Dynamic rule chained recursive triggering method based on message content awareness and system

A technology for packet content and rules, applied in the field of network visualization, can solve the problem that the static domain rule filtering mode cannot meet the precise filtering requirements of the back-end analysis system, and achieve fast and efficient rule triggering, simple implementation methods, and lower overall construction costs. Effect

Active Publication Date: 2018-08-07
HUNAN RONGTENG NETWORK TECH CO LTD
View PDF9 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The above problems determine that the static domain rule filtering mode of the existing TAP device cannot meet the precise filtering requirements of the back-end analysis sy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic rule chained recursive triggering method based on message content awareness and system
  • Dynamic rule chained recursive triggering method based on message content awareness and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The specific preferred embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings.

[0029] Such as figure 1 As shown, the present embodiment is a dynamic rule chain recursive triggering method based on message content perception, and its steps include:

[0030] 1) The user configures the trigger, specifies the type of rule to be triggered, the aging time, the direction of message matching, the source of each component field of the rule, and the relationship between the triggered rule and other triggers, and saves it in the trigger description library module. Among them, each component field of the rule can be configured by the user as a static value, or can be specified to extract a dynamic value from the specified field of the current message;

[0031] 2) The user configures static rules such as MAC, IP quintuple, and packet payload signature, defines the association relationship between the curre...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a dynamic rule chained recursive triggering method based on message content awareness and a system. According to main technical characteristics, on the basis of establishing adynamic rule chained recursive triggering system, for the problem that an existing TAP device cannot carry out dynamic association analysis on message streams, triggers and an association relationshipbetween the triggers and triggering rules are added, through adoption of steps such as trigger configuration, static rule and trigger definition configuration, message matching, new dynamic rule generation, rule aging deletion and rule table updating, dynamic information such as such as IP addresses, ports and user identities in the externally input message streams are dynamically extracted, andthe new dynamic rules are recursively triggered, so the message streams can be precisely output to a rear end analysis system, input bandwidths of the rear end analysis can be clearly saved, and the performance loss of the rear end analysis system is avoided. The method and the system have the advantages that the realization method is simple, the rule triggering is rapid and efficient, and the message traffic of the rear end analysis system can be clearly reduced.

Description

technical field [0001] The invention belongs to the technical field of network visualization, and in particular relates to a dynamic rule chain recursive triggering method based on message content perception, and a system composition for realizing the method. Background technique [0002] In the background technology, in the field of network visualization, the TAP device is used to collect the message flow of the user's business network, and the flow of interest is screened through the static rules configured by the user, and the network is transmitted to the back-end analysis system for real-time processing based on the split collection network. The analysis system hopes that the front-end TAP device can accurately filter the packet flow, and only output the flow of interest to the backend for processing, so as to avoid unnecessary bandwidth and performance loss caused by irrelevant data packets. In many cases, the back-end analysis system hopes to process the access traffi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/24
CPCH04L41/0816H04L43/026H04L43/028H04L43/045
Inventor 张晓哲胡都欢刘日李先平杨白李权张鹏唐靖飚陈一骄童江鹏
Owner HUNAN RONGTENG NETWORK TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap