Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Information detection method and information detection device

A technology to be detected and difference detection, applied in the Internet field, can solve the problem of large scale of features, and achieve the effect of reducing the scale of features and reducing dependence

Active Publication Date: 2016-10-26
NEW H3C TECH CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Although the above technologies can be accurately detected in practical applications, once attacked, for example, the attacker changes the network traffic through encryption or static transformation to avoid detection. In order to ensure accurate information detection, it is necessary to add various transformed features. , it can be seen that the above information detection method relies on specific features to detect successfully, and the required feature scale is large

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information detection method and information detection device
  • Information detection method and information detection device
  • Information detection method and information detection device

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0076] Example 1: Assume that the data included in the feature data block are: 0xFF, 0x01, 0x04, 0x07, 0x06, the initial value of the feature offset Offset is 0, the preset number is 4, and the preset transformation key is 1. The first default value is 255, and the second default value is 0, then

[0077] When using the finite field addition algorithm Add(x, i), wherein, x represents the data in the above-mentioned feature data block, and i represents the above-mentioned preset transformation key;

[0078] Specifically, first calculate the "applicable sequence" of the four consecutive bytes 0xFF, 0x01, 0x04, and 0x07 from the starting position of the feature data block, so that the values ​​of the above x are: 0xFF, 0x01, 0x04, 0x07, The value of the above i is 1, that is, the value of the above i is 0x01, then

[0079] 0xFF+0x01>255, then 0xFF+0x01=ERR;

[0080] 0x01+0x01<255, then 0x01+0x01=0x02;

[0081] 0x04+0x01<255, then 0x04+0x01=0x05;

[0082] 0x07+0x01<255, then 0...

example 2

[0100] Example 2: Assume that the data included in the data block to be detected are: 0xFF, 0x01, 0x04, 0x07, 0x06, 0x03, 0x08, 0x05, and the adjacent difference detection features are: {1, [0x03, 0x03, -0x01]} , that is, the offset set in the inter-adjacent difference detection feature is: 1, and the difference feature values ​​set in the inter-adjacent difference detection feature are: 0x03, 0x03, -0x01.

[0101] For the specific detection process of the data block to be detected, please refer to Figure 4 , Figure 4 It is a schematic diagram of an information detection process provided by the embodiment of this application.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Embodiments of the invention disclose an information detection method and an information detection device, and relate to the technical field of Internet. The method comprises the following steps: determining the starting detection position of a data block to be detected according to an offset set in an adjacent difference detection characteristic; from the starting detection position, sequentially detecting whether the difference values corresponding to a target number of positions in the data block to be detected correspondingly match differentiated characteristic values set in the adjacent difference detection characteristic, wherein the difference value corresponding to any position in the target number of positions is the difference value between the numerical value of a position calculated by calculating the order based on a preset difference value and the numerical value of a position next to the position, and the target number is equal to the number of the differentiated characteristic values set in the adjacent difference detection characteristic; judging that the data block to be detected matches the adjacent difference detection characteristic if all the difference values correspondingly match the differentiated characteristic values set in the adjacent difference detection characteristic; and judging that the data block to be detected does not match the adjacent difference detection characteristic if not all the difference values correspondingly match the differentiated characteristic values set in the adjacent difference detection characteristic. By implementing the scheme provided by the embodiments of the invention, the characteristic scale is reduced.

Description

technical field [0001] The present application relates to the field of Internet technologies, and in particular to an information detection method and device. Background technique [0002] With the popularization of computers and networks, information technology is changing and affecting human life style. Various network applications emerge in endlessly, and security threats and network abuse are also increasing day by day. Therefore, in practical applications, it is necessary to detect network traffic so that network regulators can identify, classify, and control various network traffic. [0003] In the prior art, when network traffic is detected, a DPI (Deep Packet Inspection, Deep Packet Inspection) technology based on traffic characteristics is usually used for detection. [0004] Although the above technologies can be accurately detected in practical applications, once attacked, for example, the attacker changes the network traffic through encryption or static transfor...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 任方英
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com