Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for extracting, analyzing and searching network flow and content

A network traffic and content technology, applied in the Internet field, can solve the problems of a wide range of restored data, inability to fully restore traffic information, and high requirements for original data integrity, to achieve the effect of facilitating effective information

Active Publication Date: 2013-09-04
XI AN JIAOTONG UNIV
View PDF4 Cites 54 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

An existing network traffic restoration method such as figure 1 As shown, although it realizes the analysis and restoration of traffic, it has shortcomings: first, the range of restored data is too wide, the amount of information is large, and the key information that users are concerned about cannot be effectively retrieved; second, the integrity of the original data is required Very high, if any data packet is lost in a session, the session will not be able to restore the application layer file, so the information in the traffic cannot be fully restored in actual use; in addition, after the traffic data is processed and restored, only the web page can be obtained Files, audio / video files, document files, binary files and other conventional types of application layer files, subsequent applications can only extract information based on a large number of application layer files, as regular data for monitoring, the traffic analysis information cannot be fully utilized

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for extracting, analyzing and searching network flow and content
  • Method for extracting, analyzing and searching network flow and content
  • Method for extracting, analyzing and searching network flow and content

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The technical solution of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0022] Such as figure 2 As shown, the network traffic content extraction and analysis retrieval method proposed by the present invention is used for content extraction and key information analysis retrieval of original network traffic, including the following steps:

[0023] The first step is to use the traffic distribution module to process the original data packets in the traffic files captured and stored from the high-speed network, set the corresponding number of data processing queues n according to the number of server computing cores, and hash the triplets of data packets Greek operation, splitting the original traffic to n data processing queues for processing separately. Wherein, the triplet includes the source IP address (SIP) and destination IP address (DIP) of the data message and the protocol number of the IP message.

[0024...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for extracting, analyzing and searching network flow and content. The method comprises the following steps: shunting original flow into n data processing queues; independently processing an original data message of each data processing queue by the data processing queue, performing protocol recognition and filtration on the message and performing conversation recombination on TCP (Transmission Control Protocol) flow in the message; performing protocol resolving and decoding on a recombined TCP conversation and extracting out structured data information therein; and as for key information specified by requirements, performing searching labeling in data content extracted by a content resolving and extracting module based on a multimode matching algorithm or a search engine technology, and submitting labeling results to a searching labeling information database, thereby providing searching labeling results for multiple modes of applications. The method can be used for solving the problems of repeated data packets, serial number zero adjustment and the like in the TCP conversation recombination, realizing the character labeling for the original flow, and ensuring that a user can acquire effective information conveniently.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method for performing content analysis and key information retrieval and labeling on network traffic. Background technique [0002] With the development of Internet technology, network information security has become the focus of the industry. On the one hand, as large as the national network security supervision department, as small as families and individuals, they all need to maintain the stability of the network system, monitor network information, and prevent the spread of illegal or unsafe information; on the other hand, network devices based on content analysis or filtering And network security products also urgently need more effective and comprehensive testing before they can be put into use. There are two main problems at present: first, the data transmitted in the network is very complex, and the amount of information is explosively increasing, and the binary d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/06G06F17/30
Inventor 陶敬韩婷管晓宏黄旭昌王智折波
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com