本文選題：流量識(shí)別 + 流量控制��； 參考：《山東大學(xué)》2014年碩士論文

【摘要】：隨著互聯(lián)網(wǎng)技術(shù)的高速發(fā)展,網(wǎng)絡(luò)應(yīng)用日趨豐富,網(wǎng)絡(luò)流量呈現(xiàn)爆炸式增長(zhǎng),流量種類也越來(lái)越復(fù)雜,隨之而來(lái)的是層出不窮的各種網(wǎng)絡(luò)問(wèn)題,例如P2P下載類應(yīng)用消耗大量帶寬,造成網(wǎng)絡(luò)擁塞,影響其他用戶的網(wǎng)絡(luò)體驗(yàn)。這些問(wèn)題不利于網(wǎng)絡(luò)監(jiān)管者提供優(yōu)質(zhì)平等的網(wǎng)絡(luò)服務(wù)。而能正確地識(shí)別辨析出各類網(wǎng)絡(luò)流量,并對(duì)流量進(jìn)行有效控制是管理網(wǎng)絡(luò)的基礎(chǔ)。對(duì)此,本文設(shè)計(jì)并實(shí)現(xiàn)了一種基于特征庫(kù)識(shí)別的流量監(jiān)控系統(tǒng)。通過(guò)該系統(tǒng),網(wǎng)絡(luò)監(jiān)管者可以實(shí)時(shí)監(jiān)測(cè)流量,并能根據(jù)需要對(duì)網(wǎng)絡(luò)流量進(jìn)行有效的控制。 首先本文研究了當(dāng)前廣泛使用的四種流量識(shí)別技術(shù)。它們分別為：基于端口的流量識(shí)別技術(shù)、基于負(fù)載特征的流量識(shí)別技術(shù)、基于應(yīng)用層網(wǎng)關(guān)的流量識(shí)別技術(shù)以及基于流量統(tǒng)計(jì)特征的識(shí)別技術(shù)。這四種技術(shù)各有優(yōu)缺點(diǎn),分別針對(duì)某類流量有著較好的識(shí)別性能,但是單一使用某種識(shí)別技術(shù)已經(jīng)無(wú)法滿足精確識(shí)別日趨豐富復(fù)雜的網(wǎng)絡(luò)應(yīng)用的需求。 因此本文借鑒參考前文所述的四種識(shí)別思想,對(duì)其綜合利用設(shè)計(jì)出了一種基于特征庫(kù)的流量識(shí)別技術(shù)。特征庫(kù)是一系列識(shí)別規(guī)則的合集,為流量識(shí)別提供匹配模板。特征庫(kù)流量識(shí)別技術(shù)即是指一種依靠特征庫(kù)中的規(guī)則來(lái)識(shí)別流量的技術(shù)。本文以實(shí)際應(yīng)用舉例,分別詳細(xì)介紹了特征庫(kù)中三種不同類型規(guī)則的設(shè)計(jì)思路與規(guī)則構(gòu)成：?jiǎn)伟?guī)則、雙通道規(guī)則、統(tǒng)計(jì)規(guī)則。隨后詳細(xì)描述了特征庫(kù)流量識(shí)別技術(shù)通過(guò)AC算法匹配特征庫(kù)規(guī)則,精準(zhǔn)識(shí)別網(wǎng)絡(luò)流量的具體識(shí)別流程。 然后本文以特征庫(kù)流量識(shí)別技術(shù)為核心,設(shè)計(jì)了一個(gè)完整的流量監(jiān)控系統(tǒng)。它包括特征庫(kù)流量識(shí)別模塊,流量預(yù)處理模塊,DB模塊,前臺(tái)管理模塊,輸出顯示模塊,流量控制模塊等六大功能單元。用戶可以通過(guò)該系統(tǒng)方便地實(shí)時(shí)查詢流量識(shí)別結(jié)果,以及流量統(tǒng)計(jì)識(shí)別信息,及時(shí)掌握網(wǎng)絡(luò)運(yùn)行狀態(tài),并且可以通過(guò)下發(fā)策略阻斷或者放行某應(yīng)用,從而有效地管理控制網(wǎng)絡(luò)流量。 最后本文針對(duì)不同的實(shí)際應(yīng)用環(huán)境,設(shè)計(jì)了兩種系統(tǒng)部署方式：直路串聯(lián)部署方式與旁路并聯(lián)部署方式。并且按照直路串聯(lián)部署方式實(shí)際部署流量監(jiān)控系統(tǒng)用于測(cè)試驗(yàn)證。測(cè)試結(jié)果證明本文設(shè)計(jì)的基于特征庫(kù)識(shí)別的流量監(jiān)控系統(tǒng)有著良好的流量識(shí)別性能與流量控制性能。
[Abstract]:With the rapid development of Internet technology, network applications are becoming more and more abundant, network traffic is increasing explosively, traffic types are becoming more and more complex, followed by various network problems. For example, P2P download applications consume a lot of bandwidth, causing network congestion and affecting other users' network experience. These problems are not conducive to network regulators to provide quality and equal network services. The basis of network management is to identify and analyze all kinds of network traffic correctly and to control the traffic effectively. Therefore, this paper designs and implements a flow monitoring system based on signature database identification. Through this system, the network supervisor can monitor the traffic in real time and control the network traffic according to the need. Firstly, four widely used traffic identification techniques are studied in this paper. They are: traffic identification technology based on port, traffic identification technology based on load feature, traffic identification technology based on application layer gateway and identification technology based on traffic statistics. Each of the four technologies has its own advantages and disadvantages, and it has better identification performance for certain traffic, but the single use of some identification technology can no longer meet the needs of accurate identification of increasingly complex network applications. Therefore, this paper uses the four recognition ideas mentioned above for reference, and designs a new flow recognition technology based on the feature library for its comprehensive utilization. The feature library is a set of recognition rules that provide matching templates for traffic identification. The characteristic database flow identification technology is a kind of technology which relies on the rules in the signature bank to identify the flow. This paper introduces in detail the design ideas and rules constitution of three different types of rules in the feature library: single package rule, double channel rule and statistical rule. Then it describes in detail the specific identification flow of network traffic recognition using AC algorithm to match the feature library rules. Then, a complete flow monitoring system is designed based on the characteristic database flow identification technology. It includes six functional units, such as characteristic database flow identification module, traffic preprocessing module, foreground management module, output display module, flow control module, and so on. Through the system, users can conveniently query the result of traffic identification in real time, as well as traffic statistics identification information, grasp the running state of the network in time, and can block or release an application by sending down policies. In order to effectively manage and control the network flow. Finally, this paper designs two kinds of system deployment modes: direct series deployment and bypass parallel deployment. And the actual deployment of the flow monitoring system is used for testing and verification according to the direct series deployment mode. The test results show that the flow monitoring system designed in this paper has good traffic identification performance and flow control performance.
【學(xué)位授予單位】：山東大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.06

