Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network traffic classification method and device

A classification method and network traffic technology, applied in the field of network traffic classification methods and devices, can solve the problems of port-based classification method failure, invasion of user privacy, high computational complexity, etc., to achieve reduced invasion, high-precision traffic classification, reduced The effect of detection

Active Publication Date: 2017-04-12
HARBIN UNIV OF SCI & TECH
View PDF2 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The current network traffic classification mainly faces two problems: 1) How to achieve high-precision identification in the face of complex traffic generated by more and more new applications (such as P2P, games, and streaming media); 2) How to process drama at high speed Increased amount of network data
[0004] Above, the port-based classification method has high recognition accuracy for identifying most traditional applications, and is the fastest and simplest method among existing methods, but more and more new applications use dynamic ports or use other protocols As a hidden application, it leads to the failure of port-based classification methods
Load-based classification methods, due to their high computational complexity, lead to increasingly poor performance in high-speed networks, and the identification process may violate user privacy
Although there are many optimization methods to improve the shortcomings of load-based classification methods, they require special hardware or high-performance processors and a large number of storage units, or need to process a large amount of packet content
In other words, traditional classification methods cannot effectively solve the above problems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network traffic classification method and device
  • Network traffic classification method and device
  • Network traffic classification method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0053] Such as figure 1 As shown, the embodiment of the present invention provides a network traffic classification method, including an offline training phase and an online recognition phase:

[0054] The offline training phase includes steps:

[0055] S1. The load-based classification method constructs the application type distribution map of the training data set, obtains the corresponding relationship between the port and the application, and calculates the probability that the corresponding relationship is established;

[0056] S2, construct a corresponding relationship table between ports and applications according to the corresponding relationship and the probability;

[0057] S3. Establish a decision factor according to the correspondence table, where the decision factor includes a decision probability value DP and a decision record number DR;

[0058] The online recognition phase includes steps:

[0059] S4. Obtain the source port and destination port pair of the session to be ...

Embodiment 2

[0106] The embodiment of the present invention also provides a network traffic classification device, including the following modules:

[0107] The offline training phase module constructs the application type distribution map of the training data set for the load-based classification method, obtains the corresponding relationship between the port and the application, and calculates the probability that the corresponding relationship is established; constructs the port according to the corresponding relationship and the probability Correspondence table with the application; establish decision factors according to the correspondence table, and the decision factors include the decision probability value DP and the number of decision records DR;

[0108] Online recognition phase module, in order to obtain the source port and destination port pair of the session to be recognized, one of the ports is selected as the decision port; the classifier selection is performed through the decisio...

Embodiment 3

[0112] Such as image 3 As shown, the embodiment of the present invention also provides a network traffic classification system. The network traffic classification system can be located in the edge network or backbone network in the network. The network administrator or network service provider (ISP) deploys the present invention in the corresponding On the core router (switch), all traffic passing through is classified in real time, or the traffic can be copied or mirrored for identification.

[0113] By adopting this system, in order to analyze and manage the components of the network, the network administrator allocates network resources reasonably, eliminates harmful traffic in the network, deploys this system on the core router (switch), and classifies the network traffic flowing through it. Obtain the composition diagram of the flow, which mainly includes the type of application, the number of packets, the number of flows, and the number of bytes. Secondly, the Internet Se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a network flow classification method and device, which relate to the field of computer network security. The method includes an offline training stage and an online identification stage: the offline training stage includes: S1, constructing the application type distribution map of the training data set, obtaining the corresponding relationship, and calculating the probability; S2, constructing the corresponding relationship table between ports and applications; S3, establishing Decision factor; the online identification stage includes: S4, obtain the port pair, select one of the ports as the decision port; S5, select the classifier; S6, select the load-based classification module as the classifier, and when the classification result is not empty, the One-way supervision is performed on the corresponding relationship and its probability value, and the corresponding relationship is evaluated and the probability is updated. The invention reduces the detection of data packet content in the network traffic classification process, reduces the demand for memory and bandwidth, and infringes on user privacy, and realizes high-speed and high-precision traffic classification under high-speed network links.

Description

Technical field [0001] The invention relates to the field of computer network security, in particular to a network traffic classification method and device. Background technique [0002] Network traffic classification technology plays a very important role in network management. Network managers or network service providers (ISPs) can formulate traffic control strategies or provide support for current or next-generation services based on the classification results. Therefore, quickly and accurately classifying network traffic is the key to network management and monitoring. The current network traffic classification mainly faces two problems: 1) How to achieve high-precision recognition in the face of complex traffic generated by more and more new applications (such as P2P, games, and streaming media); 2) How to process dramas at a high speed Increased network data volume. [0003] Traditional methods to solve the above problems mainly use port-based classification methods and lo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/813H04L47/20
Inventor 孙广路董辉李丹丹何勇军
Owner HARBIN UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com