Method for monitoring abnormal flows of deep packet detection equipment based on information entropy measurement

A deep packet inspection and abnormal traffic technology, applied in the field of data communication, can solve the problems of fast update speed of abnormal traffic and inability to complete abnormal traffic detection, etc., and achieve the effect of improving the inspection range and detection ability

Active Publication Date: 2016-03-23
WUHAN POST & TELECOMM RES INST CO LTD
View PDF4 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The technical problem to be solved by the present invention is that since the update speed of abnormal traffic in the network is very fast, once the

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for monitoring abnormal flows of deep packet detection equipment based on information entropy measurement
  • Method for monitoring abnormal flows of deep packet detection equipment based on information entropy measurement
  • Method for monitoring abnormal flows of deep packet detection equipment based on information entropy measurement

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The present invention provides a deep packet detection device based on information entropy measurement and its abnormal flow monitoring method. The network measurement technology based on the flow sampling method is applied to the deep packet detection device, and the measurement of the distribution characteristics of the flow characteristics and the detection of the abnormal flow are realized. Detection, helping to improve the scope and detection capabilities of deep packet inspection equipment for abnormal traffic inspection. The present invention will be described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0034] Such as figure 1 As shown, the abnormal flow monitoring method of deep packet detection equipment based on information entropy measurement provided by the present invention comprises the following steps:

[0035] Step 110: configure the initialization parameters of the deep packet inspection device, such as sam...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses a method for monitoring abnormal flows of deep packet detection equipment based on information entropy measurement. The method comprises the following steps: monitoring a link interface of the deep packet detection equipment by a sampling agent module; obtaining samples of original flow messages, and encapsulating the samples in an sFlow protocol format to form a sampling message; collecting and parsing the sampling message; calculating the information entropy of the original flow messages, and conducting standardization processing; obtaining the fluctuation and change conditions of flow feature distribution according to historical information entropy value curves of the original flow messages; judging whether the current flow is an abnormal flow; and managing and controlling the abnormal flow according to a management and control strategy. According to the present invention, the network measurement technology based on a flow sampling mode is applied to the deep packet detection equipment, and the measurement of flow feature distribution characteristics and the detection of abnormal flows are achieved by constructing a flow feature detection engine based on the flow sampling technology and information entropy measurement tool, so as to help to improve the inspection range and detection capability of the deep packet detection equipment for the abnormal flows.

Description

technical field [0001] The invention relates to the technical field of data communication, in particular to a method for monitoring abnormal traffic of deep packet detection equipment based on information entropy measurement. Background technique [0002] With the continuous development of the mobile Internet, smart terminals, and the Internet of Things, as well as the continuous advancement of network technology, modern networks tend to become more complex and diverse in terms of networking methods, network equipment types, network composition structures, and network applications. These complex and diverse network factors have led to a surge in network communication traffic and increased load on network equipment. At the same time, the amount of information and data transmitted in the network is huge and complex, including all kinds of normal transmission data and malicious attack data. These factors always threaten the security of network elements and the availability of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1408
Inventor 向智宇郝俊瑞许德玮郭嘉
Owner WUHAN POST & TELECOMM RES INST CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap