Method and system for capturing network data

A network data and data packet technology, applied in the field of network data capture methods and systems, can solve the problems of increasing the system and CPU, reducing the efficiency of data packet transmission, etc., and achieve the effect of solving synchronization problems, saving CPU resources, and improving transmission efficiency.

Active Publication Date: 2015-04-08
RUN TECH CO LTD BEIJING
View PDF5 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The defect of the above-mentioned network data capture technology is that: in the process of capturing data packets from the network card and transferring the data packets to the data analysis device, not only there are multiple data copies, but also system calls are required, which reduces the transmission of data packets. Efficiency, increased system and CPU (Central Processing Unit, central processing unit) resource overhead

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for capturing network data
  • Method and system for capturing network data
  • Method and system for capturing network data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0031] see Figure 2a , is a flowchart of a network data capture method provided in Embodiment 1 of the present invention. The method of the embodiment of the present invention is suitable for a network data capture system, and the system includes: a network card, a kernel state driver and a user state data analysis device. Wherein, the network card belongs to the hardware layer, the kernel mode driver belongs to the kernel mode, and the user mode data analysis device belongs to the user mode.

[0032] The method includes: step 210 - step 260 .

[0033] Step 210, the network card captures the data packet, and buffers the data packet into a receiving first-in-first-out queue of the network card.

[0034] Wherein, the receiving first-in-first-out queue (RX First Input First Output, RX FIFO) is used to receive the data packets captured by the network card. RX stands for receiving. First-in-first-out queue (FIFO) is a first-in-first-out data buffer. The difference from ordinary...

Embodiment 2

[0075] see image 3 , is a flow chart of a network data capture method provided in Embodiment 2 of the present invention. The method of this embodiment is applicable to a network data capture system, and the system includes: a driver module, a network card configured in a hardware layer, a kernel mode driver and a network adapter configured in a kernel mode, and a user mode data analysis device configured in a user mode. Wherein, the network adapter is the hardware driver of the network card, which is mainly responsible for the initialization and configuration of the network card, as well as functions such as sending and receiving of data packets; , loaded by the driver module (ie image 3 The registered driver module shown) starts working until the driver module is unloaded (i.e. image 3 Unregister the driver module as shown) to end the work.

[0076] The method includes: Step 310 - Step 370 . Wherein, loop one includes steps 310 to 370 , and loop two includes steps 330 ...

Embodiment 3

[0096] see Figure 4 , is a schematic structural diagram of a network data capture system provided in Embodiment 3 of the present invention. The system includes: a network card 410 , a kernel mode driver 420 and a user mode data analysis device 430 .

[0097]Wherein, the network card 410 is used for capturing data packets, and buffering the data packets into the receiving first-in-first-out queue (RX FIFO) of the network card; The data packets in the first-in first-out queue can be transmitted to the data receiving space (rx ring) of the network adapter (adapter) through the PCI DMA controller specifically. ) pointed to the preconfigured circular buffer area in the kernel state driver 420; it is also used to send an interrupt request to the kernel state driver 420 based on a preset interrupt trigger strategy; the kernel state driver 420 is used to preconfigure the circular buffer area ; It is also used to stop receiving new interrupt requests sent by the network card accordi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a method and a system for capturing network data. The method comprises the following steps: capturing a data packet by a network card, and buffering into a receiving first-in and first-out queue of the network card; transmitting the data packet in the queue to a pre-configured circular buffer region through a PCI DMA (peripheral component interconnect direct memory access) controller; on the basis of a preset interrupt trigger strategy, transmitting an interrupt request to a kernel mode drive; stopping receiving a new interrupt request which is transmitted by the network card by the kernel mode drive according to the interrupt request, updating descriptors of the circular buffer region, and restoring to receive the new interrupt request transmitted by the network card; extracting the data packet when a user mode data analysis device judges that the data packet exists in the circular buffer region according to the current descriptor of the circular buffer region, and updating the descriptor of the circular buffer region, thus zero copy of the overall transmission process is achieved. A system call is not required, so that resources of a CPU (central processing unit) are saved; the transmission efficiency of the data packet is improved.

Description

technical field [0001] The embodiments of the present invention relate to the field of computer operating systems, and in particular to a method and system for capturing network data. Background technique [0002] With the development of computer and communication technology, the application of network is popularized rapidly. At the same time, people pay more and more attention to the security and reliability of network. Security mainly refers to the information on the network not being stolen, leaked and destroyed; reliability It mainly refers to the continuous, stable and reliable operation of the network system, and the network service is not interrupted or destroyed. Network data packet capture, monitoring and analysis technology is a basic technology for network security maintenance. Most of the current popular network traffic and content analysis systems are almost inseparable from the capture of network data. [0003] Network data capture refers to obtaining a copy o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26
Inventor 童克冬陶小龙
Owner RUN TECH CO LTD BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap