User internet data traceability identification method and device

A data traceability and user technology, applied in the field of computer networks, can solve problems such as affecting accuracy, incomplete data packets, and consuming CPU performance, and achieve the effect of accurate auditing

Active Publication Date: 2022-05-17
FENGHUO COMM SCI & TECH CO LTD
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this method, the packet capture program is still running on the gateway device, which will also consume CPU performance, and the process of uploading the captured data to the DPI server will also occupy the upstream bandwidth of the gateway device; Because of the hardware acceleration of the gateway device, the acceleration will lead to incomplete data packets captured by the packet capture program, making the user data obtained in the process of audit traceability incomplete, affecting the accuracy of auditing users' online behavior

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • User internet data traceability identification method and device
  • User internet data traceability identification method and device
  • User internet data traceability identification method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0049] The embodiment of the present invention provides a method for traceability and identification of user online data, such as image 3 shown, including:

[0050] In step 201, the TCP data flow and the UDP data flow in the user's online data are distinguished based on the data packet protocol type.

[0051] In step 202, for the TCP data flow, the data forwarding module sends the TCP data flow to the TCP option processing module, and the TCP option processing module extracts the SYN packet of the TCP data flow, and fills the option field of the SYN packet with identification information , after filling the identification information, send it to the NAT conversion module, and the NAT conversion module performs NAT conversion on the TCP data flow; wherein, the identification information includes the user MAC.

[0052] In step 203, for the UDP data flow, the NAT conversion module directly performs NAT conversion on the UDP data flow based on the first rule.

[0053] The NAT c...

Embodiment 2

[0098] In embodiment 1, both the TCP data flow and the UDP data flow need to carry out NAT conversion after completing the filling of the identification information; the NAT conversion includes converting the source port of the user's online data through the relevant information of the private network IP address in the user's online data; Taking Table 1 as an example, the first rule in Embodiment 1 above is described.

[0099] In Table 1, the calculation method of the start port and the end port is:

[0100] Start port = (the fourth segment of the private network IP address -1)*512+1024;

[0101] End port = start port + 511;

[0102] And the end port is less than 65535.

[0103] The private network IP address consists of four segments; for example, the fourth segment of the private network IP address 192.168.1.2 is 2, and the calculated starting port corresponding to the private network IP address 192.168. 1.2 The corresponding end port is 2047.

[0104] Table 1:

[0105]...

Embodiment 3

[0112] The embodiment of the present invention provides a user online data traceability identification device, such as Figure 7 As shown, one or more processors 21 and memory 22 are included. in, Figure 7 A processor 21 is taken as an example.

[0113] Processor 21 and memory 22 can be connected by bus or other means, Figure 7 Take connection via bus as an example.

[0114] The memory 22, as a non-volatile computer-readable storage medium, can be used to store non-volatile software programs and non-volatile computer-executable programs, such as the method for traceability and identification of user online data in Embodiment 1. The processor 21 runs the non-volatile software program and instructions stored in the memory 22 to execute the method for identifying the source of the user's online data traceability.

[0115] The memory 22 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of computer networks, and provides a user internet data traceability identification method and device, and the method comprises the steps: carrying out the NAT conversion of a TCP data flow after the operation field of an SYN package is subjected to the identification information filling for the TCP data flow, and the identification information comprises a user MAC; for the UDP data stream, NAT conversion is directly carried out on the UDP data stream; the DPI server analyzes the TCP data stream and the UDP data stream which are subjected to NAT conversion; according to the user internet data traceability identification method provided by the invention, the DPI server is arranged outside the gateway equipment, packet capture on the gateway equipment is not needed, NAT conversion is carried out on the TCP data stream and the UDP data stream after the option field of the SYN packet of the TCP data stream is filled with the identification information, and the data traceability of the user internet data is realized. The DPI server arranged outside the gateway device analyzes the user internet surfing data including the TCP data stream and the UDP data stream, and auditing of the user internet surfing behavior can be completed more comprehensively and more accurately.

Description

technical field [0001] The invention relates to the technical field of computer networks, in particular to a method and device for tracing and identifying user online data. Background technique [0002] DPI (Deep Packet Inspection) is a packet-based in-depth inspection technology that conducts in-depth inspections on different network application layer loads to promote the development of network identification technology. DPI is mainly used in security issues, traffic identification, and massive data mining in big data. Through feature matching technology, the header information of each layer added in the packet encapsulation process is analyzed and extracted to realize traffic identification. [0003] Through the identification of traffic, the content of data carried in the network can be grasped, and the network behavior of users can be analyzed. With the continuous improvement of Internet security requirements, it is more and more important to audit the user's online beh...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L69/165H04L69/22H04L61/2503H04L67/1396H04L101/622
CPCH04L69/165H04L69/22Y02D30/50
Inventor 黄小龙毛拓韩佳南魏婵李骏杨文博李自琛
Owner FENGHUO COMM SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap