Research And Implementation Of Embedded Platform Within The Network Monitoring System

With the rapid development of the computer technology and the increasing popularity of internet,it brings the tremendous convenience to the people ,at the same time, intrusions, network attacks and other network security issues are also increasingly prominent, so strengthening supervision and auditing network security becomes more and more important and urgent. Network monitoring and auditing, data encryption, forensics, firewall technology are effective in protecting network security and are effective technical means in ensuring the normal operation of the network. The traditional network security solution tends to focus on network boundary and ignores the internal network security. With the complexity of the network, this problem is more and more outstanding, and internal network security is confronted with great challenges. The security threats which the enterprise internal network face are mainly the evil use of the intranet resources,the abuse of the intranet resources and the misuse of the intranet resources, these lead to the loss of staff working efficiency and enterprise confidential information leakage. How to strengthen internal network management, protect the enterprise information are practical problem to be solved urgently.The development of embedded technology and the advantages of embedded platform make embedded products deepen people's life. This thesis breaks the traditional design ideas and realizes the network monitoring system on the embedded platform.This thesis focuses on network security monitoring system design and implementation on the embedded platform and network security monitoring related technology are studied.The thesis mainly studies the following aspects:Firstly, the thesis introduces the background and significance of network security monitoring on the embedded platform, gives objectives of the thesis. Secondly,the thesis analyzes the TCP/IP common protocols, and packet capture methods, the Berkeley packet filter mechanisms under linux, data reduction, fast string matching. Thirdly,the thesis describes in detail on the embedded platform functional requirements of network monitoring system, the overall system architecture design and overall system deployment, and detailed design of data collection module, data packet filtering module, the data reduction module, the user interaction module. Finally, the entire network monitoring system is tested.This thesis focuses on session reduction technology, fast string matching algorithm and embedded database store strategy. It mainly analyzes SMTP, FTP message and restore the session content to monitor employees'behaviors and prevent confidential documents leakage . At the same time, the fast string matching algorithm is applied to session reduction to speed up reduction speed. Considering the embedded limited resources,the thesis solves the problem of insufficient embedded resource respectively from the system architecture and multi-threading technology.This network monitoring system can effectively understand network operation condition, monitor the network behaviors of internal employees. The system is developed on the embedded development board, is ultimately the formation of an independent product,and is deployed in the enterprise LAN plug and play.