Load ownership network evidence-obtaining method and system based on Bloom filters

A bloom filter and payload technology, applied in transmission systems, instruments, special data processing applications, etc., can solve problems such as limited query types, inability to support wildcard queries well, and solve the first block offset problem, The effect of reducing false positives and false positives, improving query speed and validation accuracy

Active Publication Date: 2016-03-23
BEIJING SHUZHIYUAN TECH CO LTD
View PDF6 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Existing technologies are limited to the types of queries they can respond to, resulting in inability to support wildcard queries well

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Load ownership network evidence-obtaining method and system based on Bloom filters
  • Load ownership network evidence-obtaining method and system based on Bloom filters
  • Load ownership network evidence-obtaining method and system based on Bloom filters

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] Embodiments of the present invention are described in detail below, and examples of the embodiments are shown in the drawings, wherein the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary and are intended to explain the present invention and should not be construed as limiting the present invention.

[0054] The invention proposes a Bloom filter-based network forensics load attribution method and system, which can support wildcard query and have high accuracy and timeliness.

[0055] Such as figure 1 As shown, the Bloom filter-based network forensics load attribution method of the embodiment of the present invention includes the following steps:

[0056] Step S1, grabbing the network data stream that is ready for forensics, and preprocessing the network data stream, and obtaining the preprocessed network data strea...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention proposes a load ownership network evidence-obtaining method and system based on Bloom filters, and the method comprises the steps: grabbing a prepared evidence-obtaining network data flow, and carrying out the preprocessing of the network data flow; partitioning a load, and substituting partitioning contents into specified Hash functions, wherein the obtained result of each Hash function is a serial number of the corresponding Bloom filter; enabling the partitioning contents to be respectively stored in the corresponding Bloom filter according to the serial number of the corresponding Bloom filter; obtaining a field which is ready to be queried, carrying out the Hash operation of all partitioned blocks in the field one by one; judging whether all partitioned blocks in the field are respectively mapped to the position of the corresponding Bloom filter or not; and judging that the load comprises the field if all partitioned blocks in the field are respectively mapped to the position of the corresponding Bloom filter. The method can support the query of a wildcard character better, solves a problem of head block offset, a problem of alignment and a problem of continuity, reduces the false positive false alarm ratio at an acceptable data compression ratio, and improves the query speed and verification accuracy.

Description

technical field [0001] The invention relates to the technical field of network forensics, in particular to a Bloom filter-based network forensics load attribution method and system. Background technique [0002] With the rapid development of information technology, crimes on the network are becoming more and more rampant. Due to the complexity, uncertainty and diversity of network crimes, it is impossible to completely contain the occurrence of network crimes technically. Therefore, network forensics technology has gradually become a research topic. Hotspots, the traceability, tracking and disposal of cybercrime incidents are playing an increasingly important role. Therefore, the efficient storage of data traffic and the provision of accurate queries after the event have become a direction worthy of research. [0003] Payload attribution is the process of identifying the source and destination of all packets that appear on the network and contain specific fields. The paylo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08G06F17/30
CPCH04L63/1433H04L63/1491H04L63/302G06F16/325G06F16/334G06F16/335H04L67/5651
Inventor 卫易辰徐菲卿斯汉
Owner BEIJING SHUZHIYUAN TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap