Unlock instant, AI-driven research and patent intelligence for your innovation.

A massive data monitoring system and method based on deep packet inspection

A deep packet inspection, massive data technology, applied in hardware monitoring, error detection/correction, electrical digital data processing, etc., can solve the problems of computing performance limitation, inability to monitor massive data at the same time, etc., to achieve the effect of efficient monitoring

Active Publication Date: 2020-03-24
DATANG SOFTWARE TECH
View PDF12 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, with the continuous development of Internet technology, the amount of data transmitted by the network continues to increase. Due to the limitation of its computing performance, the existing DPI software can only monitor the traffic of the Ethernet network with a small amount of data. Simultaneous monitoring of massive data transmitted over the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A massive data monitoring system and method based on deep packet inspection
  • A massive data monitoring system and method based on deep packet inspection
  • A massive data monitoring system and method based on deep packet inspection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0052] The embodiment of the present invention discloses a massive data monitoring system based on deep packet detection, including multiple probe servers, such as figure 1 As shown, the system includes:

[0053] The data acquisition module 100 is used to distribute the data to be monitored to a plurality of probe servers according to the rule of same destination and same source, wherein at least one data monitoring module 200 is arranged in each of the probe servers;

[0054] The data monitoring module 200 is configured to collect the data to be monitored distributed by the data collection module 100 according to the preset configuration, and perform in-depth packet identification and network transmission information monitoring on the data to be monitored

[0055] A cache module 300, configured to cache the identification result and network transmission information of the data to be monitored;

[0056] The data processing module 400 is configured to store and analyze the ide...

Embodiment 2

[0079] Based on the aforementioned embodiment one, in another preferred embodiment of the present invention, in order to improve the identification speed, the identification module 2005 is provided with a plurality of service type identification engines, and each service type identification engine is provided with different Call priority, the recognition engine corresponding to the service type with high frequency is called first. The identification module 2005 sequentially invokes each service type identification engine in descending order of priority, identifies the application type of the service data, and monitors the network transmission information of the service data associated with the application type until the identification is completed. The service type identification engine includes: a session matching engine, a port identification engine, an HTTP engine, a TCP engine, a UDP engine, a DNS identification engine, an SMTP identification engine, a chat application iden...

Embodiment 3

[0084] Correspondingly, the present invention also discloses a massive data processing method based on deep packet inspection, and multiple probe servers are preset, such as Figure 4 shown, including:

[0085] Step 400, distributing the data to be monitored to the plurality of probe servers according to the rule of same destination and same source;

[0086] Step 410, creating multiple data monitoring instances on each of the probe servers according to preset configurations;

[0087] Step 420, collecting and distributing the data to be monitored to the current probe server according to the preset configuration, and performing deep packet identification and network transmission information monitoring on the data to be monitored;

[0088] Step 430, caching the identification result and network transmission information of the data to be monitored;

[0089] Step 440: Distributed storage and analysis of the recognition results and network transmission information to generate moni...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a system for massive data monitoring based on deep packet detection and belongs to the field of monitoring. Multiple probe servers are disposed in the system. The system further comprises a data collection module, a data monitoring module, a cache module and a data processing module, wherein the data collection module is used to distribute to-be-monitored data to the multiple probe servers according to homo-clinic and homologous rules, wherein at least one data monitoring module is disposed in each probe server; the data monitoring module is used to collect the to-be-monitored data distributed by the data collection module according to preset configurations and conduct deep packet recognition and network transmission information monitoring of the to-be-monitored data; the cache module is used to cache recognition results and network transmission information of the to-be-monitored data; and the data processing module is used for distributed storage and analysis of the recognition results and network transmission information sent by the cache module so as to generate monitoring data. In comparison with the prior art, massive data can be monitored efficiently.

Description

technical field [0001] The invention relates to the field of data monitoring, in particular to a massive data monitoring system and method based on deep packet detection. Background technique [0002] With the continuous development of Internet technology, the network has penetrated into the country's politics, economy, military, culture, life and other fields, and the operation of the entire society has been inseparable from the network. This high dependence on the network makes the stability and security of the network a problem that needs to be paid attention to and solved. In order to realize the stable and safe operation of the network, network detection technology is generally used in the prior art to identify the security of network transmission information, analyze network traffic anomalies, and the like. For example, the commonly used DPI (deep package inspection) technology is an application layer-oriented traffic analysis and detection technology, which can reali...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/30
CPCG06F11/302G06F11/3065
Inventor 杨志嘉赵雨佳王赟
Owner DATANG SOFTWARE TECH