| Due to the rapid development of information technology, computer networks have already become an important infrastructure in current society. With the expansion of the network scale, as well as the surging of the network complexity degree, the way to deal with the network fault by means of the traditional and simple artificial diagnosis or orientation has become much more insufficient. Therefore, a fast and accurate network fault diagnosis technology is the urgent need to the research of network management. Based on the reality of power integrated data and backbone network, this thesis has focus on the research of the location and detection of network equipment fault and network attack fault. The specific work is as follows:1. Taking PCAP files as the data sources, this thesis proposed a network fault location method based on the abnormal characteristic parameters and correlation analysis. To fulfill the requirements to design, plan and optimize the power integrated data and backbone network, this thesis utilize NS-3 network simulator to simulate the network and obtain PCAP files as data source. Then we make use of libpcap to extract network flows, obtain its characteristic parameters, and select the packet arrival time interval as point mutation anomaly detection parameters. Finally we set an appropriate threshold to obtain the abnormal conditions of network traffic behavior, and take use of correlation between the abnormal network traffic behavior and equipment failure to locate the fault of the power integrated data and backbone network. By using this method, we achieve the corresponding network fault location software module which is based on NS-3.2. Taking SNMP files as the data sources, this thesis proposed a network attack detection method based on statistical characteristics of network traffic behavior and Chaos Theory. In this thesis, we firstly discuss the chaotic nature of network traffic and the feasibility of chaos theory for network attack detection. And then, through the establishment of AR autoregressive model, we use the signal processing method to forecast the network traffic and obtain the prediction error value. We give physical meaning of prediction error values, and use the characteristics of Chaos System and Lyapunov index to detect abnormal situation of network attacks. Finally, based on the purpose of network attacks and combined with the relationship between backbone topology, we realize the network attacks fault localization of backbone network.3. Considering the insensitivity which some part of the network attack has on the change of the traffic volume, we propose a method of network attacks detection based on entropy and Chaos Theory. First of all, we discuss the relationship between entropy and network attacks. Through analysis and discussion, we introduce Lyapunov index into the computing of entropy separation which includes source and destination characteristic parameters, and use its degree of separation to detect abnormal situation of network. Finally, combining with the contents of network traffic behavior files and backbone topology relationship, we achieve the network attacks fault localization information.In summary, this thesis has achieved the network fault location software module based on abnormal characteristic parameters and correlation analysis corresponding with the power integrated data network backbone. And from the point of view of chaos theory, this thesis has put forward two kinds of network attack detection methods which are based on the statistical characteristics of the traffic and based on entropy as well. By analysis and verification, the methods are proved to be feasible and effective. |
PDF Full Text Request