The Design And Realization Of Network Sniffing System Based On Libpcap

With the development of computer technology and information technology , the network security problem becomes more and more serious in today’s society。The world will suffer tens of thousands of attacks every second, which caused great losses as well.The annual reports on the network security problems emerge in an endless stream such as virus is spreaded more quickly, and the investment to solve the network security problem is increasing.Network sniffing technology is an important technology in the field of network security.People can capture all network initiatively or the specific network packets for analysising to find out the potential network security problems in network and illegal use and attack from hackers and others. Monitoring the network card,getting network packets and understanding the flow and content of data provide for network security analysis Material and a lock for the network security.Network sniffing is also called network monitoring, including flow analysis and data acquisition functions.Network sniffer is a tool to transfer data information in the network with using the computer network interface. Its main use is analysising network traffic in order to find out the concerns of exist and potential problems in the network.The original effective management tool to monitor the operation of network management and network data flow can be software , it can also be hardware. Network sniffer can be used not only for legitimate network, it can also be used to grab the network information.Network administrators and security personnel can use the network sniffer to do network operation and maintenance,such as monitoring network traffic,identifying and analysising network data , diagnosising and repairing abnormal network problems.This paper mainly studies the network packet capture and analysis technology and develops a network packet sniffing system for realizing the data packet capture and analysis which is based on the Libpcap technology. The thesis focuses on the following aspects:(1)I have introduced the concept of network sniffing. The background and significance of current network sniffer are reviewed.(2) I studied the use of network sniffer technology including the Libpcap function library,PF_RING technology , protocol analysis, Packet classification and anomaly detection.(3) I have provided demand analysis on the network sniffer system based on Libpcap.(4) I have did the detailed design on the network sniffer system containing its modules and functions.(5) The capture of Libpcap data package was optimized by using PF_RING technology, using libpcap+PF_RING in Linux system to capture packets improves the capture efficiency, using B/S architecture to realize the network sniffer system, using charts displays data packets and statistical information.