Designs And Implements A System Of On-Line Network Protocol Identification For The Lan

With the rapid development and popularisation of the Internet, network has graduallybecome an indispensable part in our daily life, and various new network applications arecoming out in an unending flow. It is no doubt that the network has brought us muchconvenience, but we cannot neglect some serious problems it caused at the same time such asinformation pollution, network intrusion and etc. The premise of ensuring network security isto accurately identify the protocol of each stream on the Internet, which can not only preciselymonitor network operation and effectively allocate network resources but improve theefficiency and accuracy of network intrusion detection. In this way, the network services canbe upgraded.Based on above discussions, this paper designs and implements a system of on-linenetwork protocol identification for the lan. With the help of string matching algorithm,protocol analysing approach and protocol recognizing methods, this system can identify theprotocol of online data. In addition, the system can make statistical analysis, display theresults and monitor the server’s running conditions to achieve better control and management.System relies on a Linux server, centOS operating systems and mysql database, completethe application protocol identification module, data analysis module, data acquisition andstatus display module corresponding function modules of four modules. Application protocolidentification module with protocol analysis method, efficient string matching algorithms,protocols port identification methods, protocols, load content identification method andidentification method based on flow as a measure of support, the introduction of third-partylibraries libpcap and libnids call packet-based regular expressions matching algorithms andmemory optimization of AC matching algorithm engine, to achieve agreement on the mark toidentify the large flow of data. Statistical analysis module using multi-threading technology,database technology to complete the identification result of storage; data display module to dotransaction processing PHP to display HTML pages to CSS for style controls to Javascript fordynamic processing, combined with Ajax asynchronous refresh technology and referencesJQuery, PHPExcel,97MyDate, Highcharts and other third-party libraries, well done receptionof database information display, front distinctive style, reasonable layout of each part, page response and excellent performance, better user experience. State acquisition moduleapplications Linux shell script to complete the state of the server’s memory, disk IO and CPUcollection, storage and call the C language program to complete the information into adatabase. System is put into use in the process showed a strong robustness, accurate datatransfer between the various interfaces and small delay, the user experience is better. Flexiblesystem configuration, using the profile approach, the required system operating parametersare read from the configuration file, with good versatility.In the system, using to monitor the running condition of server with shell script; Using Clanguage to identify the protocol as well as analyse the result; Handling the processing byPHP; Displaying web pages by the way of HTML; Controlling page style with the mothod ofCSS and processing the dynamic displayment by means of Javascript.After being tested several times, the system has fulfilled its purpose and already beingutilized. The system uses the B/S mode, the application logic using PHP technology, databaseusing ACCESS or MYSQL, the design and implementation of online identification system forlocal area network protocol, the system can complete the "application protocol identificationmodule, data analysis module, data display module, acquisition module" function, correlationfunction extended defects or deficiencies, in future work to further improve the.