| Campus network plays a more and more important role in universities. Therefore, wo should establish a network environment with high reliability, high availability and high security. But campus network security incidents occur frequently, and various means of attacks occur time and time. The integrity, availability and confidentiality of campus network subject to a severe challenge.The aim of abnormal flow analysis is to find the abnormal data in flow, and lay solid foundation for constructing a better network environment. Data collection is the first course of the network abnormal flow analysis, provides data for abnormal flow analysis and is the basis of abnormal flow analysis and timely response. The aim of data collection is exact, real-time and high- efficient data collection.The test environment is Dalian Maritime University network center. The paper discusses various threatens on the campus network in detail and selects the abnormal flow of campus network. Meanwhile, the paper identifies the location of collection, and need-collected data. According to the character of campus network and the rule of network flow, the paper proposes a method of ascertaining collection interval, which is based on the brandwidth utilization refering SNMP protocol.The paper sets the collection interval of flow and device and validates the method by test. Through SNMP-based data collection method, the paper collects part of the network flow. By the commands(CLI) of Ruijie STAR 3550, the paper adds the connectivity, response time to the collected data.The paper designs the collection, storage and analysis functions in detail. The database server is Oracle 9i, the main development tool is Microsoft Visual C++ 6.0, the analysis tool is SPSS and the operation system is Windows XP. The paper puts the functions at the network center and real-time accesses the network flow. By test, the result shows relevent function is well-implemented and achieves the design objective. |
PDF Full Text Request