CN106713357A - Universal network protocol analysis method - Google Patents
Universal network protocol analysis method Download PDFInfo
- Publication number
- CN106713357A CN106713357A CN201710059727.0A CN201710059727A CN106713357A CN 106713357 A CN106713357 A CN 106713357A CN 201710059727 A CN201710059727 A CN 201710059727A CN 106713357 A CN106713357 A CN 106713357A
- Authority
- CN
- China
- Prior art keywords
- field
- message
- type
- procotol
- model
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/18—Multiprotocol handlers, e.g. single devices capable of handling multiple protocols
Abstract
The invention discloses a universal network protocol analysis method. The method aims at the specifications and characteristics of application layer protocols under different digital network channels, and the method comprises the following steps: 1) defining a semantic meta model for describing the application layer protocols; 2) defining modeling standards and specifications of a network application protocol; 3) describing a digital network application layer protocol model of a combat system based on a "tree" structure; and 4) designing an automatic protocol analysis method based on the semantic meta model. Verification shows that the method disclosed by the invention can satisfy the mainstream application layer protocols, and can provide guidance for the development of universal joint debugging apparatuses, test devices and simulators by means of protocol analysis requirements.
Description
Technical field
The present invention relates to network communication field, more particularly to a kind of general procotol analytic method.
Background technology
Procotol is the set of the rule, standard or the agreement that carry out data exchange and set up in computer network, is to use
Carry out regular term during information exchange data between description process.In a computer network, two entities being in communication with each other are in
Different geographical position, two processes thereon are in communication with each other, it is necessary to be coordinated their action by exchange information and reached
It is synchronous, and the exchange of information must be carried out according to the process appointed jointly in advance.Procotol generally includes two parts, one
It is standard agreement, is all specifications that communicate and must comply with, such as generally by certain tissue or definition of mechanism in industry:TCP/IP
Agreement, IPX/SPX agreements, NetBEUI agreements etc.;Two is application layer protocol, and the part inside receiving-transmitting sides generally by defining.
One procotol at least includes three key elements:First, grammer:For provisioning information form;Data and control information
Form, coding and signal level etc.;2nd, it is semantic:For illustrating how communicating pair should do;For coordination and Error disposal
Control information;3rd, it is synchronous, it is stipulated that the order of communication event generation is simultaneously described in detail.
The characteristics of open because standard agreement has, thus it is very convenient for the parsing of standard agreement.And application layer
Agreement belongs to customization agreement, and the Content of Communication between different sending and receiving ends differs greatly, the grammer of different application layer protocol, semanteme
It is entirely different, it is difficult to use a set of unified resolver and it is parsed, therefore lacks general application layer protocol parsing on the market
Method.
The content of the invention
The present invention solves the technical problem of a kind of general procotol analytic method is provided, main flow is disclosure satisfy that
Application layer protocol, by protocol analysis requirement, can instruct combined adjuster with generally applicable property, test equipment, simulator to grind
System.
In order to solve the above technical problems, one aspect of the present invention is:A kind of general procotol is provided
Analytic method, mainly comprises the following steps:
First, user, based on procotol meta-model, sets up systematic difference layer first according to the application layer protocol of real system
Netprotocol model, defines the parameter of each message model;
2nd, after the completion of typing, click on and preserve, the model of typing is arrived into internal memory and file according to the form storage of multi-level tree structure
In;
3rd, it is input into certain network message to the method;
4th, after the method obtains the message, automatic analytical algorithm is dispatched, matches the corresponding protocol model of the message, and according to mould
The parameter of type is parsed to each field of message successively, obtains the corresponding physical meaning of the field;
5th, the result of parsing is fed back to by user based on syntax tree.
Preferably, the message model parameter in step one includes start byte, field length, the field of each data field
Type, floating type mark and precision.
Preferably, the field type includes:Numeric type, enumeration type, bit segment type, digit group type.
Preferably, the semantic meta-model of procotol is made up of following element:Message protocol, message field (MFLD), array, bit
Section, enumerate.
