基于流量采集IP定位及查询应用系统的设计与实现

发布时间：2018-04-10 04:35

本文选题：流量采集　切入点：IP地址　出处：《东华大学》2014年硕士论文

【摘要】：截止2013年6月底,我国网民规模已经达到5.9亿,互联网已经广泛地被应用到日常工作、生活中的方方而面。然而,随着网民数量的急剧增加,区分IP地址的来源在许多互联网应用或对安全要求较高的企事业单位是非常重要的关注内容。IP地址的来源,所属ISP供应商、所属企业或个人、或IP数据包最原始的来源主机等信息是IP地址定位查询的重要内容。基于流量采集及IP查询定位的技术能够帮助互联网网站管理人员在不同粒度上对IP地址的来源进行定位,提高网站的安全性和可用性。由于用户接入网络方式的趋于多样化,针对不同的通信传输信道设计精确的IP查询定位系统有时很难达到预期的目标。虽然现在已经出现相关的IP地理信息查询定位系统,但在一定程度上不能覆盖相关浏览客户端的定位信息。对IP地址进行细粒度的定位,如对NAT转换之前的IP地址查询及相关主机信息查询定位一直没有较好的方法。本文在对IP地址分配理论进行深入研究的基础上,对互联网现状进行了分析,重点对当今主流的IPV4网络进行研究分析,包括营运商IPV4地址分配方案,营运商网络的组织结构和网络分配的层次结构。本文描述的主要研究和实践工作概述如下： 1)重点研究企业内部的IPV4网络拓扑结构,对不同复杂度的网络进行分析,对非企业内部网络IP地址的查询设计了一种基于IP分配记录信息数据库查询的定位方案,对于企业内部包含大量私有网络的实际情况设计了一种基于流量采集技术的企业内部私有IP地址定位查询方案。 2)详细描述了一种基于流量采集及IP查询应用系统的开发过程。通过对WHOIS服务的访问和返回数据的解析,设计了一种简洁且结果可读性更强的IP地址ISP来源信息的查询子系统。同时针对ISP服务商IP资源的分配特点,设计了一种基于IP地址分配记录数据库查询的IP查询定位系统。针对互联网企业的网络结构实际情况,设计了一种基于流量采集技术的企业内部私有IP地址的查询定位系统。 3)实现了基于WHOIS服务的ISP信息查询子系统和基于流量采集技术的企业内部私有IP地址查询定位系统,提供了良好的操作界面和查询接口。本文作者研究、设计和实践的部分技术成果已经在某企业单位配合安全检测系统的使用中得到了成功的应用。
[Abstract]:By the end of June 2013, the number of Internet users in China has reached 590 million. The Internet has been widely used in daily work and life.However, with the rapid increase in the number of Internet users, distinguishing the source of IP addresses in many Internet applications or enterprises and institutions with high security requirements is a very important source of concern. IP addresses belong to ISP suppliers, enterprises or individuals.Or IP packet original source host and other information is an important content of IP address location query.The technology based on traffic collection and IP query location can help Internet website managers locate the source of IP address in different granularity and improve the security and usability of the website.Due to the diversification of user access network, it is difficult to design accurate IP query and location system for different communication transmission channels.Although there are related IP geographic information query and location systems, to a certain extent, it can not cover the location information of related browsing clients.There is no good way to locate the IP address with fine granularity, such as the IP address query before NAT translation and the related host information query.Based on the in-depth study of IP address allocation theory, this paper analyzes the current situation of the Internet, focusing on the mainstream IPV4 network, including the operator IPV4 address allocation scheme.The organizational structure of the operator network and the hierarchical structure of the network allocation.The main research and practical work described in this paper are summarized as follows:1) focusing on the IPV4 network topology in the enterprise, analyzing the different complexity of the network, and designing a location scheme based on IP assignment record information database query for the IP address query of the non-enterprise internal network.In this paper, a private IP address location query scheme based on traffic acquisition technology is designed for the actual situation of a large number of private networks in an enterprise.2) the development process of an application system based on traffic collection and IP query is described in detail.By accessing the WHOIS service and parsing the returned data, a simple and more readable query subsystem of IP address ISP source information is designed.According to the characteristics of IP resource allocation of ISP service provider, an IP query location system based on IP address assignment record database query is designed.According to the actual situation of network structure of Internet enterprises, a query and location system of private IP address in enterprises based on traffic acquisition technology is designed.3) the ISP information query subsystem based on WHOIS service and the private IP address query and positioning system based on traffic collection technology are implemented, which provides a good interface and interface.The author studies, designs and practices some technical achievements which have been successfully applied in the application of the safety inspection system in a certain enterprise.
【学位授予单位】：东华大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.07

【参考文献】