计算机应用 ›› 2019, Vol. 39 ›› Issue (12): 3604-3614.DOI: 10.11772/j.issn.1001-9081.2019050949

• 网络与通信 • 上一篇    下一篇

网络协议识别技术综述

冯文博1, 洪征1, 吴礼发2, 付梦琳1   

  1. 1. 中国人民解放军陆军工程大学 指挥控制工程学院, 南京 210007;
    2. 南京邮电大学 计算机学院, 南京 210023
  • 收稿日期:2019-06-06 修回日期:2019-08-07 出版日期:2019-12-10 发布日期:2019-09-02
  • 作者简介:冯文博(1994-),男,河南周口人,硕士研究生,主要研究方向:网络协议识别、机器学习;洪征(1979-),男,江苏南京人,副教授,博士,主要研究方向:网络安全、协议逆向工程;吴礼发(1968-),男,湖北黄石人,教授,博士,CCF会员,主要研究方向:网络安全、网络管理;付梦琳(1995-),女,江苏南京人,硕士研究生,主要研究方向:漏洞挖掘、区块链安全。
  • 基金资助:
    国家重点研发计划项目(2017YFB0802900)。

Review of network protocol recognition techniques

FENG Wenbo1, HONG Zheng1, WU Lifa2, FU Menglin1   

  1. 1. College of Command and Control Engineering, Army Engineering University of PLA, Nanjing Jiangsu 210007, China;
    2. College of Computer Science and Technology, Nanjing University of Posts and Telecommunications, Nanjing Jiangsu 210023, China
  • Received:2019-06-06 Revised:2019-08-07 Online:2019-12-10 Published:2019-09-02
  • Contact: 洪征
  • Supported by:
    This work is partially supported by the National Key Research and Development Program of China (2017YFB0802900).

摘要: 网络流量的协议类型识别是进行协议分析和网络管理的前提,为此研究综述了网络协议识别技术。首先,描述了网络协议识别的目标,分析了协议识别的一般流程,探讨了协议识别的现实需求,给出了评估协议识别方法的标准;然后,从基于数据包的协议识别和基于数据流的协议识别两个类别分析了网络协议技术的研究现状,并对协议识别的各类技术进行了比较分析;最后,针对目前协议识别方法的缺陷和应用需求,对协议识别技术的研究趋势进行了展望。

关键词: 应用层协议, 网络流量, 协议识别, 特征工程, 网络管理

Abstract: Since the protocol classification of network traffic is a prerequisite for protocol analysis and network management, the network protocol recognition techniques were researched and reviewed. Firstly, the target of network protocol recognition was described, and the general process of protocol recognition was analyzed. The practical requirements for protocol recognition were discussed, and the criteria for evaluating protocol recognition methods were given. Then, the research status of network protocol techniques was summarized from two categories:packet-based protocol recognition methods and flow-based protocol recognition methods, and the variety of techniques used for protocol recognition were analyzed and compared. Finally, with the defects of current protocol recognition methods and the practical application requirements considered, the research trend of protocol recognition techniques was forecasted.

Key words: application-level protocol, network traffic, protocol recognition, feature engineering, network management

中图分类号: