Research On Key Technique Of Protocol Identification Base On Feature Matching

With the development of Internet,network applications are increasingly widespreading,and the difficulty of network management and traffic monitoring is also increasing,in order to achieve monitoring of network traffic effectively and allocate network resources rationlly,you must distinguish the type of the protocol traffic accurately.With the development of the network,there are some new protocols,and some new features of network protocols are presented,which brings new challenges to the recognition of network protocols.In this paper,based on in-depth analysis of the port identification technology,the packet-based traffic load recognition technology and feature recognition technology,the paper introduce their working principle and their advantages and disadvantages.On this basis,the main work of this paper follows as:1 In order to complete recognition better,based on the analysis of the traditional packet characteristics,the feature elements of the protocol are extracted and defined,and the rule of XML is designed.The feature rule is preserved in the form of XML.2 Aiming at the problem that the computational overhead is relatively large based on the content feature matching.In order to improve the efficiency and accuracy of the feature matching in packet load,an efficient protocol feature matching algorithm based on the index clustering is proposed in this paper.Based on this,the performance of the algorithm is tested.The results show that the algorithm has higher accuracy.3 Also based on the content of protocol identification technology which cannot recognize the cryptographic protocols effectively.Aiming at the problem,this paper presents encrypted traffic identification method based on load approaching probability model.At first we extract the plaintext flow characteristic vector,the process mainly include the construction of load approaching probability model and the extraction of entropy of the feature based on the entropy,then it recognize the unknown traffic identification with the using of machine learning methods,In the end,the experiment prove the validity of the model and that the algorithm of traffic identification have high accuracy.