节点文献
基于协议特征描述语言的P2P应用识别系统的研究与实现
Analysis and Realization of P2P Application Identifying System Basing on Protocol Signature Description Language
【作者】 罗丞;
【导师】 叶猛;
【作者基本信息】 武汉邮电科学研究院 , 信息与通信工程, 2012, 硕士
【摘要】 P2P宽带共享工具能够实现带宽的充分利用,但其为了躲避监管,通常采用动态端口并对通信数据加密,大量的带宽资源被加密流量占用。传统的应用层协议识别方法均从改进匹配算法的角度来提高识别率,但是随着P2P应用的发展,其特征呈现多维化的趋势,算法复杂度也随之提高。鉴于此,从P2P技术原理出发,对典型P2P应用行为及特征进行逆向分析,设计自定义的协议特征描述语言对P2P特征进行分析提取,从而有效的描述P2P应用的广义化特征,实现了基于协议特征描述的P2P应用识别系统,并通过实验证明了该系统在P2P流量识别上的可行性和有效性。本论文首先从业务营销和带宽管理方面的需求出发进行了P2P业务精确定位必要性的讨论;其次在分析应用识别技术发展现状的基础上,重点讨论了P2P应用的发展及其识别方法存在的问题,提出了对已有方案进行改造的基本思路;接着探讨了识别优化中的关键技术,提出了自定义的广义化特征的概念,并设计了广义化特征的描述方法以及对数据处理的优先级算法;然后针对新方案设计了系统结构,分配各模块的功能并探讨实现细节并对系统关键指标进行了测试,比较分析与现有其他系统的区别和优势;最后对全文进行了总结,并提出4点可改进的地方。
【Abstract】 The bandwidth of Internet Service Provider can be fully utilized by popular P2Pbroadband tools, but in order to escape from supervision, dynamic ports and encryptedcommunications data are idiomatically employed by them, in the event, a lot of bandwidthis occupied by encrypted flow. At present, improving matching algorithm is commonlyused by traditional application layer protocol identification methods to raise identificationrate, but with the development of P2P protocol, features are multi-dimensional, andalgorithms are more complex too. In view of this, with the pretreatment by analyzingtypical P2P applications, a kind of custom protocol description language is designed toextract signatures of P2P applications and achieve a protocol signature identfying system,this strategy is approved feasible and effective through experiments.The first chapter of this thesis discusses the necessity for precise identification of P2Papplications from the perspective of business marketing and bandwidth management;Chapter II analyses application recognition technology on the basis of current development,focuses on the development of P2P applications and problems of identificationmethods,have proposed the basic idea for transform; the third chapter discusses theidentification of key optimization algorithm, the generalized concept of signatures with thedescription methods for it, and the optimization of data processing algorithm; Chapter IVdesigns system structure for the new scheme, distributes function of each module andexplore the implementation details; Chapter V tests the key indicators of the system, andtakes a comparative analysis with other existing systems for difference and advantage;Chapter VI takes a summary of this thesis, and Proposes four requirements to the futurework.
【Key words】 Peer to peer; Encrypted traffic; Generalized signature; Protocolsignature description language; Priority scheduling;