IP black hole discovery method based on traffic analysis

A discovery method and traffic analysis technology, applied in the field of network IP traffic analysis, can solve problems such as heavy workload, failure of ping method, failure of ping method, etc., and achieve the effect of low cost

Inactive Publication Date: 2018-07-24
COMP APPL RES INST CHINA ACAD OF ENG PHYSICS +1
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] 1. Since the ping method uses ICMP packets, if there is a router that prohibits ICMP packets in the network, the ping method may fail;
[0004] 2. The target host may not respond to the ICMP message for security reasons, and the ping method will also fail to succeed at this time;
[0005] 3. When there are many unresponsive IP addresses in the network, use the ping method to check the responses of these IPs one by one. The workload is heavy and it is not conducive to network management.
[0009] Above-mentioned technical scheme, still do not solve above-mentioned three kinds of problems that adopt ping method to exist

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IP black hole discovery method based on traffic analysis
  • IP black hole discovery method based on traffic analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The main technical basis of the present invention: in the communication process using TCP protocol at the transport layer, before sending data, a connection must be established between the two parties: the requester sends a SYN segment; the server sends back an ACK confirmation The SYN segment is used as a response; the requesting end must send an ACK packet to confirm the SYN segment of the server. The establishment of the connection is completed through these three segments. This process is called a three-way handshake. We can accurately analyze the online activity of each IP host through the statistics of the number of request packets that have not responded to the SYN request message and the analysis of the IP status tracking record, and timely discover those IP hosts that are in a black hole state. , To remind the network administrator to deal with this network failure.

[0031] SYN (synchronous) is the handshake signal used when TCP / IP establishes a connection. Whe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an IP black hole discovering method based on flow analysis and relates to the technical field of network IP flow analysis. An IP black hole detecting system for analyzing IP network flow is deployed in a network. The IP black hole detecting system is specifically used for registering a state tracking record with three fields for each discovered IP host, and updating the state tracking records of an original IP address and a target IP address after receiving an IP message, and discovering an IP address or an IP sub-network which does not respond in the network by analyzing the state tracking records which are continuously updated. The method of the invention could detect whether any one host in the network is in an IP black hole state in real time and greatly reduces the time delay for discovering the IP black hole, thereby providing a reference method for discovering a network fault in time.

Description

Technical field [0001] The present invention relates to the technical field of network IP traffic analysis, and more specifically to an IP black hole discovery method based on traffic analysis. Background technique [0002] At present, there are often some unresponsive IP addresses or IP subnets in the network, and these IP addresses often appear to only accept messages without responding to request messages. This not only caused the uncertainty of the network, but also seriously affected the quality of service of the network. Therefore, it is very necessary to find out these unresponsive IP addresses or IP subnets (ie IP black holes) in time. For these unresponsive IP addresses or IP subnets, the ping method is usually used in the prior art to check the response. Although this method is simple and convenient to use, the ping method has certain drawbacks: [0003] 1. Since the ping method uses ICMP messages, if there is a router that prohibits ICMP messages in the network, the pi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/26
CPCH04L43/10H04L63/1425
Inventor 高龙赵强孔思淇黄鹂声
Owner COMP APPL RES INST CHINA ACAD OF ENG PHYSICS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap