Network Security Audit System In Data Capture And Protocol Analysis Technology

With the rapid development of IT technology at present, the popularity of informatization in all walks of life is on the rise. People become more dependent on network. In the meantime, the information security problems are becoming more and more rigorous. All kinds of attack emerge in endlessly. Every year the loss resulting from cyber attack is rather serious, which not only impact the development of social economy, but also poses grave threat to the defense security.According to the survey, nearly 65% of the attack comes from the inside network. This kind of threat features high adaptability and great aggressiveness and easy to cause severe damage. Because the insiders are very familiar with the network deployment and have certain limits of authority. Attackers could avoid relevant network security equipments, therefore the traditional network security equipments prevent little from the attack from the insiders. Therefore, to develop the audit tools aiming at private network security, regulating the surf behavior of the insiders, monitoring the network information in real time, and preventing all kinds of illegal acts, secrect disclosure and attacks, has become an important mission in all walks of life. Network Security Audit System is a private network security system, specializing in private network protection, monitoring the information in network and carrying out the audit analysis.In order to monitor network effectively, people have to obtain all the network information that flows through the switchboard and analyze it and judge it. At present, the bandwidth of Ethernet has reached 1000Mbit/s. The sharp rise of network flow, the data capture and protocol analysis in the big flow environment have become the main technological bottleneck of the Network Security Audit System. Based on such background, the author in this thesis proposes an improved dynamic load balancing algorithm, so as to dynamically shunt network data to several host computers, thus achieve the instantaneity and high efficency of the Network Security Audit System, so as to reduce the high demand for hardware permance lower the cost of hardware and realize the conversation representation and protocol analysis of the data.In the end, this thesis verifies the dynamic load balancing algorithm and protocol analysis through setting up the experiment environment. The test results demonstrate that the dynamic load balancing algorithm could achieve the dynamic shunt of data packet effectively and avoid the problem of lossing the packet in the processing period.