【正文】 網(wǎng)絡(luò)流量監(jiān)控及分析工具的設(shè)計(jì)與實(shí)現(xiàn)畢業(yè)論文 畢業(yè)論文 網(wǎng)絡(luò)流量監(jiān)控及分析工具的設(shè)計(jì)與實(shí)現(xiàn) 摘 要 互聯(lián)網(wǎng) 迅速發(fā)展的同時(shí)，網(wǎng)絡(luò)安全 問題日益成為人們關(guān)注的焦點(diǎn)，病毒 、惡意 攻擊、非法訪問等 都容易影響網(wǎng)絡(luò)的正常運(yùn)行 ， 多種網(wǎng)絡(luò)防御技術(shù)被綜合應(yīng)用到網(wǎng)絡(luò)安全管理體系中 ，流量監(jiān)控系統(tǒng)便是其中一種 分析網(wǎng)絡(luò)狀況的有效方法，它從數(shù)據(jù)包 流量分析角度，通過實(shí)時(shí)地收集和監(jiān)視網(wǎng)絡(luò)數(shù)據(jù)包信息，來檢查是否有 違反安全策略的行為和網(wǎng)絡(luò)工作異常的跡象 。 在研究網(wǎng)絡(luò)數(shù)據(jù)包 捕獲 、 TCP/IP 原理的基礎(chǔ)上 ， 采用面向?qū)ο蟮姆椒?進(jìn)行了需求 分析與 功能 設(shè)計(jì) 。 該系統(tǒng) 在 VisualC++ 環(huán)境下 進(jìn)行 開發(fā) ， 綜合采用了SocketRaw、注冊(cè)表 編程 和 IP助手 API 等 VC 編程技術(shù) ，在系統(tǒng)需求分析的基礎(chǔ)上， 對(duì) 主要 功能 的實(shí)現(xiàn)方案 和 技術(shù)細(xì)節(jié)進(jìn)行了 詳細(xì) 分析 與設(shè)計(jì) ，并 通過測(cè)試， 最終 實(shí)現(xiàn) 了 數(shù)據(jù)包捕獲、 流量監(jiān)視 與統(tǒng)計(jì) 主要 功能 ， 達(dá)到了預(yù)定要求， 為網(wǎng)絡(luò)管理員了解網(wǎng)絡(luò) 運(yùn)行 狀態(tài)提供了 參考 。 關(guān)鍵詞 ： 網(wǎng)絡(luò)管理；數(shù)據(jù)采集 ； 流量統(tǒng)計(jì)； Winsock2 網(wǎng)絡(luò)流量監(jiān)控及分析工具的設(shè)計(jì)與實(shí)現(xiàn)畢業(yè)論文 The Design and Implementation of Monitoring and Analyzing Tool for Network Traffic Abstract With the rapid development of Inter, work safety has bee people’s concern, virus, vigorous attack, illegal visit and so on can easily affect the normal work performance. Various kinds of work defending technology have been prehensively applied into the management system of work safety. Network traffic system is one of the effective measures to analysis work condition. From the angle of analyzing packet traffic, it can examine the safety violation and the abnormal performance of work by timely collecting and monitoring packets information. By using the way of objectoriented, this design makes a needs analysis and ability designing based on the study of work packet collecting and TCP/IP theory. Under the environment of Visual C++, this system adopts VC program technologies of SocketRaw, Windows register and IpHelper API. On the basis of system analysis, it makes a deliberate analysis and test of plans and details to implement packets collecting, traffic monitoring and statistics. So this meets our needs and makes a reference for managers to get to know the work conditions. Key words: work management。 data collection。 traffic analysis。 Winsock2 網(wǎng)絡(luò)流量監(jiān)控及分析工具的設(shè)計(jì)與實(shí)現(xiàn)畢業(yè)論文 目 錄 論文總頁數(shù)： 22頁 1 引言 .......................................................................................................................... 1 課題背景 ............................................................................................................ 1 網(wǎng)絡(luò)安全管理的現(xiàn)狀與需求 ................................................................................ 1 網(wǎng)絡(luò)流量監(jiān)控的引入 .......................................................................................... 1 本文的目的與任務(wù) .............................................................................................. 2 論文結(jié)構(gòu)安排 ..................................................................................................... 5 2 相關(guān)的概念與技術(shù) ..................................................................................................... 5 OSI 參考模型與 TCP/IP 體系結(jié)構(gòu) ....................................................................... 5 OSI 參考模型 .............................................................................................. 5 TCP/IP 體系結(jié)構(gòu) ......................................................................................... 6 OSI 模型與 TCP/IP 體系結(jié)構(gòu)的區(qū)別 ............................................................. 7 傳輸層的編程接口 — Windows套接字 編程技術(shù) ................................................... 7 Windows 套接字的概念 ............................................................................... 7 套接字類型 ................................................................................................. 7 涉及的幾個(gè)基本概念 ................................................................................... 7 原始套接字 ........................................................................................................ 8 3 網(wǎng)絡(luò)數(shù)據(jù)的采集技術(shù)分析 .......................................................................................... 9 Windows 下原始數(shù) 據(jù)包捕獲的實(shí)現(xiàn) ..................................................................... 9 原始數(shù)據(jù)包捕獲的關(guān)鍵函數(shù) .............................................................................. 10 4 網(wǎng)絡(luò)流量監(jiān)控系統(tǒng)各模塊的設(shè)計(jì)與實(shí)現(xiàn) ....................................................................11 開發(fā)背景介紹 ....................................................................................................11 總體結(jié)構(gòu)設(shè)計(jì) ....................................................................................................11 流程圖設(shè)計(jì) ...................................................................................................... 12 各模塊功能概述與實(shí)現(xiàn) ..................................................................................... 13 數(shù)據(jù)包采集中各類的關(guān)系 .......................................................................... 13 數(shù)據(jù)包 捕獲與分析模塊 .............................................................................. 14 流量獲取模塊 ............................................................................................ 16 數(shù)據(jù)統(tǒng)計(jì)模塊 ............................................................................................ 20 常見攻擊分析功能 ..................................................................................... 21 5 系統(tǒng)測(cè)試 ................................................................................................................. 21 測(cè)試環(huán)境 .......................................................................................................... 21 硬件環(huán)境 ................................................................................................... 21 操作系統(tǒng)及軟件運(yùn)行環(huán)境 .............................................