Preferably, described message field (MFLD) includes:Field name, first byte position, byte length, field type, resolution
Rate, floating type mark;Described array includes:Array dimension, array size, element length;Described bit section includes:Field
Title, the first position, bit length, field type;It is described enumerate including:Enumeration element and enumerated value.
Preferably, the field type includes:Value Types, bit section, enumerate, array, nested structure body;The floating type
Mark includes:Floating type, non-floating type;The byte length is divided into:1、2、4、8.
Preferably, the array dimension<5 dimensions;The array size< 100;The element length is divided into:1、2、4、8.
Preferably, bit section bit length sum/8<The length of message field (MFLD);The field type is divided into:Value Types,
Enumerate.
Preferably, all enumeration element titles must be unified under same enumerated variable.
Preferably, operation carrier uses common computer, and the computer carries network interface card.
The beneficial effects of the invention are as follows:1)The semantic meta-model of definition description application layer protocol;2)Define network application association
The modeling standard and specification of view;3)Combat system digitalized network application layer protocol model is described based on " tree " structure;4)It is based on
The method that semantic meta-model design agreement is parsed automatically;By checking, the inventive method can meet mainstream applications layer association, pass through
Protocol analysis requirement, can instruct the development of the combined adjuster with generally applicable property, test equipment, simulator.
Brief description of the drawings
Fig. 1 is a kind of algorithm principle figure of the general preferred embodiment of procotol analytic method one of the present invention;
Fig. 2 is shown network message semanteme meta-model graph of a relation;
Fig. 3 is shown syntax tree representation figure.
Specific embodiment
Presently preferred embodiments of the present invention is described in detail below in conjunction with the accompanying drawings, so that advantages and features of the invention energy
It is easier to be readily appreciated by one skilled in the art, apparent is clearly defined so as to be made to protection scope of the present invention.
Fig. 1 is referred to, the embodiment of the present invention includes:
A kind of general procotol analytic method, mainly comprises the following steps:
First, user, based on procotol meta-model, sets up systematic difference layer first according to the application layer protocol of real system
Netprotocol model, defines the parameter of each message model;
2nd, after the completion of typing, click on and preserve, the model of typing is arrived into internal memory and file according to the form storage of multi-level tree structure
In;
3rd, it is input into certain network message to the method;
4th, after the method obtains the message, automatic analytical algorithm is dispatched, matches the corresponding protocol model of the message, and according to mould
The parameter of type is parsed to each field of message successively, obtains the corresponding physical meaning of the field;
5th, the result of parsing is fed back to by user based on syntax tree.
It is as shown in Figure 2 network message semanteme meta-model diagram, network message semanteme meta-model is made up of following element:
Its syntax tree representation is as shown in Figure 3.
Further, automatic analytical algorithm comprises the following steps:
First, according to certain digitalized network message format, the message protocol model is set up;
2nd, it is input into certain digitalized network message;
3rd, based on syntax tree, message is decomposed in first byte position and message length according to each message field (MFLD) in protocol model
It is some message field (MFLD)s, puts into message field (MFLD) chained list;
4th, message field (MFLD) chained list is traveled through successively, and real data and message field (MFLD) type according to the field carry out following solution
Analysis work:
A) numeric type:If numeric type, then the length of the field is judged, if 1 byte, then unsteady state operation is char types, if
It is 2 bytes, then unsteady state operation is short types;If 4 bytes, then floating-point mark is judged, if not floating type, then unsteady state operation
It is int types, is otherwise converted to float types;If 8 bytes, then floating-point mark is judged, if not floating type, then unsteady state operation
It is long long, is otherwise converted to double types;Then the numerical value after conversion is multiplied by resolution ratio, the result of calculation is this
The practical significance of field;
B) enumerate:Then by message protocol cutting it is enumerated field according to message protocol model if enumeration type, and by the field reality
Border data are matched with enumerated value, if the match is successful, using enumeration element as analysis result, otherwise return to field parsing
Failure;
C) special type is compared:If than special type, will according to message protocol model by message protocol cutting be bit field, then to each
Bit field, if Value Types, then parses according to a) step;If enumeration type, then parsed according to b) step;
D) array:If digit group type, dimension, size and the unit for obtaining the array from message protocol analytic modell analytical model first are long
Degree, then for each unit of array, is parsed according to numeric type.
