Research On Streaming Media Protocol Identification And Clean Technology For Backbone Network

With the development of the dynamic ports communication technology,the traditional port-based method for protocol identification cannot ensure the requirements of the practical application. Base on the regular expression matching technology for network traffic protocol identification could accurately identify the network protocol, which is the basis of Bandwidth Management, IDS, Qo S, Traffic Analysis and Control and Content Auditing.This paper proposes a system implementation scheme of hardware and software combination to accomplish the based on regular expression matching technology for protocol identification, increasing the accurary and throughput of the network protocol identification.The main contents of the thesis are as follows:1) The traditional methods of the protocol identification is introduced:the differences among the protocol-based port characteristics,the protocol statistics and model characteristics and the protocol content characteristics are analyzed and compared.Introducing the regular expression matching technology,the development of the signature generation technology and the scheme of traffic clean on the network, and the performance evaluation parameters of the protocol identification technology are shown.2) Standard stream media protocol are analysed. The stream media protocol are applied in the video application on the network is studied. The illegal IPTV(Internet Protocol Television) stream media protocol are researched in depth.3) The signature “\x00{10}\x1a\x00.*\x00{6}”of the illegal IPTV is generated, and the length of signature string is 18 bytes, but the “.*” will match discretionary 20 bytes data contents before meet the signature “\x00{6} ”. The regular expression can identify the IPTV media stream which is provided by the set-top-box,The signature “.*” is analysed, Using the data contents signature about the signature “.*” which is generated, we can accomplish the accurate protocol identification for the media stream.4) We propose 5-tuple-based pre-matching technique and protocol identification technique based on multi-core network processor, and the technical solutions is given.5) We design and implement a protocol identification and clean prototype system, which makes full use of the high speed performance advantage of multi-core network processor in processing network packets and combines the media stream protocol identification technology proposed by this paper. In this thesis, we implement a protocol identification and clean prototype system which services for network security control and management. In the end, test and evaluation the performance for the protocol identification and clean system are given.