摘要
本文设计并实现了一个IPv6高速网络流量分析系统。为了兼容运营商不同网络类型的流量采集,系统提出一个大规模分布式的流量采集器,实现IPv4和IPv6不同时间粒度网络流采集和归并。进一步,为了减少无效的比较操作次数,提出了基于信息熵的快速归并方法,使用网络流归并时可能出现的结果数量作为该方法的输入,根据归并指标的信息熵判断归并时比较操作的先后顺序。IPv6高速网络流量分析系统在中国科技网上部署,实现了对IPv4/IPv6骨干网络流量采集和分析。
This paper designs an IPv6 High-Speed Network Traffic Analysis System(IPv6-TAS).In order to collect traffic network flows with different network types of operators,the system proposes a Large-Scale Distributed Traffic Collector(IPv6-Collector)to collect and merge network flows of IPv4 and IPv6 at different times.Furthermore,this paper proposes a Fast Merging Method Based On Information Entropy(Entro-Merger)to reduce the number of invalid comparison operations The input of Entro-Merger is the number of the results that probably occurred when network flows merged,And get the order of comparison operations based on the information entropy of the merge indicators during merging.IPv6-TAS was deployed in China Science and Technology Network to collect and analyze IPv4/IPv6 backbone network traffic.
作者
刘正印
韩春静
Liu Zhengyin;Han Chunjing(School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China;Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China)
出处
《科研信息化技术与应用》
2018年第1期23-29,共7页
E-science Technology & Application
基金
国家科技重大专项"5G与信息中心网络(ICN)融合技术研发"(2017ZX03001019-003)
中国科学院科技服务网络计划(STS)课题"5G网络关键技术研发与验证"
关键词
网络流
IPV6
归并
信息熵
traffic monitoring and analysis
IPv6
trafficCollector
information entropy
