网络协议识别技术综述冯文博洪征吴礼发付梦琳摘要:网络流量的协议类型识别是进行协议分析和网络管理的前提,为此研究综述了网络协议识别技术。首先,描述了网络协议识别的目标,分析了协议识别的一般流程,探讨了协议识别的现实需求,给出了评估协议识别方法的标准;然后,从基于数据包的协议识别和基于数据流的协议识别两个类别分析了网络协议技术的研究现状,并对协议识别的各类技术进行了比较分析;最后,针对目前协议识别方法的缺陷和应用需求,对协议识别技术的研究趋势进行了展望。关键词:应用层协议;网络流量;协议识别;特征工程;网络管理中图分类号:TP393.02计算机网络与结果文献标志码:AReviewofnetworkprotocolrecognitiontechniquesFENGWenbo1,HONGZheng1x,WULifa2,FUMenglin1(1.CollegeofCommandandControlEngineering,ArmyEngineeringUniversityofPLA,NanjingJiangsu210007,China;2.CollegeofComputerScienceandTechnology,NanjingUniversityofPostsandTelecommunications,NanjingJiangsu210023,China)Abstract:Sincetheprotocolclassificationofnetworktrafficisaprerequisiteforprotocolanalysisandnetworkmanagement,thenetworkprotocolrecognitiontechniqueswereresearchedandreviewed.Firstly,thetargetofnetworkprotocolrecognitionwasdescribed,andthegeneralprocessofprotocolrecognitionwasanalyzed.Thepracticalrequirementsforprotocolrecognitionwerediscussed,andthecriteriaforevaluatingprotocolrecognitionmethodsweregiven.Then,theresearchstatusofnetworkprotocoltechniqueswassummarizedfromtwocategories:packet-basedprotocolrecognitionmethodsandflow-basedprotocolrecognitionmethods,andthevarietyoftechniquesusedforprotocolrecognitionwereanalyzedandcompared.Finally,withthedefectsofcurrentprotocolrecognitionmethodsandthepracticalapplicationrequirementsconsidered,theresearchtrendofprotocolrecognitiontechniqueswasforecasted.Keywords:application-levelprotocol;networktraffic;protocolrecognition;featureengineering;networkmanagement0引言網络协议是通信实体在互联网环境中进行数据交换的根底,是计算机网络及数据通信不可缺少的组成成分。网络协议描述了特定网络环境下通信设备之间的通信过程,规定了通信报文的格式、处理方式和交互时序,其质量关乎网络...
