Tracing method based on data packet marking and data packet marking device

A technology for marking devices and data packets, which is applied in the field of network security and can solve problems such as the inability to identify Internet access personnel and terminals

Active Publication Date: 2021-04-09
山东兆物网络技术股份有限公司
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, the actual network is more complicated. It is not a flat network, and there will be subnets and multi-level subnets. After the Internet traffic is converted by t

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Tracing method based on data packet marking and data packet marking device
  • Tracing method based on data packet marking and data packet marking device
  • Tracing method based on data packet marking and data packet marking device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] Such as Figure 1 to Figure 4 As shown, the data packet marking device includes a memory connected to a processor, the processor includes a data message input module and a data message output module, and the data message input module and the data message output module are connected to the data message traceability marking module, the data message A message address conversion module and a data message traceability mark removal module, the data message traceability mark module is connected with a data message mirroring module, and the data message mirroring module is connected to an audit system by communication;

[0047] Data message input module: used to access and process data messages;

[0048] Data message traceability marking module: used to perform traceability marking processing on the data message, and mark the traceability marking information at the end of the data message;

[0049] Data packet address translation module: used for network address translation of...

Embodiment 2

[0058] A traceability method based on packet marking, including the following steps:

[0059] Step 1, judging whether the data message is an uplink data message or a downlink data message, if it is an uplink data message, then enter step 2, if it is a downlink data message, then enter step 3;

[0060]Step 2. Processing of uplink data messages: receive uplink data messages to extract traceability information and mark them, record traceability mark information when data is exported, mirror data messages with traceability mark information to the audit system, forward and remove traceability marks Informational data packets to the upper network;

[0061] Step 3. Processing of the downlink data message: When receiving the downlink data message, query the traceability mark information record at the time of export, mark the obtained traceability mark information record at the end of the data message copied by the mirror, then output it to the audit system, and forward it Datagrams t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of network security, in particular to a tracing method based on data packet marking and a data packet marking device. The data packet marking device comprises a memory connected with a processor, the processor comprises a data message input module and a data message output module, and the data message input module and the data message output module are both connected with a data message traceability marking module, a data message address conversion module and a data message traceability mark removal module; the data message tracing marking module is connected with a data message mirroring module, the data message mirroring module is in communication connection with an auditing system, and the tracing method based on data packet marking and the data packet marking device can achieve real-name auditing of Internet surfing flow logs.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a data packet marking-based traceability method and a data packet marking device. Background technique [0002] At present, the commonly used Internet behavior management and auditing system is deployed at the Internet exit of enterprises or units, and adopts bypass, serial connection, and routing gateway methods to monitor the relationship between Internet traffic data and the personnel and terminals bound to the IP and MAC registered in advance. Associated, or associated with the portal WEB authentication account, so as to realize real-name online log auditing of network traffic. [0003] However, the actual network is more complicated. It is not a flat network, and there will be subnets and multi-level subnets. After the Internet traffic is converted by the gateway NAT address, there are problems in the way of associating personnel information through IP and MAC, whic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/741H04L29/06H04L29/08H04L29/12H04L45/74
CPCH04L67/1095H04L69/22H04L61/2503H04L45/74
Inventor 郝振石
Owner 山东兆物网络技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap