Unlock instant, AI-driven research and patent intelligence for your innovation.

Dynamic rule chain recursive trigger method and system based on message content awareness

A technology for packet content and rules, applied in the field of network visualization, can solve the problem that the static domain rule filtering mode cannot meet the precise filtering requirements of the back-end analysis system, and achieve fast and efficient rule triggering, simple implementation method, and reduced packet traffic. Effect

Active Publication Date: 2021-06-11
HUNAN RONGTENG NETWORK TECH CO LTD
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The above problems determine that the static domain rule filtering mode of the existing TAP device cannot meet the precise filtering requirements of the back-end analysis system. The maximum rule set can only be statically configured on the front-end TAP device to output all possible packet flows to the back-end analysis system. The system recognizes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic rule chain recursive trigger method and system based on message content awareness
  • Dynamic rule chain recursive trigger method and system based on message content awareness

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The specific preferred embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings.

[0029] Such as figure 1 As shown, the present embodiment is a dynamic rule chain recursive triggering method based on message content perception, and its steps include:

[0030] 1) The user configures the trigger, specifies the type of rule to be triggered, the aging time, the direction of message matching, the source of each component field of the rule, and the relationship between the triggered rule and other triggers, and saves it in the trigger description library module. Among them, each component field of the rule can be configured by the user as a static value, or can be specified to extract a dynamic value from the specified field of the current message;

[0031] 2) The user configures static rules such as MAC, IP quintuple, and packet payload signature, defines the association relationship between the curre...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention discloses a dynamic rule chain recursive triggering method and system based on message content perception. By adding triggers and the relationship between triggers and trigger rules, configuration triggers, configuration of static rules and trigger definitions, packet matching, generation of new dynamic rules, rule aging deletion, Update the rule table and other steps to dynamically extract the dynamic information such as IP address, port, and user ID in the external input packet flow, and recursively trigger new dynamic rules, so that the packet flow can be accurately output to the back-end analysis system, which significantly saves time. The input bandwidth of the end analysis system avoids the performance loss of the back-end analysis system. It has the advantages of simple implementation method, fast and efficient rule triggering, and significantly reduces the message flow of the back-end analysis system.

Description

technical field [0001] The invention belongs to the technical field of network visualization, and in particular relates to a dynamic rule chain recursive triggering method based on message content perception, and a system composition for realizing the method. Background technique [0002] In the background technology, in the field of network visualization, the TAP device is used to collect the message flow of the user's business network, and the flow of interest is screened through the static rules configured by the user, and the network is transmitted to the back-end analysis system for real-time processing based on the split collection network. The analysis system hopes that the front-end TAP device can accurately filter the packet flow, and only output the flow of interest to the backend for processing, so as to avoid unnecessary bandwidth and performance loss caused by irrelevant data packets. In many cases, the back-end analysis system hopes to process the access traffi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L12/24
CPCH04L41/0816H04L43/026H04L43/028H04L43/045
Inventor 张晓哲胡都欢刘日李先平杨白李权张鹏唐靖飚陈一骄童江鹏
Owner HUNAN RONGTENG NETWORK TECH CO LTD