User-defined packet capture system

A user-defined and self-defined technology, applied in the field of network security, can solve the problem of high packet capture drop rate, optimize packet capture performance, improve analysis efficiency, and reduce size

Inactive Publication Date: 2017-07-14
WUXI JUYUN TECH
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is: aiming at the above-mentioned technical problems existing in the prior art, through the technical advantages in the 10 Gigabit network card driver optimization technology and the x86 multi-core parallel technology, a traditional packet capture method that can solve the problem of using the traditional packet capture method under 10 Gigabit traffic is invented A user-defined network packet capture system based on the user-defined network packet capture system to solve the problem of high packet loss rate, optimize the packet capture performance, reduce the size of the packet capture file, and improve the analysis efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • User-defined packet capture system
  • User-defined packet capture system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] All features disclosed in this specification, or steps in all methods or processes disclosed, may be combined in any manner, except for mutually exclusive features and / or steps.

[0021] Any feature disclosed in this specification (including any appended claims, abstract and drawings), unless expressly stated otherwise, may be replaced by alternative features which are equivalent or serve a similar purpose. That is, unless expressly stated otherwise, each feature is one example only of a series of equivalent or similar features.

[0022] Such as figure 1 As shown, a network packet capture system based on user-defined, the optimization of the network card driver, the network card driver is the first link for data packets to enter the system, and it is also the key link for the system to achieve high-speed processing. The idea of ​​the design is to bypass the protocol stack that comes with the Linux system, and directly transfer the packet from the kernel to the user spa...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a user-defined packet capture system. The system comprises a network card system optimization system, a lock-free queuing system, and user-defined capture conditions, wherein the network card system optimization system ignores a protocol stack of the Linux system, directly transmits packets from a kernel to user space through mmap ring, and adopts an NAPI-based zero-copy design; the lock-free queuing system judges whether a head pointer and a tail pointer are identical or not; and the user-defined capture conditions are combinations of various complex conditions such as a source destination IP, a source destination port, a protocol type and a port number, and an internal program inspects the filtering conditions in a real-time manner during storage of captured packets. The system provided by the invention has the advantages that the problem of the traditional capture method that the captured packet loss rate for 10Gbps traffics is high is solved; and through a user-defined capture filtering algorithm, the capture performance can be effectively optimized, the sizes of the captured files can be reduced, and the analysis efficiency can be improved.

Description

technical field [0001] The invention relates to network security technology, in particular to a user-defined network capture system. Background technique [0002] With the rapid development of Internet technology, network connections are facing more and more various connection anomalies or attack events. Network packet capture (packet capture) technology is to intercept, resend, edit, Operations such as dumping are also used to check network security. Packet capture is also often used for data interception and so on. By analyzing and understanding the captured packets, it can help O&M personnel or other engineers quickly locate problems and analyze fault causes. [0003] Traditional network packet capture completes the packet capture task by calling the Libpcap library function (or WinPcap library function). This packet capture method has a high packet loss rate (up to 60%) in a high-traffic network environment. This processing method first reads a group of data packets f...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26
CPCH04L43/028
Inventor 韩韶华
Owner WUXI JUYUN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap