Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Traffic characteristic-based P2P application identification system and method

A technology of application identification and traffic characteristics, applied in the field of network management, can solve the problems of inaccurate identification and loss of effect, and achieve the effect of improving identification accuracy, good implementation flexibility and applicability

Inactive Publication Date: 2010-06-16
BEIJING VENUS INFORMATION TECH +1
View PDF0 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, with the development of P2P applications, in order to avoid the identification and detection of security products, more and more P2P application software uses methods such as encryption to hide the original message characteristics, which makes the current network security products unable to protect P2P Accurate identification of the application, the original identification method based on feature matching has gradually lost its effect
Therefore, current network management products cannot effectively implement measures such as network security management and auditing

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Traffic characteristic-based P2P application identification system and method
  • Traffic characteristic-based P2P application identification system and method
  • Traffic characteristic-based P2P application identification system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0023] Embodiment 1: This embodiment performs specific applications according to actual network traffic, and provides a basic mode of a P2P application identification system and method based on traffic characteristics. like figure 1 As shown, the basic architecture of the basic mode includes: a flow record generator, a connection IP statistic, an up / down flow statistic, a flow information storage, and a flow analyzer. The system workflow of this basic mode is as follows figure 2 As shown, the P2P application identification method based on traffic characteristics includes the following steps:

[0024] Flow record generating step; monitoring IP screening step; uplink / downlink flow statistics step; flow information storage step; and flow analysis step.

[0025] in:

[0026] The flow record generation step uses a hierarchical protocol analysis method and a standardized record generation format to generate flow records for each connection in the network within a fixed time inte...

Embodiment 2

[0031] Embodiment 2: This embodiment is a preferred solution for the flow record generation step in Embodiment 1. In this embodiment, the flow record generation step is responsible for generating the flow records of each connection in the network within a fixed time interval based on the actually captured data packets with a hierarchical protocol analysis method and a standardized record generation format, and according to the pre-established The traffic records generated by the time interval are provided to the IP screening step and the upstream / downstream traffic statistics step.

[0032]The basic idea of ​​this embodiment is: first take the actually captured network message as a sample, perform protocol analysis according to the standard protocol format, and obtain various information of the message, for example, the transport layer protocol used by each message is TCP , UDP, ICMP, etc., the source IP, destination IP, source port, destination port, number of bytes, etc. sen...

Embodiment 3

[0036] Embodiment 3: This embodiment is a preferred solution of the monitoring IP screening step in Embodiment 1. In this embodiment, the monitoring IP screening step counts the source IP and destination IP of each connection in the current network environment according to the flow records provided by the flow record generating step; the standard entropy calculation formula is used to calculate the entropy values ​​of the source IP and destination IP distribution respectively , and compare it with the preset threshold; when the source IP is found to be lower than the threshold and the destination IP is higher than the threshold, the N IP addresses with the largest number of connections in the source IP statistical results will be recorded in the monitoring IP set, and at the same time, monitoring will be required The set of IPs provided to the upstream / downstream traffic statistics step as the object of traffic statistics.

[0037] The basic idea of ​​this embodiment is: accor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a traffic characteristic-based P2P application identification system and a traffic characteristic-based P2P application identification method. The system comprises a traffic record generator, a connected IP counter, an uplink / downlink traffic counter, a traffic information memory and a traffic analyzer. The network identification method comprises the following steps: generating a traffic record; monitoring IP filtering; counting uplink / downlink traffic; storing the traffic information; and analyzing the traffic. The system realized according to the invention solves the problem of not high accuracy because the P2P network application identification is performed based on encrypted transmission technology and the like and only dependent on the characteristic matching, and realizes the function of performing the P2P application identification in an actual network environment in real time according to the statistical condition of the traffic.

Description

technical field [0001] The invention relates to a system and method used in network management products and audit products, in particular to a system and method for P2P application identification through flow control, belonging to the technical field of network management. Background technique [0002] As one of the important means of network security protection, the network management system is widely used. The current network management system reasonably configures the overall structure of the network according to the actual application, so as to achieve the optimal use efficiency of network resources. The network management system is an effective method for enterprises to realize IT management and process control. It monitors the current network operation status and adjusts policies in real time, thereby avoiding the abuse and waste of network resources and ensuring the normal operation of the network system. With the development of network management technology, P2P is ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/24H04L29/06H04L29/08
Inventor 孙海波汤国祥张雪锋王克铨
Owner BEIJING VENUS INFORMATION TECH
Features
  • Generate Ideas
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com