Design And Implementation Of Online Network Traffic Monitoring System

After decades of steady development,the Internet industry has played an important role in contributing to the development of world's economic and society,and the scale of the network has become increasingly larger.The online network traffic monitoring system plays a vital role in ensuring the normal operation of the network,timely diagnosing network faults,and satisfying different service requirements of users.This paper designs an online network traffic monitoring system,which is derived from the project requirements.The system completes the real-time monitoring function of the import and export network traffic of Beijing Siku Trading Company,providing real-time network application analysis data for enterprise network managers.The main works completed during the period are as follows:(1)In the data acquisition part of the whole system,the PF_RING packet capture mechanism based on the "zero copy" idea is introduced.The memory mapping and ring buffer principle of PF_RING is used to reduce a large amount of time consumption in the packet capture process.It avoids problems of the high time cost and packet loss rate in the network with large bandwidth brought by traditional Libpcap.It also eliminates problems that data cant not be used in real time and other issues brought by tcpdump,snort,etc.(2)When the packet data is stored in the memory,the frequent requesting and releasing the memory will result in a large amount of CPU consumption.The self-designed memory pool realizes the storage of the packet information,which not only effectively controls the CPU usage of the system,but also avoids the problem of poor real-time interaction of data brought by the traditional pcap_dump function.(3)After studying several classical machine learning algorithms such as C4.5,multivariate LR,XGBOOST and RF,ensemble learning is used to complete the Stacking fusion model,which ensures advantages of these algorithm.It achieves feature selection by combining network data flow characteristics and engineering practice.The model is tested on the experimental data,and applied in the traffic classification function of the actual network.(4)Having completed functions of the real-time traffic data query,domain name traffic query,traffic classification,cumulative historical traffic query and so on,the system can ensure to monitor of traffic in real-time.Visual charts allow users to view specific traffic information more efficiently.The system effectively contributes to enterprise network administrators to grasp the usage of network bandwidth,timely deal with link failures,analyze users behaviors,and reasonably provide traffic scheduling policies which ensures users obtain high-quality Internet services.