Research And Realize Of Network Monitoring Based On Data Packet Capture

With the rapid development of network technology and popularization of the network for people to study and work at the same time convenient for us to enhance people's dependence on the problem due to network - the network information security. Indeed, in people's lives are increasingly inseparable from the computer at the same time while the offense has a computer in China each year to rising at a rate of up to 30%. So in response to the test of the network security issues at the same time, an urgent task to develop to analyze, diagnose, test network performance and security tools that enable these tools can be effective monitoring of the network, better for the network to create healthy environment.The task of the paper is based on the research to the concept and the method of network data packet capture, the architecture of Winpcap and the driven mechanism of packet capture, and the principle of protocol analysis and filtering. As a result a set of software system about monitoring is designed and implemented. This paper mainly include the next three aspects:1. We do some deep research on the concept and the method of network data packet and packet capture, the architecture of Winpcap and the driven mechanism of packet capture, and the principle of protocol analysis and filtering, and made some experiment's study on the packet capture and filtering based on the Winpcap.2. This paper from different point of view put forward approach to improve overall system performance .At first, we put forward a multi-threaded performance, the appropriate size of the kernel and user cache, and strict filtering conditions, and so on to Optimize Winpcap; Secondly, in order to improve the efficiency of the protocol analysis, we put forward improved pattern matching algorithm under the conditions of the existing three kinds of pattern matching algorithm. Finally, we also put forward read-write buffer technology, multi-threaded processing technology to improve the system.3. Propose the procedure of the detail design and implement of the network monitoring system software, include each module of the system, Finally, we test and evaluate the performance of our monitoring system on a LAN.