摘要

随着互联网在中国的迅速发展，全国各大网络运营商的网络规模都在不断扩张，网络结构日渐复杂，网络业务日趋丰富，网络流量高速增长，这使得网络管理的要求和难度都大大提高。因此，网络运营商需要利用协议分析对网络进行可靠、有效的监测与控制，而传统依靠端口识别的协议分析已经无法实现对协议的准确识别。在这种情况下，如何通过一种新的协议分析方法对网络进行流量控制、网络计费、内容过滤、以及流量管理，为用户提供一个良好的网络环境成为了一个热门的研究课题。

首先，对应用层协议解析的研究现状和已有的检测方法进行了分析和介绍，在此基础上采用了深度包检测（DPI）技术对应用层协议解析；其次，对应用层协议解析系统的系统架构及各子系统的功能做了概要介绍，同时将协议分析模块（包括HTTP分析、DHCP分析）作为核心模块详细加以说明；再次，对整个应用层协议解析做了详细设计，阐述了各个模块的设计原理及实现流程，并通过系统测试，证实了系统设计方案的可行性和正确性。最后，对研究工作进行了总结与展望，肯定了其研究意义和价值，同时也指出了系统存在的不足及今后的改进方向。

关键词：深度包检测，应用层协议解析，数据包捕获函数库，

超文本传输协议

Abstract

With the rapid development of Internet in China, the major network operators, network size in the ever-expanding, increasingly complex network structure, network operations are becoming increasingly rich, high-speed network traffic growth, which makes network management requirements and greatly increase thedifficulty. Therefore, network operators need to network a reliable effective monitoring and control, in this case, how to protocol analysis of network flow control, network billing, content filtering, and traffic management, to provide users with a good network environment has become a hot research topic.

First ,the artical has analysised on the research present situation and the existing detection method on the application layer protocol analysis, and based on this, it used the depth inspection packet (DPI) technology for application layer protocol analysis; Second, the article given an overview on the system architecture of the application layer protocol analysis system and subsystem functions,and at the same time, it gaven a detailed description on the analysis of hypertext transfer protocol (HTTP: hypertext transport protocol) as the core module; Three, the article given a detailed design on the application layer protocol analysis system, described the design principles and processes of each module, and system testing, confirmed the feasibility of the system design. Finally, this paper summarized the research work and looking, ensured its significance and value, and also pointed out the shortcomings of the system and the future direction of the improvement.

Keywords：deep packet inspection, the application layer protocol analysis, libpcap, hypertext transfer protocol analysis

目录

摘要 ........................................................................................................................... I Abstract ......................................................................................................................... II 1 绪言

1.1 课题背景及研究的目的和意义 (1)

1.2深度数据包检测(DPI)国内外研究概况 (2)

1.3 应用层协议概述 (3)

1.4论文的组织结构 (11)

2 应用层协议解析系统设计方案的研究

2.1 系统需求分析 (13)

2.2 基于DPI的应用层协议解析系统设计方案 (14)

2.3 协议分析系统设计方案 (15)

2.4 系统开发语言、工具及环境 (16)

3 基于DPI的应用层协议解析与设计

3.1数据包捕获模块 (17)

3.2 HTTP分析模块 (23)

3.3 DHCP分析模块 (25)

4 系统测试

4.1 测试指标 (28)

4.2 测试环境 (28)

4.3 测试步骤及结果分析 (28)

5 总结与展望 (30)

致谢 (31)

参考文献 (32)