Research And Implementation Of The Application Recognition System Based On Flow Analysis

The development and promotion of the technology of the Internet, has changedpeople’s lifestyle, online news, online shopping, e-commerce, online chat, and morevariety of network applications are emerging. People want to get a better Internetexperience, a large number of network applications should be required to appear, mo redata on the network is rapidly passing. Increased network traffic in the Internetnetwork, the backbone network hardware challenges. Able to accurately identify adatagram network traffic is issued by which network applications, network control andmanagement. All illegal network applications, network traffic can be filtered off, tolimit the proportion of the transmission of large data network application in thenetwork traffic, thereby controlling the use of bandwidth for a variety of business,critical service, and suppress undesirable operations, deepening the quality of servicecontrol and so on. The accurate and rapid identification of network applicationsbusiness category plays an important role in network management and networkmonitoring. The current mainstream network application protocol identification in twoways: based load identification methods and identify methods for network-based popular.This paper first introduces the application of the principle of recognition: port,payload, data stream statistics and machine learning-based approach, and the pros andcons of various identification principle. And for application identification systemcharacteristics, analyzes the difficulties and critical point the application identificationsystem implementation, and optimization techniques combined with applicationidentification system ORCHID application identification system model, which isdivided into a characteristic the pretreatment part and identify engine parts. Then, bypreprocessing of features, to achieve optimization of the feature database, wherein forregular expressions are merged DFA state number expansion problems, given thecharacteristic grouping algorithm and DFA structure optimization carried out byL7-Filter characteristics experiments analysis confirmed that the above-describedmethod is a high compression ratio. Part in the recognition engine design, in order toimprove the efficiency of the engine scan to achieve a state of flow-based detectiontechniques, and quickly identify based on the statistical characteristics of the payloadand data flow through loading feature library,therefore predecessors is a goodcomplement.