Unlock instant, AI-driven research and patent intelligence for your innovation.

Network controller, network control system and network control method

A network control and network technology, which is applied in the direction of transmission system, digital transmission system, data exchange network, etc., can solve the problem of difficult to prevent traffic error control, no consideration, etc.

Inactive Publication Date: 2009-04-29
ALAXALA NETWORKS
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there is a problem that the acquisition of information necessary to determine the characteristics of the extracted traffic (for example, DDoS attacks, the spread of network worms, P2P file exchanges, etc.)
Therefore, it is difficult to prevent erroneous control of the extracted traffic when it is necessary to control the extracted traffic such as interruption.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network controller, network control system and network control method
  • Network controller, network control system and network control method
  • Network controller, network control system and network control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0042] Example 1 will be described. figure 1 A configuration diagram of a network control device according to an example of this embodiment is shown. In the figure, 101 is the network control device of this embodiment, 102 is an input / output device for giving instructions to the network control device 101 or displaying the status, and 103 , 104 , 105 are networks connected to the network control device 101 .

[0043] The network control device 101 is composed of a packet transfer processing unit 106 and a specific traffic detection control unit 107 . The connection interface 108 connects the packet transfer processing unit 106 and the specific traffic detection control unit 107 , and enables data exchange between the packet transfer processing unit 106 and the specific traffic detection control unit 107 .

[0044]The packet transfer processing unit 106 includes a CPU 109 , a memory 110 , a packet transceiver unit 111 for transmitting and receiving packets between the networks...

Embodiment 2

[0099] Example 2 will be described. Figure 11 A configuration diagram of a network control system according to a second example of this embodiment is shown. In the figure, 1101 is a packet transfer processing device that performs packet transfer between the networks 103, 104, and 105, and 1102 is a network control device that analyzes information received from the packet transfer processing device.

[0100] The packet transfer processing device 1101 includes a CPU 1103 , a memory 1104 , a packet transmission and reception unit 1105 for transmitting and receiving packets between the networks 103 , 104 , and 105 and the network control device 1102 , and a flow control unit 1106 . The memory 1104 includes a route table 1107 for determining a network to be transferred according to the destination address included in the packet, and a packet buffer 1108 for temporarily storing packets received by the packet transceiver 1105 . In addition, the flow control unit 1106 includes a flo...

Embodiment 3

[0117] Example 3 will be described. Figure 13 is shown figure 2 The diagram of another embodiment of the packet count table 119 in Embodiment 1 shown in the above is similar to the packet count table 119 for generating arbitrary combinations of items constituting the traffic information and performing combinations including the above items. A table of the cumulative number of packets processed.

[0118] In the case of this embodiment, the items constituting the above traffic information include source IP address (srcip), receiver IP address (dst ip), source port number (src port), and receiver port number (dst port). Generating any combination of n items (1≦n≦4) from the above four types of items.

[0119] In addition, in this embodiment, the processing target items are set to the above four types, but other items may be further added or deleted according to the characteristics of the traffic to be detected. For example, flag information in the TCP header may be included ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A network controller, capable of high-speed extraction of malicious traffic from networks and determining characteristics of such traffic, includes a unit for accumulating a number of packets for each arbitrary itemset included in the header portions of packets to be transferred, and a unit for determining whether the accumulated value obtained by the accumulating unit exceeds a predetermined threshold, and determines the types of packets to be transferred from accumulated values of the itemset and an itemset different from the itemset when the number of packets exceed a threshold.

Description

technical field [0001] The present invention relates to a network control device and system for transferring data packets on a network between networks, and more particularly to a network control device and system capable of efficiently detecting inappropriate traffic from a large amount of traffic and controlling the transmission of the traffic . Background technique [0002] As the use of the Internet and local area networks has spread, the importance of stable operation of these networks has increased. Especially on the Internet, an uncertain number of users use various applications. Therefore, the possibility of generating overload traffic that is greater than estimated by the Internet service provider or traffic caused by illegal activities such as attacks and network worms increases. How to detect and control these situations to ensure the stability of normal communication has become an issue. . [0003] An intrusion detection system is known as one of representativ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/24H04L12/56H04L12/801
Inventor 渡边义则矶部隆史樋口秀光
Owner ALAXALA NETWORKS