| Along with the coming of IPV6and expanding of Internet, the complexity and uncertainty of network increase. Network situation awareness based on fusion will become the research hotspot of networkmanagement. Therefore, to carry out network situation research in leading edge has a long-term and realistic significance in improving regional network security technology, guarantee of networkservice and social work, conquering the highest position in network technology with western developed countries and safeguarding national security and stability.In this article, network situation awareness model,the network sniffer and network protocol analysis technology, network management protocol and measurement of the performance in situation awareness is studied, Nagios kernel operation principle is also analysed in depth.Integrated development specification is studied and network situation awareness system integration framework is designed.Realize the foreign service information monitoring of network nodes through ICMP and SNMP protocols.Monitoring the internal performance information with device private MIB access. Internal informations Detection of netwok nodes with a unified SNMP architecture can avoid the using of C/S structure in mulit-platform which is complex to develop and hard to deploy.This paper complete the function of network node information acquisition and abnormal alarm, complie the plug-in module,congiguration module and Nagios kennel and construct an integrated network situation awareness system.Then this paper set up a test scenary in Ningxia University campus network for this system application. After analyzing the principle and characteristics of DDOS attack, we put forward a DDOS attack detection method based on the IP datagram flow, and launch a DDOS attack on a test network, listen the network link data with network sniffer and protocol analysis technology. this DDOS attack detection method is verified. |
PDF Full Text Request