A Design And Implementation Of Network Flow Identification System Based On Application Layer

Faced with the challenge of Internet application’s explosive growth, the identification ability of traditional network flow identification technology aimed at various network protocol flow has already been insufficient, it is difficult to identify the constantly updated protocol flow characteristics. The flow identification technology does not adapt to the development of the current network, cannot identify the network characteristics of changing flow quickly and accurately. This paper put forward a kind of new network flow identification technology based on application layer, which combined with the machine learning technique. This new automatic identification technology will enrich existing flow identification technology and make up for the inadequacy of existing technology.This network flow identification system based on application layer takes use of network information technology, communication technology, computer technology to solve the flow characteristics automatic classification problems, and it is an integrated system for those key technology about flow recognition. For the realization of the system function, this paper has researched the capture and filter of network packet, the extraction of flow characteristics, the processing of proposed feature and the related content. And in view of the several current network flow include the application layer protocol flow and application layer abnormal flow which accounted for larger, researched the network normal flow and abnormal flow identification technology, which combined with machine learning technology.According to the procedure of this method. First, get through dimension reduction processing which aimed at summarized protocol flow feature attribute, then turn into the input of the neural network model and train to be protocol classifier, at last make use of the trained classifier to classify the flow. Similarly, when study the network anomaly network flow identification method, the article proposed an identification method, which extracting the abnormal traffic flow characteristics and training the classifier of neural network model. This method improves the traditional network security protection technology.At the end of the paper, this paper introduces the test part of the system. We did a performance test for this design scheme. The test results show that the presented network flow identification method based on application layer and abnormal network flow identification method can more accurately identify the different network protocol flow and abnormal flow. The success of the test will add new identification method to protocol flow identification field and abnormal flow identification field, it is a very important meaning for maintaining the security of the network.