| At present,non-traditional security threats,represented by network security,continue to spread.As the core technology of network security,the increasingly severe situation puts forward more requirements for cryptology.There are three major problems in the application of commercial cipher codes,including the lack of extensive use of cryptography in important information systems,the irregular and incorrect use of cryptography in information systems,and the use of cryptographic algorithm that have been warned and at risk.Therefore,it is urgent to evaluate the compliance,correctness and validity of the cryptographic application of the network and information system.Network and communication security is an important part of cryptography application.In order to ensure the compliance,correctness and effectiveness,this paper designs and implements a Commercial Cryptography Application Traffic Monitoring System based on the in-depth study of packet capture and traffic identification technology.The main work is as follows:1.Apply the randomness test method to common network traffic data.Through simulation test,the method with higher discrimination is selected to identify the network non-encrypted and encrypted traffic.2.Summarize the advantages and disadvantages of various technologies by studying the packet capture technologies such as Libpcap+NAPI,Netmap,PF RING,and DPDK.Finally,a wire-speed packet capture framework is designed based on DPDK.3.Research on the international and national standards of IPSec VPN and SSL VPN,which are widely used cryptographic protocols,and propose a protocol identification and compliance verification mechanism based on plug-in framework.4.Combining with above technologies,the architecture and function modules of the Commercial Cryptography Application Traffic Monitoring System are designed and implemented in detail.By deploying a simulated network environment in the laboratory,the system is tested to verify the accuracy and effectiveness. |