【參考文獻(xiàn)】

相關(guān)期刊論文 前7條

1 張衛(wèi)東,王偉,韓維桓;網(wǎng)絡(luò)流量測(cè)量與監(jiān)控系統(tǒng)的設(shè)計(jì)與實(shí)現(xiàn)[J];計(jì)算機(jī)工程與應(yīng)用;2005年32期

2 陳亮;龔儉;徐選;;應(yīng)用層協(xié)議識(shí)別算法綜述[J];計(jì)算機(jī)科學(xué);2007年07期

3 瞿裕忠,張劍鋒,陳崢,王叢剛;XML語(yǔ)言及相關(guān)技術(shù)綜述[J];計(jì)算機(jī)工程;2000年12期

4 陶卿;姚穗;范勁松;方廷健;;一種新的機(jī)器學(xué)習(xí)算法:Support Vector Machines[J];模式識(shí)別與人工智能;2000年03期

5 蘇金樹(shù);張博鋒;徐昕;;基于機(jī)器學(xué)習(xí)的文本分類技術(shù)研究進(jìn)展[J];軟件學(xué)報(bào);2006年09期

6 陳平;郭蘭珂;方俊湘;;微信業(yè)務(wù)的識(shí)別方法研究[J];移動(dòng)通信;2013年18期

7 ;2012年第2屆IEEE云計(jì)算與智能系統(tǒng)國(guó)際會(huì)議[J];智能系統(tǒng)學(xué)報(bào);2012年02期

，

本文編號(hào)：1843282