摘要
网络数据的捕获与分析,是网络安全的关键技术。本文利用Win32平台下的WinPcap函数库,设计并实现了一个协议还原系统。它应用了改进的BM算法、多线程技术、COM技术等来提升协议还原性能以及软件的复用和扩展,并且可以把sniffer、wireshark的数据文件作为分析源。该系统可以对Http,Pop3,Ftp,Msn,Telnet等知名协议进行用户层次上的分析,并向系统使用者提供一个与被分析用户所看到的一样的场景。
The capture and analysis of internet data is the key technology of the net security. This paper shows how to design and realize a protocol recovery system by using the WinPcap function library under the Win32 platform .The System applies improved BM algorithm, multi-thread technology and COM technology" to enhance the recovery performance of protocol, software reusability and scalability. And the data files of sniffer and wireshark could be used as analysis source. It can analyze well-known protocols like Http, Pop3, Ftp, Msn, Telnet and so on in the User-Level for providing the system user with the same scene as what is seen by the monitored user.
出处
《微计算机信息》
2009年第21期111-112,共2页
Control & Automation
