One-way flow detection method and network equipment

A technology of network equipment and detection methods, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve problems such as file packet loss, failure to form file content, and application programs cannot do so

Active Publication Date: 2013-04-10
HUAWEI TECH CO LTD
View PDF2 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The existing proxy technology relies on the kernel mode protocol stack function provided by the host operating system. To reach the application program, the message needs to be copied many times, which is a huge overhead in terms of performance.
At the same time, all the information required by the link is fully maintained by the operating system kernel, and the application cannot do any intervention
[0005] The disadvantage brought by the maintenance of link information by the operating system kernel is that all messages must pass through the operating system kernel in order to realize the normal maintenance of link information to form a complete file content
If a message in the file is forwarded from other paths without being processed by the kernel, the file will lose packets due to inconsistency in the link information, and eventually the link of the file will be interrupted, and the complete file content cannot be formed.
Therefore, none of the existing proxy technologies support one-way traffic inspection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • One-way flow detection method and network equipment
  • One-way flow detection method and network equipment
  • One-way flow detection method and network equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] In order to make the objectives, technical solutions and advantages of the present invention clearer, the following further describes the present invention in detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention.

[0058] The above are only the preferred embodiments of the present invention and are not intended to limit the present invention. Any modification, equivalent replacement and improvement made within the spirit and principle of the present invention shall be included in the protection of the present invention. Within range.

[0059] reference figure 1 , figure 1 It is an application scenario diagram of a method for detecting unidirectional traffic provided by an embodiment of the present invention.

[0060] Such as figure 1 As shown, the internal network has a unified gateway exit, and at least t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a one-way flow detection method and network equipment. A message is analyzed according to protocol stack information in synchronizing information which is sent by other network equipment in receiving detection system. And the application-layer data in the synchronizing information of the message is combined with application-layer data in the synchronizing information which is sent by the other network equipment, so that a file is obtained. If the message is the last message in the file, security detection can be carried out on the file. If the message is not the last message in the file, the synchronizing information of the message can be sent to the other network equipment so that the other network equipment can detect the file according to the synchronizing information of the message, and therefore the security detection based on agent technology to one-way flow is achieved.

Description

Technical field [0001] The invention belongs to the field of safety detection, and particularly relates to a detection method and network equipment for unidirectional flow. Background technique [0002] Currently, in the hardware security market, anti-virus (Anti-Virus, AV) or data leakage prevention (DataLoss, DLP) functions that implement content security detection have become essential security functions for UTM or other network security devices. Since AV or DLP and other features themselves mainly operate on files, if they operate on part of the file instead of the entire file each time, the detection rate of the feature will be greatly affected. On this basis, proxy technology emerged. [0003] The proxy can make the network device act as an intermediary, cache all the file content in the message, and perform security inspection after the entire file is restored, which can significantly improve the detection rate. [0004] The existing proxy technology relies on the kernel mod...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/08H04L29/06H04L12/803
Inventor 薛智慧蒋武李世光
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap