

Research of Protocol Identification Model and Algorthm Based on Cloud Computing

【作者】 马萌

【导师】 李忠献;

【作者基本信息】 北京邮电大学 , 信息安全, 2011, 硕士

【摘要】 随着信息技术的发展,网络环境日益多样化与复杂化。为保障关键业务的开展与普及,借助协议识别技术对网络流量进行分类与管理是各行业用户的迫切需求。对协议识别技术的研究具有重要的理论意义与现实价值。传统协议识别模式受限于部署架构以及处理能力日渐无法适应数量庞大且经常变化的协议特征。论文在对传统协议识别模型进行优化的方向上,开展了以下几个方面的研究工作:1.总结了现有协议识别技术的发展限制,分析了基于云计算技术的协议识别技术。2.提出基于云的协议识别模型,以解决现有协议识别模型中处理能力受限、开发环境适应性不强以及难以实现规则自动学习等缺陷,并给出了关键的数据处理模型、特征修正模型以及云存储与计算模型。3.设计了规则树构造算法用以组织规则,为数据处理与特征修正模块提供支持,利用变异测试技术对规则出现的偏差进行测试并修正。4.对所提出的模型与算法进行了实例测试与分析,表明变异测试方法能够正确发现特征变化,同时优化的规则树构造算法能够显著提高特征匹配效率。

【Abstract】 With the development of information technology, network environment has become increasingly multiplex and complex. To promote and spread the critical business, it is an urgent need of various industries to classify and manage the network traffic with the help of protocol identification technology. Researches on protocol identification have important theoretical and practical value.Traditional protocol identification model with limits in structure and capacity cannot deal with growing number of volatile protocols. To optimize the traditional model, this paper has done researches in the following aspects:1. The paper summarizes the limitations of existing protocol identification technology. With introduction to cloud computing technology and its advantages, the paper analyses a cloud based protocol identification model.2. According to the limits in computing capacity, environmental flexibility and automatic learning ability, a protocol identification model based on cloud computing has been presented, of which the key models have been elaborated such as data processing, rule revision, cloud storage and computing model.3. The paper designs a rule tree organizing algorithm for needs in data processing and rule revision procedures. It applies mutation testing technology to test for variation of the rules with small deviation to be amended.4. The paper uses an example in designed model and algorithm to show that the protocol identification model can correctly find the modification of protocol’s characteristic. And the introduction of optimized rule tree organizing algorithm can significantly improve the efficiency of the matching.
