Researches On Net Abnormal Monitoring System Based On Linux Kernel

With the faster development of network technology, various sevices is supplied for users. Quality and effectiveness of services is gradually becoming the focus of attention.It has become an urgent problem that how to quickly check the state of servers and notify users timely.For the sake of solving this problem, this article implement the network abnormal monitoring system based on Linux kernel.The reason for selecting Linux operation is that it has many merits such as excellent network property, strong scalability and protability.The study on network monitoring now mainly aims at the attacks from the external network such as viruses.Only a few people study the running state of servers in the network.As for the monitoring about state of servers, it is just implemented with the servers one-dimensional monitoring.The article analyses the research on situation of network monitoring and the deficiency of network monitoring based on one-dimension, proposes the method based on multidimension of the network monitoring.This method can monitor sevrial targets such as CPU, memory, disk and network real-time and timely find exceptions when servers occur problems.At the same time, this information used to help users change its way of getting severces is sended to users.This article begin with the introduction of Linux operation and mainly analyse the network module in Linux kernel.On the basis of this , this article implement the network monitoring system which consists of the functions of data collection and data analysis.The work in detail I have done is as followed: The first, according to the requirement of system, this article design the framework based on Linux kernel .On the basis of this, this article gaves the method to realize functions of data collection and data analysis.The second, this article analyses the lacking of traditional way of data collecting based on one-dimension and implement the module of data collecting based on multidimension.This article mainly design the way of data collecting on CPU, memory, disk and network.The third, this article analyses the mudlule of network in Linux kernel. On the basis of this, zero-copy is realized by modifying ether card driver; this article studies the principle of Libpcap which is used for capturing network packet and makes a match between Libpcap and zero-copy. Based on this, the function of data collecting is implemented.The fourth, this article adopts Principal component analysis(PCA) to analyse data which is gathered.In this article, it is a key to analyse how to build the module of PCA and how to check collecting data by two statistical methods called T~2 and Q.At last, this article is concluded with a summary and discussion of the prospective research on open problems.