Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for data packet feature extraction

A feature extraction and data packet technology, applied in the computer field, can solve the problems of cumbersome process and low efficiency, and achieve the effect of simple identification process, high identification efficiency, and low efficiency in solving cumbersome process

Active Publication Date: 2015-07-22
ASIAINFO TECH NANJING
View PDF3 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The above-mentioned detection and identification through the characteristics in the data packet load, because there are a large number of messages in the data packet, makes the method of extracting the characteristics of the data packet by detecting and identifying the load of a large number of messages, the process is cumbersome and the efficiency is low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for data packet feature extraction
  • Method and device for data packet feature extraction
  • Method and device for data packet feature extraction

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0067] Embodiment 1 of the present invention provides a data packet feature extraction method, such as figure 1 As shown, the method may include:

[0068] S101. Obtain a data packet including at least one packet.

[0069] Wherein, the data packet is a data packet transmitted during network operation, and the data packet includes at least one message.

[0070] Specifically, the methods for obtaining data packets may include but not limited to the following two methods:

[0071] Method 1. Obtain the data packet by capturing the data packet through the real-time network card.

[0072] Exemplary, if the execution subject of this embodiment is to obtain data packets by means of real-time network card capture data packets, in the process of network operation, the data packets captured in real time can be saved as packet capture (packet capture) under the INPUT directory. , referred to as pcap) file, when executing S101, the data packet is obtained by sequentially reading all the ...

example 1

[0132] Example 1, assuming that the host of data stream 1 is identified according to the protocol type of data stream 1, and the host in the application layer protocol metadata of data stream 1 is A.B.C.D.

[0133] Then, before performing feature recognition, A.B.C.D is divided into multiple recognition contents step by step, namely: (.D), (.C.D), (.B.C.D), (A.B.C.D).

[0134] Assume that data flow 1 is the first data flow for host identification in the data packets to which it belongs, and therefore, the feature set for host identification is empty.

[0135] The process of host identification for data stream 1 is described in detail below:

[0136] First, match the recognition content.D with the features of each feature node in the feature set recognized by the host. Since the feature set recognized by the host is empty, there is no feature matching the recognition content, and then in the feature set recognized by the host Add a feature node (including feature: .D) that mat...

Embodiment 2

[0220] Embodiment 2 of the present invention provides another data packet feature extraction method, which takes the feature set as a tree structure, and uses specific examples to figure 1 The method for extracting the feature of the data packet shown is described in detail.

[0221] see Figure 4 , the method can include:

[0222] S401. Read the pcap file in the INPUT directory to obtain a data packet.

[0223] S402. Parse the data packet, and aggregate the packets with the same quintuple in the data packet into one data stream, and obtain 6 data streams.

[0224] Specifically, the six data streams are shown in Table 11:

[0225] Table 11

[0226]

[0227]

[0228] S403. For each data stream in the 6 data streams, use each feature recognition model corresponding to the protocol type of the data stream in the preset database to identify, and obtain feature sets of all types of the 6 data streams.

[0229] Among them, the preset database is shown in Table 1.

[0230...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An embodiment of the invention discloses a method and device for data packet feature extraction and relates to the field of computers. The simple and efficient data packet extraction is achieved. The technical scheme is that the method comprises the steps of obtaining a data packet comprising at least one message; analyzing the data packet, collecting messages with five same tuples in the data packet into a data flow and obtaining X data flows; adopting each feature recognition model corresponding to the protocol type of the data flows in a preset database to recognize each data flow among the X data flows respectively and obtaining feature sets of all types of the X data flows; and selecting Y features from the feature sets of all types of the X data flows to serve as features of the data packet. The method and the device are used for data packet feature extraction.

Description

technical field [0001] The invention relates to the field of computers, in particular to a data packet feature extraction method and device. Background technique [0002] With the development of network technology, Deep Packet Inspection (DPI for short) emerges as the times require. DPI technology is a technology that has been successful in traffic management, security and network analysis. This technology identifies data packets by extracting the characteristics of data packets, and then performs content analysis on data packets. Traffic management, security and network analysis, etc. Aspects of analysis and operation. [0003] For the feature extraction of the data package, the method of comparing and summarizing with the naked eye was initially adopted, which was not only a heavy workload but also incomplete feature induction. After that, in order to solve the problems caused by comparing and summarizing the characteristics of the data packets with the naked eye, a more...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L12/24
CPCH04L41/0654H04L43/00
Inventor 陈俊俞海腾陈振辉张许辉
Owner ASIAINFO TECH NANJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com