何小卫,王申康,何钦铭

DOI: https://doi.org/10.3969/j.issn.1000-3428.2000.07.046

2000-01-01

Abstract:A common network management platform aims at hiding the differences between understratum network elements and providing a uniform operation interface.The platform allows you to work out corresponding agent of Per network management system .The paper discusses the design of SNMP probe which is main part of SNMP agent.

ZHANG Wei,WANG Tao,PAN Yan-hui,HAO Zhen-hua

DOI: https://doi.org/10.16208/j.issn1000-7024.2008.07.060

2008-01-01

Abstract:Network data packet capture is the precondition for network analysis,through the analysis of the models of network data packet capture in Windows,the structure and function of WinPcap based on NDIS is analyzed and introduced in detail,and how to program on the network adapter and how to capture and analyze the network data packets through WinPcap are realized under the envi-ronment of VC 6.0,and the applications of network data capture for network analysis is narrated in detail finally.

Zhaohui Hu,Qi Chen,Ruizhao Yu

DOI: https://doi.org/10.3321/j.issn:1002-8331.2001.10.020

2001-01-01

Abstract:This article introduces the implementation of TCP Protocol and the technique of Port Scanning based on the characteristic of TCP Protocol,at the same time,the several implementations of Port Scanning are also described. We also analyze the potential external attacks that can be made because of the weakness of operation system and the ways to avoid suck kinds of attack are also put up.

WANG Li-chao,LU Qi-yong,LIN Lü-zhou

DOI: https://doi.org/10.3969/j.issn.1006-7167.2006.12.022

2006-01-01

Abstract:This article introduced an experiment,using Win32 based network-analysis and packet-capture link library Winpcap,and Visual C++,to monitor the LAN communication under Windows operation system.The practice proved that through this experiment,students should be able to understand and master computer network more quickly and deeply,and improved their programming skills.

XU Ming,CHEN Qi,WANG Ling-wu

DOI: https://doi.org/10.16208/j.issn1000-7024.2006.14.052

2006-01-01

Abstract:The architecture ofSNMP is studied and the SNMP isanalyzed.Themodel of SNMP protocol stack is designed which support SNMPv1/v2c and SNMPv3,the core engine of this model in differentsub-modules is designed and implemented.Somepivotal technique like retry and multi-tread is used in communication module,USM model is realized in security module.

李章维,张建明,王树青

DOI: https://doi.org/10.3785/j.issn.1008-973x.2004.08.001

2004-01-01

Abstract:For improving the stability, reliability, and convenient safeguard in network systems, a new method for network fault detection based on the network device running status was proposed. Using the feature of real network and SNMP(simple network management protocol) and TELNET(telecommunication network protocol), the realization of multi-agent network management systems was discussed. The network management system is characterized by rapid network fault detection, determination and treatment, which has intelligence and capacity for self-study, and also shortens the time of network fault (response) and treatment, thus the reliability of the network was improved. With the use of multi-Agent technology, the new way for studying network management has advantages of simple calculation, rapid fault detection, etc.

Jiaqian Li,Chengrong Wu,Jiawei Ye,Jiong Ding,Qinwei Fu,Jiatao Huang

DOI: https://doi.org/10.1109/dasc/picom/cbdcom/cyberscitech.2019.00177

2019-01-01

Abstract:Packet capture technology is the basis for network data analysis and processing. The rapid development of network applications, the speed of network transmission, and the speedy increase in the number of network users put forward higher requirements for packet capture technology. Some high-performance network packet capture technologies come into being.This paper first analyzes the inherent defects of the traditional Linux data capture method, and then introduces and analyzes the advantages and disadvantages of the current high-performance packet capture technologies and framework from the technical principle, application flow, packet capture rate and resource occupancy.

