Design And Implementation Of Deep Packet Filtering System

In recent years, with the spread of network garbage and increasing network attacks,network security problem is increasingly prominent, and it is harmful to the modern’s life,so it is very necessary that take effective technical measures to filter network packets inorder to purify the internet environment.In the traditional packet filtering technology, it only could analysis the "quintuple" inthe IP header information by cutting them. But, with the enrichment of the Internetapplication and the hybridization of network, it is not enough that only analyses thefollowing four layers of the IP packet, including the original address, destination address,source port, destination port and protocol type. At the same time, it doesn’t really identifythe application type, also increases the possibility of a network of malicious attacks.Therefore, it is a very good practical significance and academic value to build a filteringsystem that can go deep into the various application layer of the detailed content ofmessages and use distributed architecture that can improve system performance, all ofwhich are based on the technology DPI (Deep Packet Inspection).The main research works for deep packet filtering based on DPI. Firstly, this paperintroduces the theory of knowledge which the packet filtering system relies on, and furtherresearch on DPI technology, AC multimode matching algorithm and the common applicationlayer protocol. Then, in view of the actual needs, author put forward reasonable systemdistributed architecture, and designed the main policy configuration server and the deepmessage filtering server in detail. Policy configuration server with a multi-stage reference ofdata organization form stored filtered items and distributed configuration data to the deeppacket filtering server, while the main function of deep packet filtering server is to filter.Finally, we will achieve the packet filtering capabilities based on the common applicationlayer protocol of HTTP, SMTP and TELNET. This can achieve the purpose of strengtheningnetwork security and purify the network environment.