Data flow detection method and device

A detection method and data flow technology, applied in the field of network communication, can solve problems such as consumption performance, data flow forwarding delay, inability to accurately detect data flow, etc., and achieve the effect of increasing processing bandwidth and reducing performance overhead.

Active Publication Date: 2016-05-18
NEW H3C TECH CO LTD
View PDF7 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] Usually, the above matching conditions cannot accurately detect the data flow for most applications. Therefore, in addition to defining the above matching conditions, one or more regular expressions need to be defined in the rule. When the above matching After the conditions are met, the regular expression is matched. When the regular expression also hits, it means that the rule is accurately hit.
[0010] However, it consumes a lot of performance when performing regular expression matching. When the data flow detection device performs application layer data flow detection, it will consume a lot of device performance due to regular expression matching, resulting in defects such as data flow forwarding delays.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data flow detection method and device
  • Data flow detection method and device
  • Data flow detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be described in detail below with reference to the accompanying drawings and specific embodiments.

[0027] The methods provided in this application include figure 1 The process shown:

[0028] See figure 1 , figure 1 It is a flowchart of the method provided by the present invention. This method is applied to data flow detection equipment, where the data flow detection equipment is used to detect the data flow of the application layer, which can be IPS, Internet behavior management equipment, etc. in specific implementation. Such as figure 1 As shown, the process can include the following steps:

[0029] Step 101: Receive the data stream, and record the rule IDs (ID) of the local N rules matched by the data stream in the first matching set. At least one regular expression is defined in each of the N rules, and N is greater than or equal to 1. .

[0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a data flow detection method and a data flow detection device. According to the data flow detection method and the data flow detection device, rules finally matched with a data flow are filtered, and the final remaining rules are less than the rules finally matched with the data flow, namely, the number of times of carrying out regular expression matching on the data flow finally is reduced, the performance overhead of equipment on regular expression matching is greatly decreased, and the processing bandwidth of the data flow detection equipment is broadened on the premise that hardware is unchanged.

Description

Technical field [0001] This application relates to network communication technology, and particularly relates to a data stream detection method and device. Background technique [0002] Currently, a device used for data flow detection in the application layer (referred to as a data flow detection device) detects the data flow of the application layer based on a detection rule library. The data flow detection equipment here is, for example, Internet behavior management equipment, intrusion detection equipment (IPS), etc. [0003] The rules in the detection rule library mainly define the following matching conditions: [0004] Fixed string: There are one or more fixed strings, one or more of them must be hit; [0005] Protocol: specific protocols such as UDP, HTTP, etc.; [0006] Direction: The request method of the data stream is the response direction, or two-way; [0007] Port: data flow source port or destination port information, most rules do not define ports; [0008] Position: The...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/12
Inventor 张惊申
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap