| In recent years, in order to satisfy people’s growing demands, the range andapplications of Internet technologies are more diverse, complex and intelligent. TheInternet has been widely applied and developed in all kinds of fields, greatly promotedthe infrastructure construction, accelerated the integration of network technology andother technical fields, broaden the application fields of the information technology,improved the level of informatization, led the development trend of computertechnology. When we are enjoying the convenience of the network, the networkconstruction scale is assuming the geometry numerical expression swift growth, thecomplexity of network connection is increased largely, especially a large number ofheterogeneous networks make the network interconnection cost more and more higher.Requirements about the network function, cost, performance and various value-addedservices already cannot meet users’ need, so it is important to develop an efficient,convenient and universal analysis platform for solving network traffic problems andrealize real-time monitoring, alarm, adjustment and maintenance. The main purpose ofall of these is to guarantee the stable operation of the network, create a goodatmosphere for network development and to provide users with satisfactory services.This thesis designs and implements a network traffic analysis system based on theexisting network traffic monitoring system and network security system. Firstly,generalized the status, basic theories and common technologies of network security,studied the popular Network Traffic Analysis Systems based on the realizationmechanism, technology and characteristics for network traffic capture, analysis andclassification.Secondly, elaborated the logical structure, functions and operational principles ofWinpcap intrinsic functions. And also described the programming methods forWinpcap to capture and analysis the network traffic. Applied these functions to realizethe capturing, analyzing, filtering and hierarchical processing of network traffic.Finally, using Winpcap technology achieved network traffic monitoring, datapackets analysis, levels of system’s design, network traffic analysis, and protocolidentification technology. This thesis designed the system in forms of hierarchical,achieving some of the main protocols identification, and analyzing application layer protocols of P2P protocol based on characteristics of the data in-depth; characteristicanomaly detection technology based on the current existing characteristics of wormtraffic to monitor abnormal network traffic; System combined with real-time curve,histogram, text display technology can ensure multi-outputs.Because Winpcap is an open source libraries, so use it to capture and analyze thenetwork traffic is still the research focus. Along with the network flow type increasing,the research on Winpcap application system will provide much more solutions toadapt and improve the network security problems. |
PDF Full Text Request