Multimode integration core network user traffic application identification method easy to expand

一种易扩展的多方式融合的核心网用户流量应用识别方法

Abstract

A multimode integration core network user traffic application identification method easy to expand comprises the following steps that hierarchical data message analysis is conducted, and tunnel traffic is identified and restored; five-tuple information of IP layer and transport layer protocols is analyzed and managed; according to flow node information, the application identification method integrating a pre-identification method, a port identification method, an HTTP identification method, a P2P identification method and a PA identification method is adopted for obtaining data messages and specific application information of a data flow where the data messages belong. The identification methods support independent expansion, the identification method simple in processing logic and high in response speed is preferentially used, identification loads on the follow-up complex methods are lowered, and identification processing efficiency is improved; the HTTP identification method supports two-level identification, and identification effectiveness and accuracy are improved; meanwhile, a DPI identification mode and a DFI identification mode are supported, and encrypted application protocol and P2P protocol data flows are identified effectively.
一种易于扩展的多方式融合的核心网用户流量应用识别方法,包括层次化的数据报文解析和识别还原隧道流量;解析管理IP层和传输层协议的五元组信息;根据流节点信息,采用预识别、端口识别、HTTP识别、P2P识别和PA识别方法融合的应用识别方法,获取数据报文及其所属数据流的具体应用信息。各识别方法支持单独扩展,并且将处理逻辑简单,响应速度快的识别方法前置,降低后续复杂方法的识别负荷,提高识别处理效率;HTTP支持二级识别,提升识别的有效性和准确性;同时支持DPI和DFI的识别方式,有效识别加密应用协议和P2P协议数据流。

Claims

Description

Topics

Download Full PDF Version (Non-Commercial Use)

Patent Citations (4)

    Publication numberPublication dateAssigneeTitle
    CN-101645803-AFebruary 10, 2010中兴通讯股份有限公司点对点业务的识别方法和互联网业务识别系统
    CN-101753456-AJune 23, 2010苏州大学Method and system for detecting flow of peer-to-peer network
    CN-102404396-AApril 04, 2012北京星网锐捷网络技术有限公司Method, device and system for identifying peer-to-peer (P2P) flow and equipment
    WO-2011012004-A1February 03, 2011中兴通讯股份有限公司一种实现网络流量清洗的方法及系统

NO-Patent Citations (1)

    Title
    李鑫: "“基于DPI的网络流量识别系统的设计与实现”", 《万方数据库》

Cited By (0)

    Publication numberPublication dateAssigneeTitle