基于众核网络处理器的用户语义识别系统

Users Semantic Identification System Based on Multi-core Network Processor

针对传统流量识别方法在高速网络下识别精度差、效率低、无法对应用层协议内部用户行为进行识别等问题,设计并实现了基于众核网络处理器的用户语义识别系统,并提出了软硬结合的系统实现方式。该系统以Tilera Gx36众核网络处理器作为硬件平台,采用基于深度语义数据包识别技术,并结合运用了改进的模式匹配方法。该方法不仅能够识别数据包的应用层协议类型,还可以对应用层协议进行深粒度行为识别,并显著减少了规则的匹配次数,有效地节省了数据包在匹配过程中消耗的时间,降低了匹配的时间复杂度和空间复杂度,进一步提高了系统的识别精度与处理能力。为验证所提出方法和所构建系统的有效性,在万兆网络带宽下进行了系统功能和性能的测试。测试实验结果表明,所构建的系统能满足对应用层协议及数据包实时、准确识别的要求。

Aiming at the problem that traditional traffic recognition method has poor accuracy and low efficiency in high-speed network and can＇ t identify the user behavior in the application layer protocol, a DSI （Deep Semantic Inspection） system based on multi-core net-work processor is designed and implemented and the implementation of system combined software and hardware is put forward. With Tilera Gx36 multi-core network processor as the hardware platform, it uses the identification technology based on deep semantic packet and improved pattern matching method which not only can identify the application layer protocol but also can recognize the user behavior, thus greatly reducing the matching times of the rules and effectively saving the time during the matching process for reducing the time complexity and space complexity and further improving the system＇ s recognition accuracy and performance. Tests on the function and performance of established system have been performed under the Gigabit network bandwidth. The experimental results show that the sys- tem can meet the real-time and accurate recognition ability of the application layer protocol.