Terminal tracing method based on traffic learning

A terminal and traffic technology, applied in the field of terminal traceability based on traffic learning, can solve problems such as the difficulty of active traceability, the inability to trace criminal individuals through active traceability, and the non-existence of information

Inactive Publication Date: 2020-06-16
南京烽火星空通信发展有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (1) Most NAT conversion logs are temporary, and the previous information may no longer exist
[0006] (2) The current NAT device network is already very complex, and there may be multiple NAT sub-networks nested inside the NAT devic

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Terminal tracing method based on traffic learning
  • Terminal tracing method based on traffic learning
  • Terminal tracing method based on traffic learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0068] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0069] 1. Refined extraction module

[0070] The refined extraction module mainly adopts DFI (Deep / Dynamic Flow Inspection) and DPI (DeepPacket Inspection) technical means to extract terminal information (only part of the data contains) in network traffic for traceability and dimension information for forming machine learning .

[0071] (1) Packet reassembly

[0072] Transmission Control Protocol TCP (Transmission Control Protocol, RFC 793, RFC 1122, RFC813, RFC 816, RFC 879, RFC 896, RFC 889, RFC 964) is a protocol that provides host-to-host high-reliability communication in the network, according to RFC793 Regulation. The sequence number (Sequence Number) in the TCP header is used to specify the position of the data packet in the entire session, and the sequence number is the key to TCP session reassembly.

[0073] Session: The data flow of a sock...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a terminal tracing method based on traffic learning. The method comprises the following steps: 1, extracting terminal information used for tracing and dimension information used for forming machine learning in network traffic; 2, preprocessing the information extracted in the step 1; 3, establishing a feature classifier; 4, according to the extracted terminal information and the feature classifier obtained in the step 3, enabling all data to carry the terminal information through a related association strategy to complete terminal tracing. Compared with an existing active traceability method, the method is simpler and more suitable for big data development, and terminal information can be traced.

Description

technical field [0001] The invention relates to a terminal source tracing method based on traffic learning. Background technique [0002] With the explosive development of the Internet and mobile Internet, cyber crimes and cyber frauds are also increasing, and have become a serious social problem. With fewer and fewer global IPV4 addresses, NAT conversion technology is more and more widely used. NAT conversion can map the internal network IP to different ports of the egress IP, thereby shielding the details of the internal network. The emergence of NAT technology makes it more difficult to trace the source of cybercrime. [0003] At present, for cybercrimes after NAT, active traceability is mostly adopted, that is, to find the corresponding NAT device, then check the conversion log, and then do statistical analysis and traceability. [0004] The current active traceability method needs to actively check the conversion log of the corresponding NAT device, but this method ha...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/953G06K9/62H04L47/43
CPCH04L63/1408H04L49/9057H04L69/22H04L2463/146G06F18/2148G06F18/24
Inventor 祝远鉴马小玥朱灿鹏崔弘
Owner 南京烽火星空通信发展有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap