Automatic parsing method and apparatus of application protocol message

A technology of application protocol and protocol message, applied in the direction of electrical components, transmission systems, etc., can solve the problems of lack of maintainability and scalability, heavy workload, and low efficiency in application protocol analysis, and achieve maintainability and The effect of scalability

Inactive Publication Date: 2018-05-15
RUN TECH CO LTD BEIJING
View PDF9 Cites 38 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Due to low efficiency and heavy workload, the above method based on packet search is only suitable for small network traffic; the method of combining template files in the form of configuration files with hard-coded functions needs to use hard-coded functions to extract application protocols The field information of the BODY part, and when the format of the original application protocol changes, or needs to extract application protocol data in a new format, or needs to extract more or delete the extracted fields, it is necessary to modify and add the corresponding hard-coded functions. Lack of maintainability and scalability in the application protocol parsing process

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic parsing method and apparatus of application protocol message
  • Automatic parsing method and apparatus of application protocol message
  • Automatic parsing method and apparatus of application protocol message

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0027] figure 1 The flow chart of the automatic parsing method of the application protocol message provided by Embodiment 1 of the present invention, this embodiment is applicable to the situation where the content of the application protocol message needs to be parsed, and the method can be automatically parsed by the application protocol message device, which may be implemented in software and / or hardware. Such as figure 1 Said, the method specifically includes the following steps:

[0028] S110. Add a template file according to the protocol features of the application protocol message, wherein the template file is a logical message analysis template edited by using a preset script language.

[0029] In this embodiment, the application protocol message refers to a network communication message generated by an Internet application based on the TCP / IP protocol system, such as HTTP (Hypertext Transfer Protocol, HyperText Transfer Protocol), FTP (File Transfer Protocol, File ...

Embodiment 2

[0047] This embodiment provides a preferred implementation of step S130 on the basis of the above-mentioned embodiments. The template parsing class in Embodiment 1 includes: a template matching unit, a template verification unit, a field content extraction unit and a data output unit. figure 2 It is a flow chart of the automatic parsing method of the application protocol message provided in Embodiment 2 of the present invention, as figure 2 As shown, the method includes:

[0048] S210. Add a template file according to the protocol features of the application protocol message, wherein the template file is a logical message parsing template edited by using a preset script language.

[0049] S220. Perform compilation processing on each template file, and generate each template analysis class corresponding to each template file.

[0050] In this embodiment, each template parsing class records the specific parsing method of the corresponding application protocol message and the ...

Embodiment 3

[0066] This embodiment provides a preferred implementation manner of step S260 on the basis of the foregoing embodiments. image 3 It is a flow chart of the automatic parsing method of the application protocol message provided by Embodiment 3 of the present invention, as image 3 As shown, the method includes:

[0067] S310. Add a template file according to the protocol features of the application protocol message, wherein the template file is a logical message analysis template edited by using a preset script language.

[0068] S320. Perform compilation processing on each template file, and generate each template analysis class corresponding to each template file.

[0069] S330. Analyze the header of the target application protocol message to obtain the triplet of HOST, URL and METHOD.

[0070] S340. Perform template matching on the parsed triplet of HOST, URL and METHOD with the matching information in each template matching unit.

[0071] S350. If there is a first templa...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses an automatic parsing method and apparatus of an application protocol message. The method comprises the following steps: adding template files with logicalityand edited in a preset script language according to protocol features of the application protocol message, compiling the template files to generate corresponding template parsing categories, parsing atarget application protocol message by using the template parsing category matched with the target application protocol message, and finally outputting a parsing result. According to the automatic parsing method and apparatus disclosed by the embodiment of the invention, when the format of the original application protocol message changes, or an application protocol message in a new format needsto be parsed, or when some protocol fields need to be extracted or deleted excessively, code modifying or re-issuing of software version is not needed, the existing and newly added application protocol messages of all types can be parsed just by adding, modifying or deleting the template files, and meanwhile the maintainability and extensibility of the application protocol parsing process are achieved.

Description

technical field [0001] The embodiment of the present invention relates to the field of network content auditing, in particular to an automatic analysis method and device for application protocol messages. Background technique [0002] In the case of a wide variety of existing network application protocols and frequent protocol version updates, it is very important to analyze the specific content of various application protocols conveniently and quickly for network security monitoring. [0003] The existing application protocol content analysis method is mainly based on data packet search. This method analyzes the data packets of each application protocol in sequence, thereby analyzing the corresponding application protocol, and analyzing the login information from the application protocol message. Post information, reply information, shopping order information and online ticket purchase information, etc. In addition, there is also a method of combining a template file in th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L69/22
Inventor 张晓东万月亮王梅
Owner RUN TECH CO LTD BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap