Improvement of Passive Packet Capture under High Speed Network
碩士 === 元智大學 === 資訊工程學系 === 97 === Packet Capture is the first step in Network Forensics. We reassemble packets into network session and analyze the information in these network sessions, only after we could capture all the packets completely. With the increasing of network bandwidth, how to capture...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2009
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/24979570484382528771 |
| Summary: | 碩士 === 元智大學 === 資訊工程學系 === 97 === Packet Capture is the first step in Network Forensics. We reassemble packets into network session and analyze the information in these network sessions, only after we could capture all the packets completely. With the increasing of network bandwidth, how to capture packets under high speed network and reduce packet loss happened has become an important issue. In this paper, we try to improve the performance of Packet Capture Library – Libpcap under Linux Operation System by adjusting Linux Kernel and new packet capture architecture – Multi-Buffer Packet Capture Architecture. And we implement this Multi-Buffer Packet Capture System and evaluate performance through the percentage of lost packets.
|
|---|