| 摘 要: 针对互联网面临的僵尸网络、渗透等恶意威胁,如何确保网络设备的高可靠性、数据的安全性和完整性,是急需解决的问题。本文设计实现了内核级网络流量监测系统,本系统包括流量采集、流量检测、流量统计、防护模块和Web控制台五大模块,实现了流量的捕获和监测均在内核完成,减少了性能开销。使用本系统能够减少服务器遭受恶意流量攻击,为众多Linux服务器提供强大的保护。 |
| 关键词: Netfilter;网络流量检测;内核态;网络安全 |
|
中图分类号: TP315
文献标识码: A
|
| 基金项目: 江苏省大学生创新创业训练项目(xcx2020007). |
|
| Kernel-Level Network Traffic Monitoring System |
|
SHI Runjie, KANG Xiaofeng, WANG Ke, MAO Zhangrui
|
(College of Information Engineering, Xuzhou Institute of Technology, Xuzhou 221000, China)
handchongboy@sina.com; kxfeng07@163.com; admi1n@163.com; 1244529720@qq.com
|
| Abstract: It is urgent to ensure high reliability of network equipment and the security and integrity of data in view of malicious threats such as botnets and infiltrations faced by the Internet. This paper proposes to design and implement a kernel-level network traffic monitoring system which includes five modules: traffic collection, traffic detection, traffic statistics, protection module and Web console. The system realizes that traffic capture and monitoring are completed in the kernel, reducing performance overhead. This system can reduce malicious traffic attack on servers and provide powerful protection for Linux servers. |
| Keywords: Netfilter; network traffic detection; kernel mode; network security |