Jan Grashöfer,Peter Oettig,Robin Sommer,Tim Wojtulewicz,Hannes Hartenstein

DOI: https://doi.org/10.48550/arXiv.2106.12454

2021-06-23

Networking and Internet Architecture

Abstract:With information technology entering new fields and levels of deployment, e.g., in areas of energy, mobility, and production, network security monitoring needs to be able to cope with those environments and their evolution. However, state-of-the-art Network Security Monitors (NSMs) typically lack the necessary flexibility to handle the diversity of the packet-oriented layers below the abstraction of TCP/IP connections. In this work, we advance the software architecture of a network security monitor to facilitate the flexible integration of lower-layer protocol dissectors while maintaining required performance levels. We proceed in three steps: First, we identify the challenges for modular packet-level analysis, present a refined NSM architecture to address them and specify requirements for its implementation. Second, we evaluate the performance of data structures to be used for protocol dispatching, implement the proposed design into the popular open-source NSM Zeek and assess its impact on the monitor performance. Our experiments show that hash-based data structures for dispatching introduce a significant overhead while array-based approaches qualify for practical application. Finally, we demonstrate the benefits of the proposed architecture and implementation by migrating Zeek's previously hard-coded stack of link and internet layer protocols to the new interface. Furthermore, we implement dissectors for non-IP based industrial communication protocols and leverage them to realize attack detection strategies from recent applied research. We integrate the proposed architecture into the Zeek open-source project and publish the implementation to support the scientific community as well as practitioners, promoting the transfer of research into practice.

Tian GUAN,Ze-xin LU,Jian-jun BAI

DOI: https://doi.org/10.3969/j.issn.1007-130X.2006.12.033

2006-01-01

Abstract:Network emulation is a new technique to test and validate network software and hardware. This paper introduces the concept of network emulation and discusses its principle,focuses on the key techniques of packet interception in the network emulation,and puts forth an implementation framework based on Windows platforms.

Henry N. Ogbu,Moses Adah Agana

DOI: https://doi.org/10.48550/arXiv.1910.10827

2019-10-24

Abstract:This paper was designed to provide Intranet traffic monitoring by sniffing the packets at the local Area Network (LAN) server end to provide security and control. It was implemented using five computer systems configured with static Internet Protocol (IP) addresses used in monitoring the IP traffic on the network by capturing and analyzing live packets from various sources and destinations in the network. The LAN was deployed on windows 8 with a D-link 16-port switch, category 6 Ethernet cable and other LAN devices. The IP traffics were captured and analyzed using Wireshark Version 2.0.3. Four network instructions were used in the analysis of the IP traffic and the results displayed the IP and Media Access Control (MAC) address sources and destinations of the frames, Ethernet, IP addresses, User Datagram Protocol (UDP) and Hypertext Transfer Protocol (HTTP). The outcome can aid network administrators to control Intranet access and provide security.

Cryptography and Security

Dan Cogălniceanu,Jijun Li

2004-01-01

Abstract:In this article,a network intrusion detection system based on WinPcap and Boyer-Moore in Windows2000 /XP is put forward and implemented.Its architecture,the capture to the packets with WinPcap and Boyer-Moore string matching algorithm are introduced and analyzed in detail.

巫喜红

DOI: https://doi.org/10.3969/j.issn.1006-7302.2004.01.014

2004-01-01

Abstract:Network sniffing has been a sensitive topic. It can bring not only convenience but also harm. This paper discusses the principle of network sniffering and expounds its detecting methods and precautionary measures.

汤方澄,杨小虎,董金祥

DOI: https://doi.org/10.3969/j.issn.1000-3428.2002.12.025

2002-01-01

Abstract:This paper proposes a novel approach called IA-NSM(intelligent agents for network security monitor)for monitor and control the local nodes using intelligent agent technology. IA-NSM provides a flexible integration of a multi-agent system in a classical networked environment to enhance protection functionalities against illegal behavior of local nodes. The paper introduces the application background, functionalities, classification of agent, architecture of the network security monitor system based on intelligent agent and the principle of designing secure policy.

于涛,王健

DOI: https://doi.org/10.3969/j.issn.1673-629x.2009.03.064

2009-01-01

Abstract:Introduces how to develop a real-time monitor software based on the Socket protocol for the purpose of monitoring the lower-layer computer which is used in the project of the piece of detecting equipment on computer board.It makes partition on the software frame in object-oriented method,inherites the MFC Dialog class to implement it and discusses in detail the design of the communication protocol.Furthermore,a receiving data structure is proposed according to the project characteristics and the arithmetic of compression and obtains good results.

He dingzhou,Sun yongrong,Gao pengqi,Lü shuqiang,Yan lei

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.02.050

2008-01-01

Abstract:The real-time communication interface to download remote sensing data based on windows network programming is introduced.The techniques of named pipe and winsock API,and the process of remote sensing data unpacking are analyzed.The flying test data is analyzed,and the advice for improvement is given.

王焕然,徐明伟

DOI: https://doi.org/10.3969/j.issn.1000-1220.2004.03.009

2004-01-01

Abstract:With the rapid development of Internet, network management becomes more and more important. The SNMP network management model is the most widely used management model of TCP/IP-based network. The modularization of documentation and architecture and the enhancement of security, which are addressed in SNMPv3, mean the SNMP network management coming to maturity. In this article, the history of SNMP and typical feature of key versions are introduced, some merits and demerits are presented. And, by conclusion, the authors point out the problems at this stage and further work to be done.

