Analysis and Research on Address Message of Unknown Single Protocol Data Frame
Network protocols are sets of standards for certain network communications.The protocol identification and analysis have great significance for network management and security.The technologies of protocol identification are varied,but in the process of protocol identification, in order to simplify the identification process and improve the efficiency of protocol identification,it usually needs to separate the unknown mixed multi-protocol into single protocol, and then makes further identification.This paper presented an efficient method to determine the single protocol address message based on the previous work to separate unknown mixed data frame into single protocol.By this way the data frames of single protocol are split into point to point data frame according to the address, and then the final identification of unknown protocol is achieved.In the end,we evaluated the method by analyzing the ARP and TCP data.The results show that this method can find out more than 2/3 address information.
NETL
NSTL
万方数据
维普
