Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and system for secure traffic collection based on SDN

A collection method and traffic collection technology, applied in the field of communication, to achieve the effects of reducing DoS and DDoS attack performance, improving security, and reducing data security risks

Active Publication Date: 2021-08-13
CHINA ELECTRONICS TECH CYBER SECURITY CO LTD
View PDF13 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Aiming at the security problems faced by the existing traffic collection methods, the present invention proposes a traffic security collection method and system based on SDN (Software Defined Networking)

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for secure traffic collection based on SDN
  • A method and system for secure traffic collection based on SDN
  • A method and system for secure traffic collection based on SDN

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] All features disclosed in this specification, or steps in all methods or processes disclosed, may be combined in any manner, except for mutually exclusive features and / or steps.

[0030] Any feature disclosed in this specification, unless specifically stated, can be replaced by other alternative features that are equivalent or have similar purposes. That is, unless expressly stated otherwise, each feature is one example only of a series of equivalent or similar features.

[0031] In the solution proposed by the present invention, it is mainly composed of four parts: SDN switch, SDN controller, local collection server and virtual node, and they are connected to the collected network through networking to form a complete flow collection system. The working principle realized by the present invention has nothing to do with the specific deployment method, so only figure 1 A typical traffic collection deployment scheme is given to illustrate the working principle.

[0032]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an SDN-based flow security collection method and system. The method includes connecting an SDN switch between a network terminal and an external network in a transparent transmission manner; the SDN controller uses part or all of the SDN switches as collection points, The collection protocol is randomly selected from the traffic collection protocol library, and the corresponding forwarding and data processing rules are issued to all SDN switches. Transmission and forwarding The SDN switch is only used to forward data; the SDN controller performs port mirroring on the traffic of the network terminal and the external network, encrypts the traffic and transmits it; the SDN switch at the collection point or the forwarding SDN switch judges according to the virtual node to which the traffic points, Pass the traffic to the collection server. The present invention is based on the programmable characteristics of SDN, and greatly enhances the security of data transmission and the security of collection servers based on self-defined protocols, virtual nodes and other methods.

Description

technical field [0001] The present invention relates to the communication field, in particular to an SDN-based traffic security collection method and system. Background technique [0002] At present, analyzing the network status through traffic collection technology has become an important means of automatic network operation and maintenance and network security threat detection. Insufficient security defenses, facing security threats such as man-in-the-middle attacks, data theft, and DoS / DDoS attacks. For example, the existing traffic security collection method: network traffic collection method, system and server (application number: CN201510861219.5, application date: 2015.12.01), by introducing traffic identification for policy judgment, this scheme can introduce certain security features, However, due to the lack of encryption and other means, there are risks such as theft and tampering of data; the network traffic collection and analysis system based on microservice c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 李春林李健李明饶志宏王治李明桂
Owner CHINA ELECTRONICS TECH CYBER SECURITY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com