Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for analyzing and classifying network traffic and storage medium

A technology of network traffic and clustering method, which is applied in the field of network security and data processing, can solve problems such as inability to classify traffic into a specific business, time-consuming and laborious classification of network traffic, lack of analysis and classification capabilities, etc., to improve classification efficiency , improve resource utilization, and reduce the effect of analysis steps

Pending Publication Date: 2021-03-30
北京浩瀚深度信息技术股份有限公司
View PDF9 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

With the development of communication technology, smart devices have more and more influence on people. Various APPs and Internet of Things devices emerge in an endless stream.
Many researchers at home and abroad have proposed some automatic classification methods for network traffic based on machine learning. These classification methods have some disadvantages: for the supervised machine learning classification method, a complete sample library is first required, and the completeness of the sample library determines the classification results. secondly, only known services can be classified, and unknown services cannot be automatically classified because there are no samples
For unsupervised machine learning classification methods, first of all, they can only classify traffic, and can only be divided into several agreed categories, which is not applicable to the classification of network traffic in reality, because the number of categories that network traffic can be divided into is unknown Secondly, they cannot automatically classify the traffic accurately into a specific business, they only have the classification function, and they do not have the ability to analyze and classify

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for analyzing and classifying network traffic and storage medium
  • Method and device for analyzing and classifying network traffic and storage medium
  • Method and device for analyzing and classifying network traffic and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0067] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0068] The terminology used in the present invention is for the purpose of describing particular embodiments only and is not intended to limit the invention. As used herein and in the appended claims, the singular forms "a", "the", and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It should also be understood that the term "and / or" as used herein refers to and includes any and all possible combinations o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of network security and data processing, and relates to a method, device and equipment for analyzing and classifying network traffic and a storage medium.The first aspect of the invention provides a method for analyzing and classifying network traffic, which comprises the following steps of: acquiring a message; shunting the message according to a protocol, wherein the message at least comprises common TCP / UDP; for the common TCP / UDP, extracting the fingerprint of each type according to a payload clustering method; obtaining a domain name with themaximum jaccard coefficient in the network connection; and judging whether the existing resource library has related characteristics or not, and if not, storing the corresponding classification rules.The invention further provides electronic equipment and a computer readable storage medium. According to the method for analyzing and classifying the network traffic, a sample library does not need to be prepared in advance, the traffic in the network can be automatically classified, the attribution service of each type of traffic is analyzed, and the whole process realizes automatic and accurateclassification.

Description

Technical field: [0001] The present invention relates to the technical field of network security and data processing, in particular to a method, device, equipment and storage medium for analyzing and classifying network traffic. Background technique: [0002] Network traffic classification is of great significance to the optimal configuration of network resources and the security application of the network. Real-time and accurate classification of network traffic can guarantee the normal, stable and reliable operation of the network. [0003] Common network traffic analysis methods include DPI (Deep PacKet Inspection, deep packet inspection) and DFI (Deep / Dynamic Flow Inspection, deep / dynamic flow inspection). DPI is a method of extracting fingerprint features based on a single packet, and DFI is based on a network connection. A method for extracting multi-packet features, where features can be information such as fingerprints, packet lengths, and time intervals. With the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/851H04L29/06H04L29/12
CPCH04L47/2441H04L69/165H04L61/4511
Inventor 肖梅齐凯窦伊男
Owner 北京浩瀚深度信息技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com