Active detection-based host IP flow estimation method
A technology that actively detects and outputs traffic. It is applied in digital transmission systems, electrical components, transmission systems, etc. It can solve problems such as inability to access and control network equipment, install software, and inability to host, and meet the stringent requirements of eliminating the environment and access rights , saving detection resources, and accurate calculation results
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment 1
[0036] The main technical basis of the present invention is: in the communication process using IP as the protocol, each IP packet (regardless of sending and receiving) has an IP header. There is an IP_ID field in the IP header, which is a digital type and identifies the ID number of each data packet; the IP protocol stipulates that each time the host sends a data packet, the IP_ID field is increased by 1, that is, the step size is incremented sequentially. For example, during the IP communication process of a certain host, the IP_ID field value of the IP packet sent by it at a certain moment is 20, then no matter who the target IP address of the IP packet sent next is, its IP_ID field value must be 21.
[0037] Therefore, the present invention detects the IP outgoing traffic of any target host based on the change law of the IP_ID field. The present invention adopts the idea of active detection, initiates IP communication (such as sending ICMP detection, actively requesting ...
Embodiment 2
[0039] As the best implementation mode of the present invention, the goal of this program is to estimate the IP outflow of the remote host, and the method is as follows:
[0040] (1) Suppose the target host is H, and an arbitrary host M is used as the measurement host, and H and M are required to communicate with each other through the IP protocol;
[0041] (2) Initiate IP communication to host H through M. The communication methods include but not limited to: ICMP (ping), establish TCP connection, and establish UDP session. During the communication process, observe the IP packets sent by H on M. like figure 1 shown.
[0042] (3) Starting from the moment when M receives an IP packet from a certain H, record the current time as T start , and record that the IP_ID field value of the IP packet is IP_IDstart , and set a counter COUNT, set the COUNT value to 0. The starting point can be chosen arbitrarily during the communication process.
[0043] (4) Continue to maintain the ...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com