计算机技术与发展2024,Vol.34Issue(10):77-83,7.DOI:10.20165/j.cnki.ISSN1673-629X.2024.0196
增强的Zeek网络流量采集与监控分析系统设计
Design of an Enhanced Zeek Network Traffic Collection and Monitoring Analysis System
摘要
Abstract
With the development of computer technology and network attack methods,the need for network monitoring continues to be strong.We present a network traffic collection,monitoring and analysis system based on enhanced Zeek.The system is designed to address the discrepancy between enterprises and institutions'current network monitoring capabilities and their actual needs.It also aims to provide a reusable,integrated system for traffic management.The system utilizes Zeek's scalability and incorporates multi-port identi-fication and customized collection intervals to achieve a more accurate and flexible collection of network aggregated traffic.It then combines locally stored collected data with persistent storage to comprehensively analyze network security data on the web.The system enables personalized collection,real-time monitoring,and traceability analysis of traffic data in large-scale network environments and reduces information latency while ensuring the smooth operation of existing application systems.It provides a foundation for further expansion into other application modes.关键词
网络流量/Zeek/个性化采集/端口识别/流量监控分析/WebKey words
network traffic/Zeek/personalized collection/port identification/traffic monitoring analysis/Web分类
计算机与自动化引用本文复制引用
沈萍,陈俊丽,张汉举..增强的Zeek网络流量采集与监控分析系统设计[J].计算机技术与发展,2024,34(10):77-83,7.基金项目
国家自然科学基金(12174245) (12174245)
