Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Deep packet inspection method and system

A technology of in-depth message detection and message detection, which is applied in the field of analysis and network traffic control, can solve the problems of poor scalability, high device dependence, and high resource occupation, so as to achieve perfect functions, expand the scope of application, and reduce dependence Effect

Active Publication Date: 2018-09-25
苏州迈科网络安全技术股份有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this type of equipment, DPI exists as a component module of the system and is used in conjunction with other modules of the equipment. The interaction between internal modules is generally carried out in a way of resource sharing for the purpose of achieving high efficiency, and the functions are generally relatively complete. However, this technology The disadvantages are also more prominent
First of all, since DPI is a module of the device, the device is highly dependent, and the cost of migrating to other manufacturers is very high, or it cannot be migrated at all; secondly, the DPI module is highly coupled with other modules, and the function of upgrading DPI needs to be upgraded. The entire firmware is completed, so the scalability is poor; again, due to the abundant device resources, in order to achieve high performance, the resource occupation will be high, which cannot be applied to low-end devices with fewer resources.
[0004] Existing technology 2 is widely used in operator networks. It uses traffic mirroring to obtain all messages in a certain network segment, and uses a separate DPI software program to analyze the traffic. The implementation of this technology is to use mirroring in serial network equipment. The method guides all or part of the traffic to the DPI device, and the device works in parallel; the feature of this solution is that it can use a suitable DPI device according to the size of the traffic, and the device can use a general technical framework for analysis, and it is easier to upgrade the software program Convenient, but the disadvantage of this solution is that it cannot be analyzed online, and the flow cannot be controlled based on DPI
[0005] Therefore, it is necessary to study a method that can not only solve the problem that due to the limitation of equipment resources in low-end network equipment, it cannot be applied or analyzed online, and the flow cannot be effectively controlled; it can also solve the problem that DPI equipment cannot be quickly adapted to different hardware platforms and Method and system for in-depth packet detection for updating problems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Deep packet inspection method and system
  • Deep packet inspection method and system
  • Deep packet inspection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] Objects, advantages and features of the present invention will be illustrated and explained by the following non-limiting description of preferred embodiments. These embodiments are only typical examples of applying the technical solutions of the present invention, and all technical solutions formed by adopting equivalent replacements or equivalent transformations fall within the protection scope of the present invention.

[0037] The present invention discloses a deep message detection system, which is used for the detection of messages in various network devices. It is not only suitable for high-end network devices, but also suitable for low-end network devices. The data packet of the TCP / IP protocol transmitted in the session is included in the session, and the session refers to a group of two-way (sending and receiving) with the same five-tuple (protocol, source address, destination address, source port, and destination port) A collection of messages; therefore, the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DPI (deep packet inspection) method and system. The DPI method comprises the followings steps: 1, information acquisition: a packet, input by a kernel of a network equipment operating system, in a to-be-processed session is received, and information of the packet is read; 2, DPI: the packet is inspected, and a subsequent packet is processed according to inspection results and the condition whether hardware acceleration configuration exists; 3, inspection data submission: the packet inspection results are counted and analyzed and submitted to a data platform for display of inspection and control results. According to the DPI method and system, compiling can be performed according to kernels of different sets of network equipment, the method and the system can adapt to various platforms quickly, the dependence degree on the equipment is reduced, and the problem of high coupling of a DPI module and the network equipment is solved; few resources are occupied, and application of the DPI technology on low-end network equipment is realized; the DPI method and system has the functions of application identification, terminal identification, acquisition of search keywords, URL (uniform resource locator) identification and classification, acquisition of specific information and the like, and wider coverage area and perfect functions are realized.

Description

technical field [0001] The invention relates to a method and system for controlling and analyzing network traffic, in particular to a method and system for in-depth message detection. Background technique [0002] Deep Packet Inspection (Deep Packet Inspection, hereinafter referred to as DPI) is a traffic analysis and detection technology for application layer analysis. DPI technology has become the standard configuration of high-end network equipment, used for fine-grained control and analysis of network traffic, but due to the constraints of hardware performance, function adaptation, system architecture and other factors, DPI has not been able to be used in a large number of low-end network equipment. (such as home routing, commercial WIFI, thin AP, etc.), which leads to the lack of advanced traffic optimization and service improvement for the majority of end users. Therefore, it is necessary to implement deep packet inspection technology that can be adapted to low-end net...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/06H04L29/08
Inventor 周明中
Owner 苏州迈科网络安全技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com