A traffic collection method based on a multi-radio access point scene

By adding an interference group in multi-wireless access point scenarios, and using automated scripts and packet capture tools to collect and filter network traffic data, the problem of inaccurate data collection under interference environments is solved, and efficient traffic data extraction and analysis are achieved.

CN116489171BActive Publication Date: 2026-06-23NANJING UNIV OF POSTS & TELECOMM

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
NANJING UNIV OF POSTS & TELECOMM
Filing Date
2023-04-28
Publication Date
2026-06-23

Smart Images

  • Figure CN116489171B_ABST
    Figure CN116489171B_ABST
Patent Text Reader

Abstract

The application discloses a traffic collection method based on a multi-wireless access point scene, utilizes a PC terminal to control a mobile terminal to generate interference traffic by using an automatic script based on Python and Appium; the traffic collection and feature extraction code is embedded in all routers to complete feature file extraction; all routers synchronize the feature files to the PC terminal in real time through rsync, the PC terminal cleans and marks the feature files obtained by all routers by using mobile terminal and simulator information, and inserts the feature files into a feature database; the mobile terminal captures original data packets, new routers obtain the original data packets through a mirror mode, and then send the original data packets to a transfer server; the transfer server writes a comparison script to analyze the differences between the mobile terminal pcap and the new router pcap, and finally realizes extraction of network traffic in an interference scene, so that data of rich multi-scene applications is facilitated.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of network traffic acquisition technology, and in particular to a traffic acquisition method based on a multi-wireless access point scenario. Background Technology

[0002] As network technology continues to penetrate into work and life, multiple wireless signals often exist in the same space. When a server is connected to the network, it is easily affected by other interferences, which can lead to server delays or malfunctions. This has always been an unresolved aspect of wireless network issues. These interferences can be caused by independent non-Wi-Fi interference devices (wireless cameras, microwave ovens, etc.), human interference signals, and interference from nearby Wi-Fi devices. Therefore, interference issues cannot be ignored in order to obtain more accurate results.

[0003] To ensure sufficient signal strength for each wireless workstation, sometimes, if the source of interference is known, the device can be moved or the interference source shielded to prevent interference signals from affecting the network. Many people also tend to deploy wireless access points very densely; for example, some networks have one or even multiple wireless access points in every room. This deployment method greatly improves network capacity and performance through spatial multiplexing of the spectrum. It seems that the more wireless access points there are, the more normally the devices will operate, even with interference.

[0004] However, wireless access points can interfere with each other, a phenomenon known as co-channel interference, especially when a large number of access points are deployed in a given space. In wireless network deployment, interference from wireless signals is often ignored, and current traffic acquisition rarely considers interference environments. Therefore, obtaining raw data more accurately and without interference remains a challenging problem to overcome. Summary of the Invention

[0005] To address the above technical problems, this invention provides a traffic collection method for multi-wireless access point scenarios, comprising the following steps:

[0006] S1. During the traffic acquisition process, n2 new wireless access points are added as an interference group on the basis of n1 existing wireless access points. Wireless signal testing software is used to collect real-time information of all wireless access points, including both existing and new wireless access points. Real-time information includes Wi-Fi signal strength and channel. Surrounding wireless information is measured to obtain all surrounding wireless signals and their information that the wireless network card can search for, and the frequency of all wireless access points is detected.

[0007] S2. Set the device status of multiple sub-nodes and send packets to the existing wireless access point, i.e., perform basic operations on the sub-nodes; the PC records the traffic data generated during the basic operations on the sub-nodes.

[0008] S3. After the original wireless access point packet sending process is completed, extract the feature files generated by all wireless access points.

[0009] S4. Filter and compare the traffic data of the sub-nodes with the feature files generated by all wireless access points, and finally directly input the feature files into the database.

[0010] The technical solution further defined in this invention is:

[0011] Furthermore, in step S2, the sub-nodes are set as mobile terminals. The method for setting the device status of multiple sub-nodes is as follows: the mobile terminal is connected to the PC via USB, the mobile terminal is connected to the network via the original wireless access point, the original wireless access point is connected to the central server via a network cable, and the central server configures the corresponding mobile terminal and mobile application; each automation script is sent to each mobile terminal via HTTP, and the central server uniformly issues commands to each mobile terminal, and the automation script controls the mobile terminal to collect traffic.

[0012] The aforementioned traffic collection method based on a multi-wireless access point scenario includes the following steps in step S2: basic operations performed on the child nodes include logging into an account, watching videos, and reading articles. The original traffic data is collected using the packet capture tool PCAPdroid and the existing wireless access points, resulting in network traffic packets in pcap format. An automated script is constructed to enable the mobile terminal to perform basic operations supported by the existing wireless access points. The automated script is then tested to collect the generated original traffic. Simultaneously, the PC records the mobile terminal information, including the mobile application name and the mobile terminal IP address.

[0013] In the traffic collection method based on multiple wireless access points described above, step S2 involves setting up an Appium environment on a PC, enabling Appium to operate on an emulator, and connecting Appium to the network through a newly added wireless access point; constructing an automated script for the emulator to perform routine operations with the support of the newly added wireless access point, and conducting automated script testing to collect the generated interference traffic.

[0014] In the traffic collection method based on multiple wireless access points described above, in step S2, packets are sent to the existing wireless access points and the child nodes perform basic operations. During this process, the newly added wireless access points also continuously emit interference, generating interference traffic. In this scenario, all traffic features are extracted, the data is tagged according to the traffic features, and the tagged data is extracted to obtain several individual traffic data.

[0015] The aforementioned traffic collection method based on a multi-wireless access point scenario, in step S2, processes the traffic data in pcap format. The processing method includes the following steps:

[0016] The data is labeled according to different characteristics, including mobile application name, mobile application version number, mobile terminal name, packet capture time, and packet capture person. After being labeled, the data is stored in a new CSV file.

[0017] Remove useless information from the pcap file, including duplicate and redundant information, and extract several separate traffic data points according to the ratio of 60% training set, 20% validation set, and 20% test set.

[0018] In the traffic collection method based on multiple wireless access points described above, in step S3, all wireless access points include existing wireless access points and newly added wireless access points. Existing wireless access points are set as existing routers, and newly added wireless access points are set as newly added routers. After the central server sends a command to the child nodes, the command is sent to all routers, including existing routers and newly added routers. After the packet capture and feature extraction code is started, all routers start to continuously capture packets.

[0019] Once each child node has completed its startup task, it sends a request to the central server. The central server determines that all child nodes have completed their tasks before sending the request to all routers and stopping packet capture.

[0020] Next, the pcap files and terminal information of each mobile terminal are collected. After collection, they are filtered and compared with the feature files obtained from all routers, and finally the feature files are directly added to the database.

[0021] In the traffic collection method based on multiple wireless access points described above, the method for storing feature files in step S4 is as follows: after the mobile terminal information collection is completed, the feature files obtained from all routers are associated with the recorded terminal information, the feature files are cleaned and labeled, and finally the cleaned data is stored in the database.

[0022] The beneficial effects of this invention are:

[0023] In this invention, an automated script written in Python and Appium on a PC is used to control mobile terminals to generate traffic, thereby generating interference traffic. Traffic acquisition and feature extraction code is embedded in all routers to complete feature file extraction. All routers use the data mirroring backup tool rsync to synchronize the feature files to the PC in real time. The PC uses information from the mobile terminals and emulators to clean and mark the feature files obtained from all routers and insert them into the feature database. On the mobile terminals, PCAPdroid is used to capture the original data packets of the original mobile terminals. The original data packets of the newly added routers are obtained through mirroring and sent to the relay server synchronously. The relay server writes a comparison script to analyze the differences between the mobile terminal pcap and the new router pcap, ultimately realizing the extraction of network traffic in interference scenarios, which facilitates the enrichment of data for multi-scenario applications. Attached Figure Description

[0024] Figure 1 This is a schematic diagram of the overall process of the present invention. Detailed Implementation

[0025] This embodiment provides a traffic collection method based on a multi-wireless access point scenario, including the following steps:

[0026] S1. During traffic acquisition, n2 new wireless access points are added as an interference group in addition to the existing n1 wireless access points. Wireless signal testing software (Inssider, mobile Wi-Fi analyzer, etc.) is used to collect real-time information of all wireless access points (APs). All wireless access points include existing wireless access points and new wireless access points. Existing wireless access points are set to the existing routers, and new wireless access points are set to the new routers. Real-time information includes Wi-Fi signal strength and channel. Surrounding wireless information is measured to obtain all surrounding wireless signals and their information that the wireless network card can search for, and the frequency of all wireless access points is detected.

