Establishment, identification control method and device for network flow characteristic identification rule

A network traffic and feature identification technology, applied in the network field, can solve problems such as inability to effectively analyze and control, update feature databases, and reduce analysis and control capabilities, and achieve the effect of improving analysis, identification and control capabilities.

Active Publication Date: 2011-05-04
CHENGDU HUAWEI TECH
View PDF3 Cites 86 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] It can be seen that for unknown network traffic, the existing DPI technology cannot effectively analyze and control it; and, when the application software that generates the network traffic is not known, the application protocol feature recogni

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Establishment, identification control method and device for network flow characteristic identification rule
  • Establishment, identification control method and device for network flow characteristic identification rule
  • Establishment, identification control method and device for network flow characteristic identification rule

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The embodiment of the present invention provides a method for establishing a network traffic characteristic identification rule and a network traffic identification control method. The embodiment of the present invention also provides a corresponding device. Each will be described in detail below.

[0037] Please refer to figure 1 , the embodiment of the present invention provides a method for establishing a network traffic feature recognition rule, which is applied to an analysis center server. The analysis center server is remotely connected to the network flow device, and can be used to extract traffic characteristics of unknown network traffic encountered by the network flow device. The method includes:

[0038] 101. The analysis center server receives a network traffic sample.

[0039] The unknown network traffic samples received by the analysis center server may be uploaded by network traffic devices or users.

[0040] 102. Acquire load data of the network tr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an establishment method for a network flow characteristic identification rule. The establishment comprises the following steps of: receiving a network flow sample by using an analysis centre server; acquiring load data of the network flow sample; extracting a flow characteristic from the load data; when the characteristic parameters contained in the flow characteristic reach a corresponding threshold, determining the type to which a network flow belongs corresponding to the corresponding threshold; storing the flow characteristic and the type correspondingly to generate the characteristic identification rule; and transmitting the characteristic identification rule to network flow equipment. By adopting the method of the embodiment, the analysis centre server can extract the flow characteristic of the network flow and establish the characteristic identification rule without pre-installing and operating application software for generating the network flow; and the analysis, identification and control capacity of the network flow equipment to the network flow can be continuously improved by transmitting dynamically updated characteristic identification rule tothe network flow equipment.

Description

technical field [0001] The invention relates to the field of network technology, in particular to a method for establishing a network traffic feature recognition rule, a method for recognition control and a device. Background technique [0002] Flow (Flow)-based Flow analysis technology is currently the mainstream network traffic analysis technology, mainly including NetFlow, sFlow, cFlow and NetStream. [0003] NetFlow is the most widely used traffic analysis technology today. NetFlow can collect the information of layer 2 to layer 4 network traffic in the Open System Interconnect (OSI) reference model, including source IP address, destination IP address, source port, destination port, IP layer protocol type, etc., and can answer Questions about IP traffic, such as who is at what time, where, what protocol is used, who is accessing, and how much traffic is specific. However, NetFlow only analyzes the IP packet header in the network traffic, and cannot really judge the app...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
Inventor 钱晓斌
Owner CHENGDU HUAWEI TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap