Data flow detection method and device

A detection method and data flow technology, applied in the field of network communication, can solve problems such as performance consumption, data flow forwarding delay, inability to accurately detect data flow, etc., to achieve the effect of reducing performance overhead and increasing processing bandwidth

Active Publication Date: 2019-03-15
NEW H3C TECH CO LTD
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] Usually, the above matching conditions cannot accurately detect the data flow for most applications. Therefore, in addition to defining the above matching conditions, one or more regular expressions need to be defined in the rule. When the above matching After the conditions are met, the regular expression is matched. When the regular expression also hits, it means that the rule is accurately hit.
[0010] However, it consumes a lot of performance when performing regular expression matching. When the data flow detection device performs application layer data flow detection, it will consume a lot of device performance due to regular expression matching, resulting in defects such as data flow forwarding delays.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data flow detection method and device
  • Data flow detection method and device
  • Data flow detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0027] The methods provided by this application include figure 1 The flow shown:

[0028] see figure 1 , figure 1 The flow chart of the method provided by the present invention. The method is applied to a data flow detection device, where the data flow detection device is used to detect the data flow of the application layer, and can be implemented as an IPS, an online behavior management device, and the like. Such as figure 1 As shown, the process may include the following steps:

[0029] Step 101, receiving the data flow, recording the rule identification (ID) of the local N rules matched by the data flow to the first matching set, at least one regular expression is defined in each of the N rules, and N is greater than or equal to 1 .

[...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a data flow detection method and a data flow detection device. According to the data flow detection method and the data flow detection device, rules finally matched with a data flow are filtered, and the final remaining rules are less than the rules finally matched with the data flow, namely, the number of times of carrying out regular expression matching on the data flow finally is reduced, the performance overhead of equipment on regular expression matching is greatly decreased, and the processing bandwidth of the data flow detection equipment is broadened on the premise that hardware is unchanged.

Description

technical field [0001] The present application relates to network communication technology, in particular to a data flow detection method and device. Background technique [0002] Currently, a device used for data flow detection in the application layer (abbreviated as a data flow detection device) detects data flow in the application layer based on a detection rule base. The data flow detection device here is, for example, an Internet behavior management device, an intrusion detection device (IPS), and the like. [0003] The rules in the detection rule base mainly define the following matching conditions: [0004] Fixed string: There are one or more fixed strings, one or more of which need to be hit; [0005] Protocol: specific protocols such as UDP, HTTP, etc.; [0006] Direction: the request method of the data flow or the response direction, or bidirectional; [0007] Port: data flow source port or destination port information, most rules do not define ports; [0008...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/12
Inventor 张惊申
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap