Unlock instant, AI-driven research and patent intelligence for your innovation.

Protocol analyzing system and protocol analyzing method based on multiple-state machine

A protocol parsing, multi-state technology, applied in the field of protocol parsing systems, can solve problems such as no fault tolerance mechanism and jump mechanism, state machine explosion, and lack of matching of signature codes, so as to improve parsing efficiency and avoid state machine explosion.

Inactive Publication Date: 2017-06-09
厦门天锐科技股份有限公司
View PDF4 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (II) During network data transmission, the feature code may be transmitted in segments, resulting in no matching of the feature code;
[0006] (III) It is impossible to define the order in which the feature codes appear;
[0007] (V) All signatures are gathered in one state machine, which may cause the state machine to explode;
[0008] (IV) There is no fault tolerance mechanism and jump mechanism

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Protocol analyzing system and protocol analyzing method based on multiple-state machine
  • Protocol analyzing system and protocol analyzing method based on multiple-state machine

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0059] Example 1: Match a correct Http protocol message

[0060] a. Input the following content to the multi-state machine for matching: POST index.jsp\r\nHost:127.0.0.1\r\nContent-;

[0061] b. The pre-state is empty, and start matching from the root state machine;

[0062] c. The root state machine matches the feature code "POST". Since the feature code "POST" is not the end feature code, after obtaining the valid data "index.jsp", it jumps to the preset Http state machine to match the following content:\ r\nHost:127.0.0.1\r\nContent-;

[0063] d. The Http state machine matches the feature code "Host:", since the feature code "Host:" is not the end feature code, after obtaining the valid data "127.0.0.1", jump to the preset Http state machine to perform the following content Matches: \r\nContent-;

[0064] e, the matching is completed, and the "-" state of the characteristic code "Content-Length:" belonging to the Http state machine is set as the pre-state;

[0065] f. I...

example 2

[0070] Example 2: Matching a wrong Smtp protocol message

[0071] a. Input the following content to the root state machine for matching: Welcome To:\r\n Beijing.\r\n\r\n;

[0072] b. The pre-state is empty, and start matching from the root state machine;

[0073] c. The root state machine matches the feature code "To:", since the feature code "To:" is not the end feature code, after obtaining the valid data "" (empty), it will pre-jump to the preset Smtp state machine to perform the following content Match: \r\nBeijing.\r\n\r\n;

[0074] d. The Smtp state machine matches the feature code "\r\n\r\n". Since the feature code "\r\n\r\n" is the end feature code, it is determined that the obtained valid data does not conform to the Smtp feature, so It is determined that dirty data has been obtained. Clear the data and jump to the fault-tolerant state machine (root state machine) to match the following content: (the content is empty);

[0075] 5. After the matching is completed, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a protocol analyzing system based on a multiple-state machine. The protocol analyzing system comprises the components of multiple-state machine generating modules which are used for defining a jumping relation between a required state machine and the state machines; and a state machine matching module which is used for inputting to-be-matched data, storing an intermediate matching result and outputting a final matching result. The invention further discloses a protocol analyzing method based on the multiple-state machine. The protocol analyzing method comprises the following steps of 1, initiating all state machines, and defining the jumping relations among the state machines, thereby forming the multiple-state machine; and 2, inputting the to-be-matched data into the multiple-state machine for matching and outputting a matching result. The protocol analyzing system and the protocol analyzing method can improve analyzing efficiency and settle a problem of segmental transmission of characteristic codes, and furthermore the system and the method can perform fault tolerance processing.

Description

technical field [0001] The invention relates to a protocol analysis system and analysis method based on a multi-state machine. Background technique [0002] Existing protocols are generally defined in the form of key-value pairs. The key is also commonly referred to as a feature code, and the value is commonly referred to as valid data. In actual operation, the corresponding valid data is saved through the cyclic matching of the feature code, and when the recognized feature code is the end feature code, the matching result is output. [0003] Existing analytical methods have the following deficiencies: [0004] (1) resolution speed is slow; [0005] (II) During network data transmission, the feature code may be transmitted in segments, resulting in no matching of the feature code; [0006] (III) It is impossible to define the order in which the feature codes appear; [0007] (V) All signatures are gathered in one state machine, which may cause the state machine to explo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L69/03H04L69/18H04L69/22
Inventor 邱志斌方晓亮涂高元郭永兴陆云燕陈雅贤
Owner 厦门天锐科技股份有限公司