[0027] S2. Set the device status of multiple sub-nodes. Set the sub-nodes as mobile terminals and send packets to the original wireless access point to perform basic operations on the sub-nodes (login account, watch video, and read article, etc.). The PC terminal records the traffic data generated during the basic operations of the sub-nodes.

[0028] The method for setting the device status of multiple sub-nodes is as follows: the mobile terminal is connected to the PC via USB, the mobile terminal is connected to the Internet through the original wireless access point, the original wireless access point is connected to the central server via network cable, and the central server is configured with the corresponding mobile terminal and mobile application; each automation script is sent to each mobile terminal via HTTP, and the central server uniformly issues commands to each mobile terminal, and the automation script controls the mobile terminal to collect traffic.

[0029] The child node connects to the corresponding existing wireless access point to complete local network access. Within a certain range, there is interference in the Wi-Fi network, which affects the normal use of the Wi-Fi network by wireless users. The newly added wireless access point will cause co-channel interference to the existing wireless access point.

[0030] In step S2, the packet capture tool PCAPdroid is used to collect existing traffic data from the existing wireless access point, and network traffic packets in pcap format are collected. An automated script is built to enable the mobile terminal to perform basic operations with the support of the existing wireless access point. The generated existing traffic is collected by testing the automated script. The mobile terminal connects to the network through the existing router and sends packets to the existing router. At the same time, the PC records the mobile terminal information, including the mobile application name and the mobile terminal IP.

[0031] In step S2, the Appium automated testing tool is set up in a PC environment, enabling Appium to operate on servers such as simulators. Appium connects to the network by adding a wireless access point. An automated script is built to perform routine operations on the simulator with the support of the added wireless access point. The generated interference traffic is collected by performing automated script testing.

[0032] In step S2, packets are sent to the existing wireless access point, and the child node performs basic operations. During this process, the newly added wireless access point also continuously emits interference, generating interference traffic. In this scenario, all traffic features are extracted, the data is tagged according to the traffic features, and the tagged data is extracted to obtain several individual traffic data.

[0033] In step S2, the traffic data in pcap format is processed. The processing method includes the following steps:

[0034] The data is tagged according to the characteristics of mobile application name, mobile application version number, mobile terminal name, packet capture time, and packet capture person, and then stored in a new CSV file;

[0035] Remove useless information from the pcap file, including duplicate and redundant information, and extract several separate traffic data points according to the ratio of 60% training set, 20% validation set, and 20% test set.

[0036] S3. After the original wireless access point packet sending process is completed, extract the feature files generated by all wireless access points.

[0037] After the central server sends commands to the child nodes, the commands are sent to all routers, including both existing and newly added routers. Once the packet capture and feature extraction code is started, all routers begin to capture packets continuously.

[0038] Once each child node has completed its startup task, it sends a request to the central server. The central server determines that all child nodes have completed their tasks before sending the request to all routers and stopping packet capture.

[0039] Next, the pcap files and terminal information of each mobile terminal are collected. After collection, they are filtered and compared with the feature files obtained from all routers, and finally the feature files are directly added to the database.

[0040] The method for storing feature files is as follows: after the mobile terminal information collection is completed, the feature files obtained from all routers are associated with the recorded terminal information, the feature files are cleaned and labeled, and finally the cleaned data is stored in the database.

[0041] S4. Filter and compare the traffic data of the sub-nodes with the feature files generated by all wireless access points, and finally directly store the feature files into the database. The method for storing the feature files into the database is as follows: after the mobile terminal information collection is completed, associate the feature files obtained by all routers with the recorded terminal information, clean and label the feature files, and finally store the cleaned data into the database.

[0042] Since multiple wireless access points exist in the same space, the traffic data results generated by mobile applications in network traffic collection scenarios differ from those collected from a single wireless access point. This embodiment proposes a traffic collection method based on multi-wireless access point scenarios, which facilitates the enrichment of data from mobile applications in various scenarios, such as... Figure 1 As shown, the entire architecture consists of one central server (control terminal) and multiple traffic generation chains (server terminals). Each traffic generation chain is controlled by a PC through Appium to generate traffic on a mobile terminal. There are n1 existing routers and n2 new routers. Each mobile terminal connects to an existing router via Wi-Fi. An image is set up on the existing router and connected to the central server via a network cable. Each emulator connects to a new router via Wi-Fi and an image is set up on the new router and connected to the central server via a network cable.

