Network service dynamic identification and division system, method and device and storage medium

A network business, dynamic identification technology, applied in the field of Internet security, can solve the problem of lack of stable and reliable implementation

Active Publication Date: 2021-05-28
HARBIN INST OF TECH AT WEIHAI
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The internal business classification of cloud data centers is still in its infancy, and there is no relatively stable and reliable implementation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network service dynamic identification and division system, method and device and storage medium
  • Network service dynamic identification and division system, method and device and storage medium
  • Network service dynamic identification and division system, method and device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0069] A system for dynamic identification and division of network services, such as figure 1 , figure 2 As shown, it includes a network feature extraction module, a network topology discovery module, and a service identification and division module; the network feature extraction module is used to: obtain real-time traffic data, preprocess the acquired real-time traffic data, and perform structural features after the preprocessing operation Extract and quantify feature calculations, persist the results of feature calculations, and store them in a structured feature library; the network topology discovery module is used to: discover network topology and construct network topology information; the service identification and division module is used to: Identify and classify network services.

[0070] The overall design idea of ​​the system for dynamic identification and division of network services in the present invention is to first use sniffing tools to obtain real-time dat...

Embodiment 2

[0072] According to the system for dynamically identifying and classifying network services described in Embodiment 1, the difference is that:

[0073] The network feature extraction module includes a sequentially connected data acquisition module, a preprocessing module, a structured feature extraction module, a quantitative feature calculation module, and a feature storage module;

[0074] The data acquisition module is used to obtain real-time traffic data, which is the network metadata, and the network metadata refers to the data frames extracted from the network traffic; after the data is obtained, it is handed over to the pre-processing module for processing; the pre-processing module is used for Perform data cleaning, deduplication, denulling, and type conversion operations on the acquired real-time traffic data in sequence; the structured feature extraction module is used to perform structured feature extraction on the data preprocessed by the preprocessing module; the ...

Embodiment 3

[0096] A method for dynamic identification and division of network services, such as Figure 5 shown, including the following steps:

[0097] 1) Collect real-time traffic data through the current network;

[0098] 2) Preprocessing the collected real-time flow data;

[0099] 3) Network topology discovery is performed concurrently while performing network service identification, network service identification obtains the result of network service dynamic identification, and network topology discovery obtains network topology information;

[0100] 4) Using the result of dynamic identification of network services and network topology information as input to divide service groups;

[0101] 5) storing the obtained division result in the business division result database;

[0102] 6) Record and print the log.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a network service dynamic identification and division system, method and device and a storage medium. The system comprises a network feature extraction module, a network topology discovery module and a service identification and division module. The network feature extraction module obtains real-time traffic data, preprocesses the obtained real-time traffic data, performs structured feature extraction and quantitative feature calculation after the preprocessing operation, performs persistent processing on a feature calculation result, and stores the result into a structured feature library; the network topology discovery module discovers network topology and constructs network topology information; and the service identification and division module is used for identifying and dividing network services. According to the invention, the problem that a traditional network service identification and division method is not applicable in an internal environment of a cloud data center under the condition that only traffic data is used as a single data source is solved, and the requirements of rapid, dynamic and real-time network identification and division are further met.

Description

technical field [0001] The invention relates to a system, method, device and storage medium for dynamic identification and division of network services, belonging to the technical field of Internet security. Background technique [0002] With the continuous development of the cloud data center platform, its demand for security is also increasing. In the face of increasingly serious security problems, existing security protection measures such as firewalls, intrusion detection, identity authentication, etc. are often concentrated on the network border, in order to prevent external security threats from entering the cloud data center, and focus on the cloud border safety. However, in a cloud environment, once an attacker breaks through the cloud perimeter defense, the attacker can move freely inside, causing greater security risks. Therefore, it is far from enough to deploy security protection measures at the border of the cloud data center network. Certain security measures...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L63/20H04L63/1416
Inventor 刘祚捷王佰玲刘红日黄俊恒辛国栋
Owner HARBIN INST OF TECH AT WEIHAI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap