| With the rapid development of computer and Internet technology, protocol identification is veryimportant to classify and manage the complex traffic. It has a challenge to traditional protocolidentification with more and more new protocols appear. How efficient and accurate identificationof the various protocol is the research focus, this paper analyzes the limitations of traditionalprotocol identification and gives a method based on network feature to identify protocol.The main work is below:1Based on the study of properties of the network flow, extracted four network propertiesinclude payload data, packet access location, packet length and packet direction, and then design18kinds of characteristics, at last describe the design background, data structure and algorithms;2On the basis of network characteristics, we build protocol model library. Due to relativeentropy algorithm,we know that, two distributions is similar when they are closer to the other.Therefore, this paper presents the relative entropy algorithm for protocol identification;3Considering the time and space complexity, we study the decision tree, and then proposed amethod to optimize protocol model library based on Decision Tree Algorithm;4Experiments show that, this method has practical value. At last we complete the engine toidentify the protocol.The protocol identification we proposed has a better accuracy and performance compared totraditional protocols, it has been used in actual project and completed the relevant system functions. |
PDF Full Text Request