Research Of Network Monitoring System Based On The Packet Interception

Until December 2014, the number of China’s Internet users reached 649 million, and Internet penetration rate was 47.9%; and the size of mobile phone users reached 557 million, which took up 85.7% in the large amount of Internet users. There was sharply innovation in Internet applications and the development model, and Bitcoin, Internet banking, online shopping, O2 O mode become a social event. The foundation of Internet applications, are communication between network client and server. How to ensure the normal operation of network services has become an important topic that various IT organizations have to face.In order to guarantee the normal supply of the service and to provide a stable service, the network communication status monitoring is essential. Monitoring network traffic state can be divided into two kinds: the first one is active monitoring, which this monitoring is realized via SNMP protocol. In other words, monitoring host captures the data of remote host actively according to the cycle. However, its real-time performance is relatively worse; the second one is passive monitoring which the monitored server initiatively uploads the data to the monitoring host. However, this approach relies on the monitored host to upload data. In this regard, this dissertation proposes a method to detect the server through intercepting of data packet between the client and server and analyzing the data communication to extract service status information.This dissertation can be divided into the following several parts:Chapter one introduces the research background, summarizes the current status of network monitoring systems technologies and tools to achieve a network traffic analysis method based on packet interception.Chapter two lays its emphasis on introduction to the Packet Interception techniques. The packet interception techniques is mainly used to capture packet communication among various hosts, filter the requisite data and extract the protocol header information so as to conduct a comprehensive analysis and statistics of the host’s communication status.Chapter three focuses on the setup of the appropriate timeout events and event process program based on data request and return information of packet interception. The timeout events are put into the timing manager which is realized via a small root heap and Select. In the meanwhile, the identification and transformation of communication information statistics and connecting process state can be guaranteed under the condition of a large number of client connections.Chapter four aims to alert administrators via sending E-mail when a timeout occurs and the structured corresponding events are put into overtime queue.Chapter five proposes network traffic monitoring system of packet interception so as to provide communication situation analysis and data statistics.This dissertation firstly studies the packet interception technology to intercept network packet in network communication process, and network communication is analyzed according to the information carried by the packet. Finally, a network monitoring system based on data packet interception can be achieved. It has a strong utility in practice and is a powerful complement to the current network monitoring system.