| 基于数据流前端检测的快速协议识别 |
| |
| 引用本文: | 詹成,张伟.基于数据流前端检测的快速协议识别[J].现代电子技术,2014(23):58-61. |
| |
| 作者姓名: | 詹成 张伟 |
| |
| 作者单位: | 电子信息控制重点实验室,四川 成都,610036 |
| |
| 摘 要: | 信息战都追求高速反应机动,对网络协议识别提出了高效快速的要求。基于深度包检测DPI的协议识别方法识别准确率高,但是由于要对所有数据包进行检测,计算量很大。基于端口号的协议识别方法速度快,但识别准确率低。提出一种新的基于数据流前端检测的协议识别方法并进行了系统实现,结合了基于端口方法的快速简单和基于DPI的准确性的优点。实验表明,这种综合快速协议识别方法识别准确率高,与基于DPI的方法相比,识别时间减少将近80%。
|
| 关 键 词: | 协议识别 正则表达式 数据流前端检测 DPI |
Fast protocol identification based on data-flow front-end detection |
| |
| ZHAN Cheng,ZHANG Wei.Fast protocol identification based on data-flow front-end detection[J].Modern Electronic Technique,2014(23):58-61. |
| |
| Authors: | ZHAN Cheng ZHANG Wei |
| |
| Affiliation: | ZHAN Cheng;ZHANG Wei;Key Laboratory for Electronic Information Control; |
| |
| Abstract: | With the demand of quick response capability in the information war,the network protocol identification needs to be efficient and quick. The protocol identification method based on deep packet inspection(DPI)can achieve high accuracy, however it brings about mass calculation because of inspection of all packets. The protocol identification method based on port inspection is fast,but its accuracy is low. A new protocol identification method based on dataflow frontend detection is proposed and the system implementation way is given in this paper. The simple fast advantage of portbased method and the accuracy advantage of DPI method are combined in this method. The experimental results show that the new protocol identification method can achieve high accuracy,and decrease the identification time by nearly 80% in comparison with the DPI methods. |
| |
| Keywords: | protocol identification regular expression data-flow front-end detection DPI |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
