A deep message detection method, network device and system

A technology of in-depth message detection and network equipment, applied in the field of network security, can solve problems such as reducing control effects, consuming processor resources, affecting service quality, etc., achieving the effect of saving network resources and solving balance problems

Active Publication Date: 2007-10-17
HUAWEI TECH CO LTD
View PDF0 Cites 44 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The inventor has found through research that the above two schemes all have defects in varying degrees: in the process of performing DPI detection in series, since DPI detection is to search for feature words on IP data packets, it consumes very much processor resources, resulting in DPI detection. Become the bottleneck of data forwarding, thus affecting the service quality QoS of all services
However, in the process of performing DPI detection in parallel, all user traffic must be copied to the DPI detection device for detection through optical splitting or mirroring, which increases the burden on the DPI detection device and interferes with users. It is difficult to implement under UDP encryption application, which reduces the control effect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A deep message detection method, network device and system
  • A deep message detection method, network device and system
  • A deep message detection method, network device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments, but it should not be regarded as a limitation of the present invention.

[0045] In the embodiment of the present invention, considering that the router or Broadband Network Gateway (BNG) in the existing network has high data forwarding capability and the DPI detection device has strong recognition ability but weak forwarding capability, a parallel connection of the DPI detection device is adopted. to the networking mode on the router or BNG.

[0046]As shown in Figure 4, it is a schematic structural diagram of the network system in the embodiment of the present invention. On the basis of the existing networking, the DPI detection device is externally mounted on the BNG or router, and the BNG or router and the DPI detection device are connected through a physical interface. Among them, the BNG or router is used to receive the data message sent by...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the network safety technology, discloses a deep message detection method, network equipment and system. The method includes: receive the data message in the data stream; determine whether the data message required to be detected or not, if yes, firstly identify the data message; if can't be identified, then copy the data message, and send one copy of the data message to the deep message detection device, that is, the DPI detection device for deep message detecting. The invention may solve the balancing problem between the DPI detection and rapid data forward performances, meet with the sensing and controlling demand of network operator for the internet services, save the network resources.

Description

technical field [0001] The present invention relates to network security technology, in particular to a deep packet inspection (Deep Packet Inspection, DPI) method, network equipment and system. Background technique [0002] With the continuous development of IP technology, the IP network is gradually transforming from carrying a single Internet service to carrying voice, data, video, VIP line, 3G, NGN and other carrier-level multi-services. During the transformation process, fundamental changes will also take place in the security, reliability, and service quality of IP networks. [0003] On the one hand, computer networks are subject to more and more serious attacks and intrusions, causing huge losses to users and operators. Although the emergence of firewalls has mitigated some of the attacks. However, ordinary firewalls are powerless to spread and attack viruses hidden in the payload of IP packets. In recent years, the development trend of network attacks is to gradua...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L12/56H04L29/06
Inventor 潘灏涛张浩姚锦晓田向远李维
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap