摘要
当前网络安全设备的测试软件可以产生大流量的网络数据流,但难以构造大流量特定内容的应用协议流量,因而不能很好满足基于内容检测的网络安全设备的测试要求。本文所提出的网络应用流量模拟技术,能够模拟用户上网的PPPo E或IPo E方式连接互联网的接入方式、模拟IPv4和IPv6网络互访的应用场景,可以模拟用户访问特定网络应用,产生HTTP、FTP、SMTP、POP3、IMAP、DNS等典型应用协议的大流量完整数据流量,并且能够构造含有特定内容的网络数据。实现的系统还可以通过隧道、翻译或代理技术实现IPv4和IPv6互通,产生IPv4和IPv6网络数据流量。通过大量实验验证,系统能正确生成上述协议数据报文和含有特定内容的网络流量。
The current test software of network security equipment can produce large traffic network data flow, but it is difficult to construct application protocol flow containing specific content, so it can't well meet the test requirements of network security equipment based on content detection. In this paper, the simulation technology of network applica-tion flow can simulate a user access to the internet over PPPoE or IPoE and the application scenario of IPv4/IPv6 visits. It can simulate the user access to the specific network applications to produce large complete data flow with specific content based on HTTP, FTP, SMTP, POP3, IMAP, DNS and other typical application protocol. The system can also realize IPv4-IPv6 visits through the technology of tunnel, translation or agent, producing IPv4 and IPv6 network data flow. Through many experiments, the system can generate the correct protocol data packet and the network traffic con-taining the specific content.
出处
《软件》
2015年第2期14-19,共6页
Software
基金
国家科技支撑计划课题(2012BAH45B01)
大学基础研究基金(2014ZD03-03)
关键词
流量模拟
网络模拟
内容构造
Flow simulation
Network simulation
Content structure