資源描述:
《基于tcpip的協(xié)議分析器設計畢業(yè)論》由會員上傳分享,免費在線閱讀,更多相關內容在學術論文-天天文庫。
1、基于TCP/IP的協(xié)議分析器設計基于TCP/IP的協(xié)議分析器設計【摘要】網(wǎng)絡分析技術作為一種積極的安全監(jiān)測技術,能實時監(jiān)測網(wǎng)絡中發(fā)生的一些事件,也更加有效地保障被監(jiān)測網(wǎng)絡的安全性?;赥CP/IP的分析技術也是具有入侵監(jiān)測能力網(wǎng)絡系統(tǒng)的核心技術之一。所以,研究以捕獲數(shù)據(jù)包為基礎的網(wǎng)絡分析方法在當今是非常必要的。本課題針對10Mbps以太網(wǎng),設計一個具有實時性的網(wǎng)絡數(shù)據(jù)包捕獲和統(tǒng)計分析系統(tǒng)。本系統(tǒng)使用具有數(shù)據(jù)包捕獲功能的winpcap開源包,對流經(jīng)本機的網(wǎng)絡數(shù)據(jù)包進行嗅探和統(tǒng)計分析。在循環(huán)捕獲網(wǎng)絡上的數(shù)
2、據(jù)包的同時,對數(shù)據(jù)包進行分析與歸類。本系統(tǒng)以TCP/IP體系結構為根本,對數(shù)據(jù)包實現(xiàn)由下至上的層層解析,最終實現(xiàn)對HTTP協(xié)議報文的讀取,F(xiàn)TP文件傳輸協(xié)議的命令讀取,也可以實現(xiàn)以UDP協(xié)議或TCP協(xié)議為基礎的QQ數(shù)據(jù)包的判斷。本論文首先介紹了捕獲網(wǎng)絡數(shù)據(jù)包的工具,其次是重點介紹了winpcap開源庫的相關知識、捕獲數(shù)據(jù)包的理論過程以及數(shù)據(jù)包的分析過程等?!娟P鍵詞】winpcap開源包,TCP/IP協(xié)議,數(shù)據(jù)包捕獲,協(xié)議分析I基于TCP/IP的協(xié)議分析器設計Designaprotocolanalyze
3、rbasedonTCP/IPprotocolAbstractNetworkanalysistechnologyasapositivesafetymonitoringtechnology,itcanoccurinthereal-timemonitoringofnetworkeventsandmoreeffectiveprotectionofthesecurityofthenetworktobemonitored.Thenetworkanalysistechnologyisalsooneofthecore
4、technologiesfornetworkintrusiondetectionsystems.Therefore,thestudytocapturethepacket-basednetworkmonitoringisnecessaryintodays.Thetopicdesignsareal-timenetworkpacketcaptureandstatisticalanalysissystemfor10MbpsEthernet.Thesystemuseswinpcapcomeswithnetwor
5、kpacketcapturemechanismformonitoringandstatisticalanalysisofdatapacketsflowingthroughthelocalcomputer.Intheloopcapturingdatapacketsatthesametime,synchronizationisachievedontheanalysisofdatapacketsclassified.ItismainlydonetotheTCP/IPprotocolstack-basedne
6、tworkpacketcapture.ThesystemisbasedontheTCP/IParchitectureandanalysispacketsfromthebottomlayers.Ultimately,thesystemcanreadtheHTTPprotocolpackets,theFTPfiletransferprotocolcommandanditcanalsoimplementthejudgmentsoftheQQdatapacketsbasedonUDPorTCPprotocol
7、.Thispaperintroducesanetworkpacketcapturetoolfirstly.Andthepaperfocusesonthewinpcapknowledge,theprincipleofpacketcaptureandanalysisofdatapacketsmechanismsecondly.Keyword:winpcapopen-sourcepacket,TCP/IPprotocol,packetcapture,protocolanalysisII基于TCP/IP的協(xié)議
8、分析器設計目錄第一章緒論11.1.課題背景11.2.研究現(xiàn)狀11.3.本文研究內容21.4.論文結構2第二章網(wǎng)絡數(shù)據(jù)捕獲及winpcap的相關知識32.1網(wǎng)絡數(shù)據(jù)捕獲32.11網(wǎng)卡的工作模式32.12共享式的網(wǎng)絡數(shù)據(jù)捕獲32.13交換式的的網(wǎng)絡數(shù)據(jù)捕獲42.2網(wǎng)絡開發(fā)工具42.21網(wǎng)絡開發(fā)現(xiàn)有的函數(shù)庫42.22數(shù)據(jù)包的捕獲工具52.3winpcap的相關知識52.31winpcap簡介52.32winpcap的各功能模塊52.33winpcap的主要函數(shù)