Tan Dapeng,Li Peiyu,Pan Xiaohong

IF: 1.019

2008-01-01

Chinese Journal of Electronics

Abstract:Aiming at poor self-adapting performance of Industry monitoring network (IMN) based on server/client mode, an intelligent IMN architecture realization method based on Universal plug and play (UPnP) was put forward. According to field distribution condition and running characteristics of industrial devices, topological IMN model centralized UPnP was established. Combining embedded system technology, monitoring information interaction mechanism was designed using signal communication method, and intelligent management for IMN was realized by the key data structures of Parameter configuration table (PCT) and Control device node (CDN). Industrial experiments prove that this method can realize the anticipated functions of seamless link, zero-configuration and self-recognition.

Chao Wang,Tianyu Ren,Qun Li,Xiaohu Wang,Guangxin Guo,Jiahan Dong

DOI: https://doi.org/10.1088/1757-899x/750/1/012155

2020-02-01

IOP Conference Series: Materials Science and Engineering

Abstract:Abstract With the development of computer technology and communication technology, computer network will increasingly become an important means of information exchange, and permeate into every field of social life. However, the network has the potential threat and the reality existence each kind of security question, therefore we must take the strong security policy to ensure the network security. The purpose of this paper is to study the network computer security hidden trouble and vulnerability mining technology. In this paper, the types of security hidden dangers are analyzed, and the vulnerability detection technology Fuzzing technology is deeply studied. Then, the inspection and test time is analyzed for the existing vulnerability detection tools. The experimental results prove that vulnerability detection technology can protect network security with high efficiency of vulnerability detection. In this paper, three vulnerability detection tools WS Fuzzer, Web Fuzz and Webvul Scan were used to analyze the detection time of open source system, personal blog, shopping mall and forum. The average detection time was 1.9s, 8.7s, 20.5s and 59.7s, respectively. It can be seen that the vulnerability mining technology has a certain practical role.

Jia CHEN,Lei CHENG,Tiange SI,Yiqi DAI

DOI: https://doi.org/10.3321/j.issn:1000-0054.2007.04.040

2007-01-01

Abstract:To solve the problem of Intranet information leakage, this paper proposed a new Intranet security strategy. There are two characteristics in this strategy. In the first place, information is classified by hierarchical means. In the second place, a component called monitor is introduced. With exerting access control over the communication among the entities in the network, the monitor can dynamically isolate the physical connections among host computers involved in security. This new strategy not only ensures information security, but also improves resource utility efficiently. In addition, according to this strategy, a monitor system is also designed based on the Intel IXP2400 chip. Experimental results show that, by virtue of the powerful processing ability of IXP2400, the monitor system could efficiently process high-speed data stream in Gb/s-net.

Chuwen Zhang,Boyang Zhou,Zerui Tian,Liang Cheng,Yuxi Liu,Huayu Zhang,Song Chen,Ying Wan,Wenquan Xu,Tian Pan,Yang Xu,Yi Wang,Hailong Zhu,Bin Liu

DOI: https://doi.org/10.1109/ICNP55882.2022.9940335

2022-01-01

Abstract:Time-Sensitive Networking (TSN) is proposed in recent years to satisfy the strict performance requirements of time-sensitive traffic in a growing number of emerging applications. Even though several traffic scheduling algorithms have been standardized for TSN to pursue this goal, time-sensitive flows may not be forwarded as planned and thus fail to achieve the expected performance in real networks. The fundamental cause lies in the fact that static offline planning cannot adapt to the intrinsic dynamic factors in TSN (e.g., time-synchronization error) at runtime. Hence, next-generation TSN will benefit from a closed-loop design where a performance monitoring system provides feedback of real-time packet-forwarding information. In our research, TSN-Peeper, a light-weight, fast-response and full-coverage TSN performance monitoring system, is designed and evaluated. This paper describes its architecture design and data collection mechanisms that enable timely identification and collection of packet-forwarding misbehavior at low-cost in TSN. TSN-Peeper offloads the misbehavior identification in the switch to relieve the burden on the controller and network bandwidth. To reduce the interruption frequency to the controller, it uses probe packets to collect misbehavior information in aggregation with optimized path planning. To realize controllable reporting delays, it optimizes the sending moments of probe packets according to the flow settings. Experimental results verify that TSN-Peeper offers fast response with low cost while providing full coverage and being scalable.