High-speed capturing method of bottom-layer data packet based on Linux

A data packet, high-speed technology, applied in the field of information security, can solve problems such as data packet performance bottlenecks, and achieve the effect of overcoming the shortcomings of capture technology and improving acquisition efficiency.

Inactive Publication Date: 2010-09-22
SOUTHEAST UNIV
View PDF3 Cites 50 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Due to the advent of the gigabit network era, traditional packet capture has encountered performance bottlenecks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • High-speed capturing method of bottom-layer data packet based on Linux
  • High-speed capturing method of bottom-layer data packet based on Linux
  • High-speed capturing method of bottom-layer data packet based on Linux

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The technical scheme of the present invention is described in detail below in conjunction with accompanying drawing:

[0048] From figure 1 and figure 2 In the structural block diagram shown, it can be seen that the present invention, that is, the position of the underlying data packet capture system in the entire DFI sample acquisition platform. figure 1 After the external network data packets in the network card arrive at the network card, they enter the Linux kernel through the network card driver, and then the modified network card driver transfers the network data packets captured by the network card to the virtual capture device module (hereinafter referred to as the VUKM module) to realize kernel space and Data sharing in user space. Finally, the protocol analysis interface on the upper layer extracts the network data packets from the VUKM module and transfers them to the protocol analysis subsystem in the user space. Then the protocol analysis subsystem analyz...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a high-speed capturing method of a bottom-layer data packet based on Linux. By setting a virtual capturing equipment module (VUKM module) to modify a network card driver, the high-speed capturing method leads the data packet reaching to a network card to be capable of bypassing a kernel protocol to be directly passed to a subsequence module for processing so as to realize memory sharing of a user space and a kernel space; and the kernel space transmits the data packet to an upper-layer analysis processing interface module at a high speed, and provides a mechanism for leading an upper-layer application program and the network card to access the VUKM module in a conflict-free manner so as to make further processing to the captured data packet. The high-speed capturing method can acquire the original data packet by the network card at a high speed under the gigabit network environment, and can overcome the defect of the traditional data packet capturing technology, thus improving the acquisition efficiency.

Description

technical field [0001] The invention relates to a high-speed capture method of data packets based on a gigabit network card in a Linux environment, and belongs to the field of information security. Background technique [0002] With the advent of the gigabit network era, the traditional packet capture mechanism has become the performance bottleneck of the entire system. First, the network message is received by the Linux kernel with a single message-driven mechanism, and the kernel performs operations such as buffer application and header verification for each message indiscriminately; second, the message processing program passes the system call every time Only one message is read from the kernel; third, the message needs to be transmitted to the user space where the message processing program is located through multiple memory copies. Ordinary network card and Libpcap interface are enough to ensure that the network packet processing programs running in Linux user space, s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04L29/06G06F12/08G06F12/0866
Inventor 裴文江刘荣伟郑麒麟张春王开孙庆庆
Owner SOUTHEAST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap