摘要
移动网络数据业务的迅猛增长在带来便利和收益的同时,也产生了诸多的安全隐患,为了净化移动网络环境,挖掘网络数据的潜在价值,运营商多采用移动数据流量DPI系统来统一监管网络数据,但面对高速网络数据,DPI的处理性能堪忧。为了优化高速网络数据下的DPI处理效率,文章提出一种基于缓存命中的预处理方法。以数据包的五元组信息作为键,以封装有协议特征标记的连接作为值,创建哈希结构缓存,后续到来的数据包在进入DPI处理前,检索缓存区相应键值对,若命中则将其标记成已识别数据包,这样就避免了部分的数据包进行DPI的模式匹配处理,减小了DPI处理压力,提高了系统的吞吐量。实验证明该方法可有效提升移动网络数据解析效率。
The rapid growth o f data services in mobile network brings not only convenience and benefits,but also lots o f security risks.In order to purify the mobile network environment and mining the potential value of network data,more and more operators use DPI(Deep Packet Inspection) systemson m obile data traffic to supervise the network data.However,facing high speed network data,DPI systems have a poor performance.In order to improve the efficiency of DPI processing in high speednetwork data,this paper proposes a new method o f pretreatment based on the cache hit.The five-tuple o fthe data packets used as the key and the connection with the protocol mark used as the value,create the hash structure cache.Before arrival packets entering the DPI process,search their key-value pairs in thecache.If the key-value pair is found5mark the packet identified.By avoiding pattern matching processing of some data packets,the DPI processing pressure is reduced,and the throughput of the system ifimproved.Experim ents show that this method effectively enhance the efficiency of the analysis of mobile network data.The method is feasible and can be recommended.
作者
马跃鹏
刘吉强
王健
MA Yuepeng;LIU Jiqiang;WANG Jian(School of Computer and Information Technology of Beijing Jiaotong University, Beijing 100044, China)
出处
《信息网络安全》
2016年第10期69-75,共7页
Netinfo Security
基金
国家自然科学基金[61672092]
