网络音视频数据捕获与还原技术研究

II
哈尔滨工业大学工学硕士学位论文
目
摘 目
录
要 ........................................................................................................................... I 录 ......................................................................................................................... III
硕士学位论文
网络音视频数据捕获与还原技术研究
RESEARCH ON TECHNIQUE OF CAPTURE AND RECONSTRUCTION AUDIO AND VIDEO TRAFFIC
贾荣来
哈尔滨工业大学 2012 年 6 月
国内图书分类号： TP309.2 国际图书分类号： 004.9
I
哈尔滨工业大学工学硕士学位论文
Abstract
In recent years, the dissemination of information on the network is gradually replacing the traditional media, the amount of multimedia messages such as audios and videos on the internet is growing rapidly, meanwhile, issues of information security caused by the network audio and video are also increasingly prominent. That the reactionary audios, videos, speeches, rumors and pornographic informations, which are disseminated widely on the network by lawless persons, seriously endanger physical and mental health of people, and even disrupt the normal social order, and seriously endanger national interests and security. All these have brought challe nges to management work of information security on the network. Strengthening the supervision to audio and video information on the networks has become an important and urgent task of current network information security management. Restoration of the network protocol is the core task of practicing supervision to network. In view of the polularization of the large flow network and the extensive application of muti-core processor, this paper designs and implements a effective audio and video transmission protocol reconstructiong platform, which is completely implemented in user level. The platform captures the audio and video packets on the network to restructure mainly on the bypass monitoring mode. It can restore the audio and video data packets to original files and store according to the need. This paper introduces some key technolgies of network protocols restore such as packet capture, packet reassembly, application layer protocol reduction, and data storage. In order to deal with the audio and video streaming on the Internet more effectively, The paper also analyses the audio and video transmission protocols, and study the theories and methods of flow identification. This paper have realized the reduction of HTTP 、 FTP and RTSP/RTP protocol. Finally, the result of experiment shows that the platform can efficiently, correctly restore audio and video data packets on the network to the application layer, and can add a variety of application layer protocols restore module as needed. The platform provides an interface for analysis of audio and video on the networks, and facilitate the monitoring and management of audio and video traffic on the network. Keywords: information security, audio and video, protocol reduction
ABSTRACT ................................................................................................................. II 第 1 章 绪 论 ............................................................................................................... 1 1.1 课题背景及研究的目的和意义 ......................................................................... 1 1.2 国内外研究现状 ................................................................................................. 2 1.3 本文的主要研究工作 ......................................................................................... 3 1.4 本文的结构 ......................................................................................................... 4 第 2 章 音视频传输协议分析 ..................................................................................... 5 2.1 传统协议 ............................................................................................................. 5 2.2 流媒体协议 ......................................................................................................... 6 2.2.1 RTSP 协议 .................................................................................................... 6 2.2.2 RTP 协议 ...................................................................................................... 8 2.3 本章小结 ............................................................................................................. 9 第 3 章 音视频协议还原及其关键技术 ................................................................... 10 3.1 协议分析还原原理 ........................................................................................... 10 3.2 网络协议栈工作原理 ....................................................................................... 10 3.2.1 OSI 协议栈模型 ......................................................................................... 10 3.2.2 TCP/IP 模型 ................................................................................................ 12 3.3 网络层 IP 协议分析 ......................................................................................... 13 3.3.1 IP 协议简介 ................................................................................................ 13 3.3.2 IP 分片与重组 ............................................................................................ 14 3.4 传输层 TCP 协议分析 ...................................................................................... 15 3.4.1 TCP 协议简介 ............................................................................................ 15 3.4.2 TCP 流重组 ................................................................................................ 17 3.4.3 TCP 流老化 ................................................................................................ 17 3.5 数据包捕获技术 ............................................................................................... 18 3.5.1 数据包捕获原理 ........................................................................................ 18 3.5.2 数据包过滤机制 ........................................................................................ 19 3.5.3 Libpcap 网络安全开发包 .......................................................................... 20
Classified Index: TP309.2 U.D.C: 004.9
Dissertation for the Master Degree in Engineering
RESEARCH ON TECHNIQUE OF CAPTURE AND RECONSTRUCTION AUDIO AND VIDEO TRAFFIC
Candidate： Supervisor： Academic Degree Applied for ： Speciality： Affiliation： Date of Defence：
Jia Ronglai Prof. Tang Shuofei Master of Engineering Computer Science and Technology School of Computer Science and Technology June, 2012
Degree-Conferring-Institution： Harbin Institute of Technology
哈尔滨工业大学工学硕士学位论文
摘
要
近年来，网络上的信息传播正在逐步取代传统媒体，互联网上以音视频为代 表的多媒体信息迅速增长，同时由网络音视频引发的信息安全问题也日益突显。 不法分子在网络上大量传播淫秽色情信息，散布反动言论和谣言，不但严重危害 着青少年的身心健康，甚至扰乱正常的社会秩序，严重危害国家利益和安全，给 网络信息安全管理工作带来了巨大的挑战和压力。加强网络音视频信息的监管， 已成为当前网络信息安全管理的一项重要且迫切的内容。 而网络协议还原是实施 网络监管的核心内容。 针对当前大流量网络的普及和多核处理器的广泛应用， 本文提出并实现了一 种高效的音视频网络数据包重组还原平台，该平台完全工作在用户空间，主要对 以旁路监听方式下在高速网络链路捕获到的音视频网络数据包进行重组及协议 还原。 能够高效的将网络上的音视频数据流还原成原始音视频文件并根据需要进 行存储。 本文详细的介绍了网络协议还原所涉及到的数据包捕获、数据包重组、应用 层协议还原以及数据存储等关键技术。为了更有效的处理互联网上的音视频流， 本文还分析了当前网络上的音视频传输协议， 并研究了流量识别的相关理论与方 法，并对当前网络上最为流行以及最具有代表性的 HTTP、 FTP 和 RTSP/RTP 协 议进行了协议还原。最后通过实验证明，该平台能够高效的、正确的将音视频网 络数据流还原到应用层，并可根据需要加入多种应用层协议还原模块，具有很好 的可扩展性。 该平台能够为网络音视频文件内容分析提供接口， 从而方便了网络上音视频 流量的监控和管理。 关键词 ： 信息安全；音视频；协议还原
学校代码： 10213 密级：公开
ຫໍສະໝຸດ Baidu
工学硕士学位论文
网络音视频数据捕获与还原技术研究
硕 士 研 究 生： 贾荣来 导 师 ： 唐朔飞教授
申 请 学 位 ： 工学硕士 学 科： 计算机科学与技术
所 在 单 位： 计算机科学与技术学院 答 辩 日 期： 2012 年 6 月 授予学位单位 ： 哈尔滨工业大学