[0043] When the capture task begins, the central node issues commands and sends the configuration file to the control child nodes of the traffic generation chain. Appium is used to control the mobile terminal to generate traffic, and at the same time, the information of the mobile terminal is fed back to the central server. The central server also sends data collection commands to the newly added router. The newly added router performs traffic collection and feature extraction tasks based on the embedded traffic collection and feature extraction code.

[0044] After the data collection is completed, the central server sends a stop command to each traffic generation chain and all routers. The collected feature files are then synchronized to the central server via secure copy (SCP) for traffic marking and filtering. This ultimately enables the collection of traffic in interference scenarios, facilitating the enrichment of data for mobile applications in various scenarios.

[0045] In addition to the embodiments described above, the present invention may have other implementations. All technical solutions formed by equivalent substitution or equivalent transformation fall within the protection scope claimed by the present invention.

Claims

1. A traffic collection method based on a multi-wireless access point scenario, characterized in that: Includes the following steps: S1. During the traffic acquisition process, n2 new wireless access points are added as an interference group on the basis of n1 existing wireless access points. Wireless signal testing software is used to collect real-time information of all wireless access points, including both existing and new wireless access points. Real-time information includes Wi-Fi signal strength and channel. Surrounding wireless information is measured to obtain all surrounding wireless signals and their information that the wireless network card can search for, and the frequency of all wireless access points is detected. S2. Set the device status of multiple sub-nodes and send packets to the existing wireless access point, i.e., perform basic operations on the sub-nodes; the PC records the traffic data generated during the basic operations on the sub-nodes. The method for setting the device status of multiple child nodes as mobile terminals is as follows: the mobile terminal is connected to the PC via USB, the mobile terminal is connected to the Internet through the original wireless access point, the original wireless access point is connected to the central server via network cable, and the central server is configured with the corresponding mobile terminal and mobile application; each automation script is sent to each mobile terminal via HTTP, and the central server uniformly issues commands to each mobile terminal, and the automation script controls the mobile terminal to collect traffic. The basic operations performed on the child nodes include logging into an account, watching videos, and reading articles. The PCAPdroid packet capture tool is used to collect existing traffic data from the original wireless access point, resulting in network traffic packets in pcap format. An automated script is built to enable the mobile terminal to perform basic operations supported by the original wireless access point. This automated script is then tested, and the generated traffic is collected. Simultaneously, the PC records mobile terminal information, including the mobile application name and the mobile terminal's IP address. Set up an Appium environment on a PC to enable Appium to operate on the emulator. Appium connects to the network through a newly added wireless access point. Build an automated script for the emulator to perform basic operations with the support of the newly added wireless access point, test the automated script, and collect the generated interference traffic. The child node performs basic operations, sending packets to the existing wireless access point. During this process, the newly added wireless access point also continuously emits interference, generating interference traffic. In this scenario, all traffic characteristics are extracted, the data is labeled according to the traffic characteristics, and the labeled data is extracted to obtain several individual traffic data. The method of labeling data according to traffic characteristics includes the following steps: labeling the data according to different characteristics, including mobile application name, mobile application version number, mobile terminal name, packet capture time, and packet capture person, and storing the labeled data in a new CSV file. S3. After the original wireless access point packet sending process is completed, extract the feature files generated by all wireless access points. All wireless access points include existing wireless access points and newly added wireless access points. Existing wireless access points are set to existing routers, and newly added wireless access points are set to newly added routers. After the central server sends commands to the child nodes, the talents are sent to all routers, including existing routers and newly added routers. After the packet capture and feature extraction code is started, all routers begin to continuously capture packets. Once each child node has completed its startup task, it sends a request to the central server. The central server determines that all child nodes have completed their tasks before sending the request to all routers and stopping packet capture. S4. Filter and compare the traffic data of the sub-nodes with the feature files generated by all wireless access points, and finally directly store the feature files into the database. The method for storing the feature files into the database is as follows: after the mobile terminal information collection is completed, associate the feature files obtained by all routers with the recorded terminal information, thereby cleaning and labeling the feature files, and finally storing the cleaned data into the database.

2. The traffic collection method based on a multi-wireless access point scenario according to claim 1, characterized in that: In step S2, useless information in the pcap file is deleted. Useless information includes duplicate and redundant information. Several separate traffic data are extracted according to the ratio of 60% training set, 20% validation set, and 20% test set.