴展標記語言對設備自定義數(shù)據(jù)進行解析和預處理,通過數(shù)據(jù)類型標識靈活調(diào)用不同的處理流程,并將預處理結(jié)果轉(zhuǎn)錄入數(shù)據(jù)庫中,便于后續(xù)處理和挖掘。本文還對嗅探程序的工作原理、SQL數(shù)據(jù)庫語言、MFC的消息處理機制及計算資源管理和文件管理進行了討論和研究。通過對軟件使用的網(wǎng)絡環(huán)境進行特殊需求方分析,建立網(wǎng)絡抓包應用的模型,根據(jù)需求功能對軟件進行模塊化的設計,著重對具體的實現(xiàn)方法和滿足高性能的特殊改進手段進行了敘述。文章最后對所設計的網(wǎng)絡監(jiān)聽程序進行了實例測試和分析討論,結(jié)果表明本系統(tǒng)滿足各項功能需求及性能要求。
[Abstract]:With the rapid development of Internet technology and the increasingly frequent interaction with business, more and more economic activities have been transferred to the line. The network has penetrated into all aspects of our life: we use the network for communication, search, shopping; our life has been inseparable from the network. In the process of industrial production, the equipment in the network and the running status of each link in the industrial production can be detected by means of network monitoring, and all production processes and details can be comprehensively grasped and managed and tracked. The capture and resolution of network packets has become an important tool for analyzing, managing and monitoring network devices. Aiming at the special industrial application network environment, using WinPcap programming interface to realize a basic network monitor and capture software under Windows platform, including network packet capture, capture packet file storage, network protocol filtering, protocol analysis, data query, etc. Traffic statistics analysis and other basic network packet analysis function. In order to meet the working characteristics of the special industrial network environment, solve the problems of capturing a large amount of instantaneous data in the network, the capacity and robustness of the long time packet grasping work, and the high reliability problem of requiring the network packet catching software not to lose the packet. In order to capture all the data packets of burst data transmission in the network without loss, this paper establishes the network data transmission variation model of the special industrial network application environment, in order to capture all the data packets in the burst mass data transmission in the network without loss, based on the following several aspects, this paper establishes the change model of the network data transmission in the special industrial network application environment. In order to solve the problem that the storage speed of data packet is faster than that of hard disk, the data capture of LAN larger than 1Gbps is supported by Endace DAGU) 9.2x2 network monitor and data acquisition card in order to solve the problem that the storage speed of data packet is faster than that of hard disk in order to solve the problem. In order to solve the problem of the huge amount of data stored in long working time, we can make use of the feature that the average data quantity is not high in long time, and guarantee the data packet storage without loss through the dynamic management mechanism of buffer. And it is convenient to quickly process and analyze the packet data. In this paper, a file management and storage mechanism is proposed. Packet capture files can be automatically stored in files or stored separately according to the file size set by the user.) the data of different devices in the industrial network can be distinguished by application layer data types, different types of data parsing processes, semantics, The grammar is different. The network protocol filtering and XML extensible markup language are used to parse and preprocess the self-defined data of the device, and the different processing processes are flexibly called through the data type identification, and the preprocessing results are transferred to the database. Easy to follow up processing and mining. This paper also discusses and studies the working principle of sniffer program and the message processing mechanism, computing resource management and file management of SQL Database language (MFC). Through the analysis of the special demand side of the network environment used by the software, the model of the network packet capture application is established, and the modularized design of the software is carried out according to the requirement function. The specific implementation method and special improvement method to meet the high performance are described. At the end of this paper, the network monitor program is tested and analyzed. The results show that the system can meet the requirements of function and performance.
【學位授予單位】：華中師范大學
【學位級別】：碩士
【學位授予年份】：2015
【分類號】：TP393.08

【參考文獻】

相關期刊論文 前3條

1 袁野;;MFC應用程序多線程混合顯示界面方法研究[J];電腦知識與技術;2014年32期

2 夏明忠;夏以軒;李兵元;;軟件模塊化設計和模塊化管理[J];中國信息界;2012年11期

3 王剛;;計算機網(wǎng)絡存儲技術[J];計算機系統(tǒng)應用;2015年01期

相關博士學位論文 前1條

1 金晶;并行計算普適編程模型及系統(tǒng)架構研究[D];北京郵電大學;2012年

相關碩士學位論文 前5條

1 李旭鵬;基于PCI總線的高速采集系統(tǒng)的研究與設計[D];西安電子科技大學;2011年

2 李祥;基于Web的網(wǎng)絡文件管理系統(tǒng)的研究與實現(xiàn)[D];蘭州大學;2010年

3 熊堯;多功能高速采集卡的設計與實現(xiàn)[D];西安電子科技大學;2013年

4 陳潔瑜;基于云平臺的文件管理系統(tǒng)的設計與測試研究[D];廈門大學;2014年

5 郭凱;基于WinPcap的數(shù)據(jù)包捕獲系統(tǒng)的設計與實現(xiàn)[D];西安電子科技大學;2013年

，

本文編號：1952844