Research Of Deep Semantic Inspection Technology Of Network Data Packet Based On Many-Core Processing Platform

With the development of Internet, the present work environment is different from the past. Work and life has been closely linked together, and open web collaboration appears accompanied by a growing number of problems such as disclosure of corporate sensitive information, network congestion, despite repeated game prohibitions, unable to assess the efficiency of employees and so on. To solve these problems, different network traffic should be distinguished, then differentiated management can be provided. Therefore it is very necessary to study the network traffic in-depth and classify the network traffic. For the network traffic, traditional DPI technology can only locate to the application level, but it’s incapable of locating to the internal specific behavior. Based on DPI, network data packet is analyzed thoroughly and further applied to explore the specific behavior in application. This method is the DSI(Deep Semantic Inspection) technology which is proposed in this paper. Compared with DPI which can only analyze protocol layer, DSI can analyze the interior of protocol layer. In this paper, research of DSI technique includes the following respects:1. First, the significance to study network traffic classification technology is described. Some related technologies that appeared in the developing process of network traffic classification technology and its current situation are introduced simply. The related technologies include port-based traffic classification techniques, machine-learning-based traffic classification techniques, DPI-based traffic classification techniques, host-based traffic classification techniques and using heuristic host-communication-mode-based classification techniques.2. Then DSI technology-based network traffic application behavior recognition system is designed and accomplished. The overall framework of the system is described: from the acquisition of network packets, IP fragment reassembling, TCP sessions reassembling, multi-protocol parsing(application layer protocol identification of data packet) to the final rule matching. Meanwhile, the common protocol characteristics is studied deeply. The structures of the rules used in the process of rule matching are defined. Then specific rules are defined for some common behavior of some common Internet applications, and a large rule base is formed. Finally, in order to improve the efficiency of rule matching, a rule hierarchy matching tree is further built.3. Finally, the DSI system is realized on Tilera many-core processing platform including selection of parallel programs for Tilera platform, selection of inter-core synchronization and communication mechanism, balancing of received packet payload, preliminary data packet processing and performance optimization. Then the function and performance tests are performed for better systems. The test results show that the research has good practical applicability and build a good foundation for the study on deep semantic recognition technology of network data packet on many-core platform.Under the background of industrial research project in Shan’xi Province(project number: 2014K05-43) and a provincial’s networks, the traffic classification in the network management is studied and the design and implementation of deep semantic recognition system for network data packet based on the many-core processing platform are also completed in this issue.