Name of Project: Research of Key Technology for Network Information Security 
Source of Project：Key project of the National Basic Research Program (973 Program)
Person in charge: Gao Qingshi, Guo Li

Project Profile:
  Along with the advent of information explosion era, internet, while serving as an important channel of information as a new type of media, has also posed serious threat to State security and social stability with flooding harmful information of various sorts. At present, there are still some research subjects full of challenges when it comes to the basic theory and key technology of network information. To address this, a key project was initiated under 973 Program to carry out relevant research. Our Research Center undertakes one of the sub-projects of the project, aiming at solving two types of research issues: network flow analysis and real-time text matching.

Network Flow Analysis
  Research is going to be carried out into TCP and UDP flow measurement and analysis technology under high speed network flow environment, and into technology for active measurement and analysis of flow under private P2P protocol. TCP protocol is a wired transport protocol, which calls for both parties of communication to stay connected in the course of communication so as to provide timeout retransmission, flow control and other services. It is a protocol taking up a fairly large number of resources. In contrast, UDP protocol is a wireless oriented transport protocol with neither concept of connection nor control over congestion, therefore, it does not call for both parties to stay connected. As a result, there is almost no cost for the management. In recent years, UDP is more and more chosen as bottom layer transport protocol in many newly-emerging network services. The research into the approach to the measurement and analysis of TCP and UDP flow is significant. P2P has become an important part of network application, based on which almost all types of network application services can be constructed, such as conventional text, picture and file downloading and other new types of services emerging along with the increase of demand including online audio ad video services. The percentage of bandwidth occupied by P2P increased to over 70% rapidly. However, with the development of P2P protocol toward encryption or privatization, there are not so many P2P networks which can be actually measured. This has been a great barrier to the understanding of P2P network evolution mechanism and behavioral characteristics. As a result, the Project focuses on the research of format and semantic features of P2P protocol, technology for automatic feature discovery, technology for active measurement of P2P network, etc.

Real Time Text Matching
  Research is going to be carried out into real time matching algorithm of text message so as to meet the demands for large scale, complicated and ambiguous real time text matching. Large scale matching demands come from 2 aspects: on one hand, the scale of pattern string set is getting larger and larger, increasing from the previous thousand level to the current mega scale; on the other hand, the network flow data to be matched increased rapidly, with the amount of data on backbone network increasing to dozens of G. Demand for complicated semantics is related to accurate pattern string, and based on this, logic operation needs to be added on the upper layer of accurate pattern string to express the real time matching rule semantics more accurately so as to enable more accurate information positioning in the text. Ambiguous demand derives from the uncertainty of network text message. Text matching rule in the form of regular expression can meet the demand for rapid and accurate positioning feature information in the uncertain network information flow. The matching algorithm of regular expression on fairly large scale is the hotspot of current research.