Embodiments of the invention are the foregoing is only, the scope of the claims of the invention is not thereby limited, it is every to utilize this hair
Equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of general procotol analytic method, it is characterised in that mainly comprise the following steps:
First, user, based on procotol meta-model, sets up systematic difference layer first according to the application layer protocol of real system
Netprotocol model, defines the parameter of each message model;
2nd, after the completion of typing, click on and preserve, the model of typing is arrived into internal memory and file according to the form storage of multi-level tree structure
In;
3rd, it is input into certain network message to the method;
4th, after the method obtains the message, automatic analytical algorithm is dispatched, matches the corresponding protocol model of the message, and according to mould
The parameter of type is parsed to each field of message successively, obtains the corresponding physical meaning of the field;
5th, the result of parsing is fed back to by user based on syntax tree.
2. a kind of general procotol analytic method according to claim 1, it is characterised in that the message in step one
Model parameter includes start byte, field length, field type, floating type mark and the precision of each data field.
3. a kind of general procotol analytic method according to claim 2, it is characterised in that the field type bag
Include:Numeric type, enumeration type, bit segment type, digit group type.
4. a kind of general procotol analytic method according to claim 1, it is characterised in that the semanteme of procotol
Meta-model is made up of following element:Message protocol, message field (MFLD), array, bit section, enumerate.
5. a kind of general procotol analytic method according to claim 4, it is characterised in that described message field (MFLD)
Including:Field name, first byte position, byte length, field type, resolution ratio, floating type mark;Described array includes:
Array dimension, array size, element length;Described bit section includes:Field name, the first position, bit length, field type;
It is described enumerate including:Enumeration element and enumerated value.
6. a kind of general procotol analytic method according to claim 5, it is characterised in that the field type bag
Include:Value Types, bit section, enumerate, array, nested structure body;The floating type mark includes:Floating type, non-floating type;It is described
Byte length is divided into:1、2、4、8.
7. a kind of general procotol analytic method according to claim 5, it is characterised in that the array dimension<
5 dimensions;The array size< 100;The element length is divided into:1、2、4、8.
8. a kind of general procotol analytic method according to claim 5, it is characterised in that the bit section bit length
Sum/8<The length of message field (MFLD);The field type is divided into:Value Types, enumerate.
9. a kind of general procotol analytic method according to claim 5, it is characterised in that under same enumerated variable
All enumeration element titles must be unified.
10. a kind of general procotol analytic method according to claim 1, it is characterised in that operation carrier is used
Common computer, the computer carries network interface card.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710059727.0A CN106713357A (en) | 2017-01-24 | 2017-01-24 | Universal network protocol analysis method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710059727.0A CN106713357A (en) | 2017-01-24 | 2017-01-24 | Universal network protocol analysis method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106713357A true CN106713357A (en) | 2017-05-24 |
Family
ID=58910218
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710059727.0A Pending CN106713357A (en) | 2017-01-24 | 2017-01-24 | Universal network protocol analysis method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106713357A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107370753A (en) * | 2017-08-23 | 2017-11-21 | 上海斐讯数据通信技术有限公司 | A kind of data pack protocol parses field processing method and system |
