| With the rapid development and wide application of Internet, there is a rich variety of Internet services and Internet applications, even people's daily life, clothing, cannot be separated from the network. The key technology of Network business can not go without the communication of network protocol. Diversity of businesses means that network protocols are no longer single and network protocol requires more diverse. This will bring certain degree of difficulty for the network security management. Therefore, to research and identify application of network communication protocol is the prerequisite and basis for network security.For the research of application layer protocol identification technology and firewall technology based on hardware-based firewall,raised the design of a new type of application layer protocol identification System. The system is realised based on the netfilter mechanism .The Recognition Module is mainly to complete the recognition of data flow through the firewall. It is mainly to recognize the protocols by analyzing the initial packages and protocol status,therefore to reduce impact on the firewall when data stream passing. Protocol identification module provides the interface design of firewall,which contact the module with other modules well and it enhanced the scalability of the system. In addition, the overall design of system using modular scheme can provide better maintenance. The system realization method will provide a certain amount of theoretical meaning and reference value of network security management.After the design and realization of application layer protocol identification technology functional test for user interface and command line prove that the system must be feasible and market value. In addition , the analysis of some areas to be improved provide a certain degree of guidance for future research work. |
PDF Full Text Request