基于时间序列的网络流量监测系统的设计与实现
发布时间:2018-08-29 07:42
【摘要】:网络流量管理是网络管理的重要组成部分,网络流量是网络中传输的数据量,是体现网络性能状况和运行状态的关键数据。通过对网络流量进行分析研究,不仅能够起到对网络流量的监测作用,同时还能掌握一定的网络行为规律,实施网络流量预测,对于流量异常情况进行及时告警,以帮助网络管理人员排查和定位网络故障,并为优化网络拓扑和进行网络规划提供科学依据。本文以网络流量为核心,融合了网络流量相关技术,包括网络流量监测技术、网络流量预测技术和网络流量异常检测技术,设计并实现了一个基于B/S模式且具有良好可用性、可视性和可扩展性的网络流量监测系统。系统采用了基于SNMP协议的网络流量监测技术实现对网络流量数据的采集,通过多线程采集方式提高了系统的数据采集效率;针对所采集网络流量的历史数据,采用时间序列分析方法进行数学建模,建模过程使用了经典的Box-Jenkins方法,包括时间序列的平稳性检验、非平稳时间序列的平稳化、模型定阶、模型参数估计、模型检验和模型预测几个主要步骤;使用所建立的ARMA模型实现对网络流量的短期在线预测,并为网络流量自适应阈值异常检测方法中阈值边界的确定提供了来源。系统能很好地实时监测目标网络的网络流量,将网络流量以清晰的图表形式进行显示,能准确预测未来一段时期内网络流量的变化趋势,并对可能的网络流量异常进行及时的检测和告警。本文所实现的网络流量监测系统现已部署到华南理工大学广东省计算机网络重点实验室的服务器上,经测试系统运行良好,达到了预期目标,能满足校园网针对网络流量管理上的实际需求。
[Abstract]:Network traffic management is an important part of network management. Network traffic is the amount of data transmitted in the network, and it is the key data to reflect the network performance and running state. By analyzing and studying the network traffic, not only can the network traffic be monitored, but also the network behavior law can be grasped, the network traffic forecast can be carried out, and the abnormal traffic situation can be alerted in time. In order to help network managers detect and locate network failures, and provide scientific basis for optimizing network topology and network planning. Based on the core of network traffic, this paper combines network traffic related technologies, including network traffic monitoring technology, network traffic prediction technology and network traffic anomaly detection technology, and designs and implements a B / S model with good usability. Visibility and scalability of network traffic monitoring system. The system adopts the network traffic monitoring technology based on SNMP protocol to collect the network traffic data, improves the efficiency of the data collection by multi-thread acquisition, and aims at the historical data of the collected network traffic. The classical Box-Jenkins method is used in the modeling process, including the stationary test of time series, the stationary of non-stationary time series, the determination of model order, and the estimation of model parameters. There are several main steps of model checking and model prediction, and the established ARMA model is used to realize the short-term on-line prediction of network traffic, which provides a source for the determination of threshold boundary in the adaptive threshold anomaly detection method of network traffic. The system can monitor the network traffic of the target network in real time and display the network traffic in a clear chart form, which can accurately predict the change trend of the network traffic in a period of time in the future. And the possible network traffic anomaly timely detection and alarm. The network traffic monitoring system implemented in this paper has been deployed to the server of Guangdong computer Network key Laboratory of South China University of Technology. It can meet the actual demand of network traffic management in campus network.
【学位授予单位】:华南理工大学
【学位级别】:硕士
【学位授予年份】:2015
【分类号】:TP393.06
本文编号:2210640
[Abstract]:Network traffic management is an important part of network management. Network traffic is the amount of data transmitted in the network, and it is the key data to reflect the network performance and running state. By analyzing and studying the network traffic, not only can the network traffic be monitored, but also the network behavior law can be grasped, the network traffic forecast can be carried out, and the abnormal traffic situation can be alerted in time. In order to help network managers detect and locate network failures, and provide scientific basis for optimizing network topology and network planning. Based on the core of network traffic, this paper combines network traffic related technologies, including network traffic monitoring technology, network traffic prediction technology and network traffic anomaly detection technology, and designs and implements a B / S model with good usability. Visibility and scalability of network traffic monitoring system. The system adopts the network traffic monitoring technology based on SNMP protocol to collect the network traffic data, improves the efficiency of the data collection by multi-thread acquisition, and aims at the historical data of the collected network traffic. The classical Box-Jenkins method is used in the modeling process, including the stationary test of time series, the stationary of non-stationary time series, the determination of model order, and the estimation of model parameters. There are several main steps of model checking and model prediction, and the established ARMA model is used to realize the short-term on-line prediction of network traffic, which provides a source for the determination of threshold boundary in the adaptive threshold anomaly detection method of network traffic. The system can monitor the network traffic of the target network in real time and display the network traffic in a clear chart form, which can accurately predict the change trend of the network traffic in a period of time in the future. And the possible network traffic anomaly timely detection and alarm. The network traffic monitoring system implemented in this paper has been deployed to the server of Guangdong computer Network key Laboratory of South China University of Technology. It can meet the actual demand of network traffic management in campus network.
【学位授予单位】:华南理工大学
【学位级别】:硕士
【学位授予年份】:2015
【分类号】:TP393.06
【参考文献】
相关期刊论文 前5条
1 赵军圣;庄光明;王增桂;;极大似然估计方法介绍[J];长春理工大学学报;2010年06期
2 邹柏贤,刘强;基于ARMA模型的网络流量预测[J];计算机研究与发展;2002年12期
3 孙泳,史忠植;MRTG的研究与部署[J];计算机应用;2004年03期
4 刘罗曼;;时间序列平稳性检验[J];沈阳师范大学学报(自然科学版);2010年03期
5 刘经南;曾文宪;徐培亮;;整体最小二乘估计的研究进展[J];武汉大学学报(信息科学版);2013年05期
相关博士学位论文 前1条
1 高波;基于时间相关的网络流量建模与预测研究[D];哈尔滨工业大学;2013年
相关硕士学位论文 前1条
1 张久坤;网络流量模型与流量预测技术研究[D];西安电子科技大学;2012年
,本文编号:2210640
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2210640.html
