Method of opening network data packet files quickly

A network data packet and data packet technology, applied in the field of data processing, can solve problems such as unreasonable consumption, IOPS consumption, and meaningless consumption, and achieve the effect of improving efficiency and correctness

Inactive Publication Date: 2018-05-15
科来网络技术股份有限公司
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] This will lead to: Since there are many data packet file formats, and modules of certain file types are placed at the back of the queue, every time a file of these formats is opened, dozens of file opening, reading, and closing operations will be generated, consuming A lot of IOPS
Especially when analyzing tens of thousands of small files, these overheads are even more time-consuming than packet content analysis, which is meaningless and extremely unreasonable

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of opening network data packet files quickly
  • Method of opening network data packet files quickly

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0025] The present invention provides a method for quickly opening network data packet files, such as figure 2 As shown, the method includes:

[0026] (1) Use the magic number of each network packet file type to establish a global dictionary tree, and establish the mapping relationship between the magic number and the file module.

[0027] There are many network packet file formats, common ones are libpcap, pcapng, rapkt, 5vw, sniffer, etc.

[0028] Magic number (magic number): For many file types, the content of the first few bytes of the file header is fixed and is used to indicate the file type. These fixed contents are called magic numbers.

[0029] Dictionary tree: The dictionary tree is a tree data structure used to store and quickly query strings, such as figure 1 Shown.

[0030] (2) Read several bytes of the file header of the network data packet file to be processed, and then perform string matching on several bytes. If the match is successful, proceed to step (3).

[0031] Si...

Embodiment 2

[0036] The present invention provides a method for quickly opening network data packet files, such as figure 2 As shown, the method includes:

[0037] (1) Use the magic number of each network packet file type to establish a global dictionary tree, and establish the mapping relationship between the magic number and the file module.

[0038] There are many network packet file formats, common ones are libpcap, pcapng, rapkt, 5vw, sniffer, etc.

[0039] Magic number (magic number): For many file types, the content of the first few bytes of the file header is fixed and is used to indicate the file type. These fixed contents are called magic numbers.

[0040] Dictionary tree: The dictionary tree is a tree data structure used to store and quickly query strings, such as figure 1 Shown.

[0041] (2) Read several bytes of the file header of the network data packet file to be processed, and then perform string matching on several bytes. If the match is successful, proceed to step (3).

[0042] Si...

Embodiment 3

[0048] The present invention provides a method for quickly opening network data packet files, such as figure 2 As shown, the method includes:

[0049] (1) Use the magic number of each network packet file type to establish a global dictionary tree, and establish the mapping relationship between the magic number and the file module.

[0050] There are many network packet file formats, common ones are libpcap, pcapng, rapkt, 5vw, sniffer, etc.

[0051] Magic number (magic number): For many file types, the content of the first few bytes of the file header is fixed and is used to indicate the file type. These fixed contents are called magic numbers.

[0052] Dictionary tree: The dictionary tree is a tree data structure used to store and quickly query strings, such as figure 1 Shown.

[0053] (2) Read several bytes of the file header of the network data packet file to be processed, and then perform string matching on several bytes. If the match is successful, proceed to step (3).

[0054] Si...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method of opening network data packet files quickly. The method comprises the following steps: (1) establishing a global dictionary tree by employing modulus of network data packet file types and establishing a mapping relationship between the modulus and a file module; (2) reading a plurality of bites of a file header of a to-be-processed network data packet file and thenmatching strings of the bites, if matching is successful, carrying out step (3); and (3) if the modulus length of the to-be-processed network data packet file is proper, matching a message header, and if the matching is successful, invoking a corresponding file module processing file; if the modulus length of the to-be-processed network data packet file is too short, matching the name suffix of the file, and if the matching is successful, invoking the corresponding file module processing file. By employing the method, I / O is only used once for each file to determine the file type, and the file is quickly and correctly opened.

Description

Technical field [0001] The invention relates to the field of data processing, in particular to a method for quickly opening a network data packet file. Background technique [0002] To transmit information in the network, if a single piece of information is relatively long, it will be divided into multiple data blocks, and each data block is transmitted separately, and these blocks are called network packets (Packet). Network data packet files, which are files storing network data packets, are usually generated by packet capture tools. [0003] There are many network packet file formats, common ones are libpcap, pcapng, rapkt, 5vw, sniffer, etc. To open and read a data packet file correctly, you must know its file type. [0004] When processing a large number of data packet files in batches, because the files come from different collection points and are generated by devices of different manufacturers, the type of the file is not known before the file is opened. It is not advisab...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06F17/30
CPCG06F16/17H04L69/18H04L69/22
Inventor 林康酒纪伟
Owner 科来网络技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap