Research And Development Of Real-Time Network Traffic Monitoring System

With the rapid development of the Broadband Internet, the network architecture and the network environment are becoming increasingly complicated, the web service is becoming more and more abundant, and the network traffic is increasing rapidly. So that ISP needs to use effective network traffic monitoring system to get the timely and exact analysis results about traffic information. The ISP want to explore the network resource potential, control the interconnection cost, and provide basis for network optimization and developing business.Then they can use these analysis results to achieve their purpose. By analyzing real-time network traffic, we can detect the abnormal flow in time and obtain the specific information about abnormal flow.Firstly the thesis studies the real-time alarm algorithm, which is based on traffic monitoring technology. Then deeply studies the design and development of network traffic monitoring system. Put forward a design method for network traffic monitoring system, which is based on network traffic analysis. Give out the detailed system design and implementation of every subsystem.The Algorithm of Active Monitoring Real-time Alarm is composed of the 3 steps as mentioned above which are the baseline algorithm, the tolerance line algorithm, and the alarm generation mechanism. This article mainly studies baseline algorithm. Baseline Algorithm consists of both static baseline and dynamic baseline. Static baseline is also named threshold baseline and dynamic is also named trend baseline.For Performance Index which fluctuating slightly, we can use the static baseline algorithm to set a constant threshold in 24 hours. Otherwise, if those indexes fluctuate heavily in different time segment, we must use dynamic baseline. Network traffic monitoring system consists of four modules which are hardware module (traffic collector), software module (central analysis server), database and view module (traffic analysis terminal.). In the real environment, the traffic collector is always deploying between access layer and convergence layer through the way of light-splitting.Now the system can monitor the traffic of different network services, different network users and different network devices. Using this system, we can give the static and analysis result to users in the form of dynamic website.