Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Packet data detection method based on flow management

A technology of packet data and detection method, applied in the field of network information transmission security, can solve the problems of occupying equipment resources, only sending alarm information to inform users, reducing equipment processing performance, etc., to prevent attacks, save memory copy time, reduce The effect of memory usage

Active Publication Date: 2019-03-19
SHENZHEN FORWARD IND CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, if the user data is reorganized and detected according to the above method, it will bring the following two problems: 1. Stream reorganization needs to cache multiple data of the same stream, and then copy the user data together after reaching a certain time , to re-test the reorganized data, which will take up a lot of device resources and greatly reduce the processing performance of the device
2. When an attack or virus is detected by reorganization, since the original user data does not contain attack and virus information, the original data has "bypassed" the attack detection device and reached the user's host, and the attack and virus have already taken effect, so when the reorganization detection When the attack and virus information is released, it is too late, and only a warning message can be issued to inform the user

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Packet data detection method based on flow management

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] The specific embodiments of the present invention are described below so that those skilled in the art can understand the present invention, but it should be clear that the present invention is not limited to the scope of the specific embodiments. For those of ordinary skill in the art, as long as various changes Within the spirit and scope of the present invention defined and determined by the appended claims, these changes are obvious, and all inventions and creations using the concept of the present invention are included in the protection list.

[0018] refer to figure 1 , figure 1 Shows a flowchart of a packet data detection method based on flow management; as figure 1 As shown, the packet data detection method based on flow management includes the following steps:

[0019] Receive the current message data in the network, extract the five-tuple information in the current message data, and then sort the five-tuple information; the five-tuple information here is so...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a message data detection method based on stream management. The method comprises the following steps of: receiving data message data in a network, and extracting five-element array information in current message data; sequencing the five-element array information, converting the five-element array information into identification numbers through a hash algorithm, and judging whether flows with the same identification numbers as the five-element array information exist or not; if yes, judging the direction of the current message data; judging whether the current message data are the next message data of the former message data in the direction or not, and if yes, reading a detection state of the former message data in the direction from the flows and adopting an AC algorithm to detect the next message data following the detection state of the former message data; and determining whether buffered message data which are not detected exist in the direction in a flow management memory or not, if yes, repeating the AC algorithm detection flow, and finally updating the last detection state into the flow management memory.

Description

technical field [0001] The invention relates to the technical field of network information transmission security, in particular to a message data detection method based on flow management. Background technique [0002] With the development of the network and the emergence of various application layer protocols, devices based on packet data content analysis and detection (such as IPS, protocol identification, behavior audit, etc.) are correspondingly produced. The main working principle of these devices is to find some specific keywords (deep inspection / status inspection) from the application layer information of the message data, so as to achieve the purpose of identifying information such as protocols, viruses, and attacks. [0003] Because of the characteristics of the tcp protocol, the data of the communication parties is usually not sent in one message data, but is usually sent in multiple message data. For this feature, attackers often hide key information such as viru...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/145
Inventor 张帆孟祥波曾闽棋张文
Owner SHENZHEN FORWARD IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com