Feature information analysis method and device

A technology of characteristic information and analysis device, applied in the field of communication

Pending Publication Date: 2020-10-27
HUAWEI TECH CO LTD
View PDF0 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] It can be seen from this that those skilled in the art take the data flow as the basic analysis unit when analyzing the network operation status, but only part of the network operation status can be analyzed based on the characteristic information of the data flow.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Feature information analysis method and device
  • Feature information analysis method and device
  • Feature information analysis method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0130] In a first possible implementation manner, from all received data packets, the quintuple information of each data packet is obtained respectively; based on the quintuple information of each data packet, from all received Obtain multiple data packets of the session to be analyzed from the received data packets.

[0131] For all received data packets, analyze the quintuple information of each data packet, group all received data packets based on the quintuple information, and send multiple packets from the first network device to the second network device A data packet and a plurality of data packets sent from the second network device to the first network device are divided into a group, and a plurality of data packets in each group belong to the same session, and finally a plurality of data packets are obtained Sessions, each of which refers to a communication between two network devices. In practical applications, at least one obtained session may be selected as the s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention creatively provides a feature information analysis method and device. The method comprises the steps of obtaining a plurality of data messages in a to-be-analyzed session; extracting a feature value of a preset session feature from each data message; and calculating the feature values to obtain the session feature information of the to-be-analyzed session. In the embodiment of the invention, the session is used as a basic analysis unit and is integrally analyzed, and the session feature information capable of comprehensively reflecting the session is obtained. The embodiment of the invention further provides a network attack detection method and system which detect a network session attack in a preset time interval according to the session feature information of the to-be-analyzed session acquired in the preset time interval, the problem that the session attack in the network cannot be detected based on the feature information of the data flow in the prior art is solved, the session attack in the network is effectively detected, and the completeness of network attack detection is improved.

Description

technical field [0001] The present invention relates to the field of communication technologies, in particular to a feature information analysis method and device. Background technique [0002] At present, the transmission of data in the Internet is generally described by a data stream, and a data stream (data stream) refers to a sequence of data packets that are read once in a prescribed order. The five-tuple information of multiple data packets belonging to the same data flow is the same, and the five-tuple information includes source Internet protocol IP address, destination IP address, source port number, destination port number and transport layer protocol number. [0003] By analyzing the information carried by the data packet sequence in a data flow, the feature information of the data flow can be obtained. By comprehensively analyzing the characteristic information of multiple data streams, it is possible to understand the operation status of data transmission in th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L9/40
Inventor 付天福周冲
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap