Multi-level packet screening with dynamically selected filtering criteria

A technology for filtering information and information packets, applied in the field of hierarchical screening technology, and can solve the problems of delay in passing time, time-consuming, delay in information packet communication throughput, etc.

Inactive Publication Date: 2006-08-09
HEWLETT PACKARD DEV CO LP
View PDF0 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] inspection and screening of packet traffic is known to be time consuming and thus may cause delays in packet traffic throughput
This delay is especially pronounced when the amount of traffic to be inspected increases and the intrusion detection system bottlenecks the throughput of packet traffic
If a more comprehensive (and more time-consuming) screening operation is used, it may cause further delays in the passage time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-level packet screening with dynamically selected filtering criteria
  • Multi-level packet screening with dynamically selected filtering criteria
  • Multi-level packet screening with dynamically selected filtering criteria

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0015] first reference figure 1 , which is a block diagram showing a method for screening packet communications according to an embodiment of the present invention. A filtering engine 10 (applicable in various applications such as network protection, intrusion detection, firewall, filtering of anti-virus content, and other similar applications) implements a multi-stage processing technique. At a first stage 12 (also referred to as a trigger stage or a detection stage), a corresponding first stage filter 14 receives a packet communication 16 and screens the received communication using a first set of filter criteria 18 . Portions 20 of the received communications 16 that pass the first set of filtering criteria 18 are output from the filtering engine 10 . However, the portion 22 of the received communication 16 that does not pass the first set of filtering criteria 18 will be passed on to the second stage 24 of the filtering engine 10 for further inspection. A second stage 24...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A packet filtering operation implements a hierarchical technique. Received packet traffic is first filtered with a first filtering criteria. This first filtering action generates a first pass traffic portion and a fail traffic portion from the received packet traffic. The fail traffic portion is then second filtered with a second filtering criteria. This second filtering action generates a second pass traffic portion and a reject traffic portion. The first filtering criteria provide for higher throughput, lower accuracy processing while the second filtering criteria provide for lower throughput, higher accuracy processing. Dynamic adjustments may be made to the first and second filtering criteria to achieve better overall packet filtering performance. For example, load is measured and the filtering criteria adjusted to better balance load between the hierarchical filtering actions.

Description

technical field [0001] The present invention relates to multi-level screening of information packet communication, in particular to a hierarchical screening technology, wherein the filtering criteria of each level can be dynamically adjusted based on, for example, the processing capability of each level and / or the change of information packet traffic choose. Background technique [0002] Filtering of packet traffic is required in many well-recognized situations. One such situation is where a network intrusion detection system (IDS) is employed, requiring inspection of passing packet communications for threatening or dangerous content. When such a threat is detected, the suspicious packet traffic is identified and either captured or dropped (perhaps using a firewall) before it has a chance to enter a protected network. [0003] As is well known, inspection and screening operations on packet traffic are time consuming and thus may cause delays in packet traffic throughput. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F15/173G06F12/14H04L29/06
CPCH04L29/06095H04L63/0209H04L29/06102H04L63/1408H04L69/161H04L29/0653H04L69/22H04L63/0263H04L29/06H04L69/16H04L9/40
Inventor 克雷格·坎特雷尔马克·勒迈尔-维勒比克丹尼斯·考克斯多诺万·科尔伯利布赖恩·史密斯
Owner HEWLETT PACKARD DEV CO LP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap