Unlock instant, AI-driven research and patent intelligence for your innovation.

Data processing method, device and apparatus and readable storage medium

A technology for data processing and storage media, applied in the field of information security, can solve the problems of multi-time data packets, affecting data packet transmission delay, high packet loss rate, etc., to speed up processing efficiency, reduce packet loss rate, and ensure reliability. Effect

Inactive Publication Date: 2021-09-17
中电科网络安全科技股份有限公司
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, it will take a lot of time for the data packet to be reassembled and fragmented in the protocol stack, which will affect the transmission delay of the data packet and even cause a high packet loss rate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data processing method, device and apparatus and readable storage medium
  • Data processing method, device and apparatus and readable storage medium
  • Data processing method, device and apparatus and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0055] Please refer to figure 1 , figure 1 It is a flow chart of a data processing method in an embodiment of the present invention, and the method can solve the problem of low efficiency in matching security policies of fragmented data streams. The method includes the following steps:

[0056] S101. Receive a fragmented packet of a data packet.

[0057] It should be noted that the data packet may be a UDP data packet or a TCP data packet.

[0058] Since the fragment packet can be a first fragment packet of a complete data packet, it can also be a secondary fragment packet of a complete data packet.

[0059] S102. Determine whether the fragmented packet is the first fragmented packet.

[0060] Since the flow information in the first fragment packet includes complete quintuple information, the flow information in the secondary fragment packet does not include complete quintuple information. Therefore, it can be judged whether the fragmented packet is the first fragmented p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a data processing method, device and apparatus and a readable storage medium. The method comprises the steps of receivin fragment packets of a data packet; judging whether the fragmented packets are the first fragmented packets or not; if yes, storing first fragment packet flow information in the fragment packets into a hash chain table; if not, acquiring first fragment packet flow information corresponding to the fragment packets from the hash chain table; processing the fragmented packets by using a security processing strategy corresponding to the first packet flow information, wherein the security processing strategy is a security strategy in an IPSec protocol. According to the method, the matched security processing strategy can be directly determined based on the flow information of the first fragment packets without waiting for all fragment packets or recombining the fragment packets, so that the time for waiting for the fragment packets, the recombining of the fragment packets and the re-fragment processing step after the recombining of the fragment packets are saved, the effect of immediately processing after the fragment packets are received can be realized, the fragmented packet processing efficiency can be accelerated, the packet loss rate can be reduced, and the reliability of data transmission can be ensured.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a data processing method, device, equipment and readable storage medium. Background technique [0002] The IPSec protocol is a set of architecture that implements network data security at the IP layer, and the data flow realizes the protection of IP data packets by matching the rules of the security policy SP. The rules of the security policy SP are composed of five tuples (source IP, destination IP, source port, destination port, protocol). When the TCP / UDP packet is not fragmented, it has complete quintuple information and can directly match the security policy SP to realize data protection. [0003] When the TCP / UDP packet is a fragmented packet, only the first fragmented packet has complete quintuple information, and the remaining fragmented packets do not have complete quintuple information and cannot be matched to the security policy SP. After the pro...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F16/901
CPCH04L63/20H04L69/22G06F16/9014
Inventor 宗琪郑成坤
Owner 中电科网络安全科技股份有限公司