| CN107704606A (en) * | 2017-10-17 | 2018-02-16 | 南京茂毓通软件科技有限公司 | The general abstracting method of instant chat protocol element based on customized label language |
| CN107864199A (en) * | 2017-11-07 | 2018-03-30 | 山东网智物联网科技有限公司 | The realization device of Internet of Things communication means, device and Internet of Things Network Communication |
| CN108933784A (en) * | 2018-06-26 | 2018-12-04 | 北京威努特技术有限公司 | A kind of statement of industry control protocol-decoding rule and optimization coding/decoding method |
| CN109474582A (en) * | 2018-10-25 | 2019-03-15 | 北京轩宇信息技术有限公司 | A kind of processing method and processing device emulating embedded system data communication protocol |
| CN110266702A (en) * | 2019-06-25 | 2019-09-20 | 上海电气泰雷兹交通自动化系统有限公司 | Wireshark protocol analysis method based on XML |
| CN111541697A (en) * | 2020-04-24 | 2020-08-14 | 卡斯柯信号有限公司 | On-line communication method based on protocol configuration |
| CN112118232A (en) * | 2020-08-25 | 2020-12-22 | 通号城市轨道交通技术有限公司 | Message protocol analysis method and device |
| CN112511551A (en) * | 2020-12-08 | 2021-03-16 | 中国船舶重工集团公司第七一六研究所 | Communication application layer protocol analysis method and system for multiple types of data streams |
| CN114979309A (en) * | 2022-05-18 | 2022-08-30 | 中国电子科技集团公司第二十八研究所 | Method for supporting random access and processing of networked target data |
| CN115190190A (en) * | 2022-08-03 | 2022-10-14 | 国网湖南省电力有限公司 | Pre-analysis method and pre-analysis system of power Internet of things protocol |
| WO2024086973A1 (en) * | 2022-10-24 | 2024-05-02 | 华为技术有限公司 | Data processing method and apparatus, and intelligent driving device |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040083299A1 (en) * | 1999-06-30 | 2004-04-29 | Dietz Russell S. | Method and apparatus for monitoring traffic in a network |
| CN101145982A (en) * | 2007-10-29 | 2008-03-19 | 广州复旦奥特科技股份有限公司 | A general gateway design method based on object model and protocol dynamic component configuration |
| CN101282362A (en) * | 2008-05-13 | 2008-10-08 | 中兴通讯股份有限公司 | Method and apparatus for detecting depth packet |
| CN101707608A (en) * | 2009-11-27 | 2010-05-12 | 成都市华为赛门铁克科技有限公司 | Method and device for automatically testing application layer protocol |
| CN102231675A (en) * | 2011-06-23 | 2011-11-02 | 中国电子科技集团公司第三十四研究所 | Protocol adaptation network element and using method thereof in communication sub-network |
| CN103067276A (en) * | 2012-12-31 | 2013-04-24 | 华为技术有限公司 | Equipment and method based on application layer protocol selection link |
| CN103139315A (en) * | 2013-03-26 | 2013-06-05 | 烽火通信科技股份有限公司 | Application layer protocol analysis method suitable for home gateway |
| CN103326849A (en) * | 2012-12-14 | 2013-09-25 | 无锡华御信息技术有限公司 | Internet of Things secure transmission method |
-
2017
- 2017-01-24 CN CN201710059727.0A patent/CN106713357A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040083299A1 (en) * | 1999-06-30 | 2004-04-29 | Dietz Russell S. | Method and apparatus for monitoring traffic in a network |
| CN101145982A (en) * | 2007-10-29 | 2008-03-19 | 广州复旦奥特科技股份有限公司 | A general gateway design method based on object model and protocol dynamic component configuration |
| CN101282362A (en) * | 2008-05-13 | 2008-10-08 | 中兴通讯股份有限公司 | Method and apparatus for detecting depth packet |
| CN101707608A (en) * | 2009-11-27 | 2010-05-12 | 成都市华为赛门铁克科技有限公司 | Method and device for automatically testing application layer protocol |
| CN102231675A (en) * | 2011-06-23 | 2011-11-02 | 中国电子科技集团公司第三十四研究所 | Protocol adaptation network element and using method thereof in communication sub-network |
| CN103326849A (en) * | 2012-12-14 | 2013-09-25 | 无锡华御信息技术有限公司 | Internet of Things secure transmission method |
| CN103067276A (en) * | 2012-12-31 | 2013-04-24 | 华为技术有限公司 | Equipment and method based on application layer protocol selection link |
| CN103139315A (en) * | 2013-03-26 | 2013-06-05 | 烽火通信科技股份有限公司 | Application layer protocol analysis method suitable for home gateway |
Non-Patent Citations (2)
| Title |
|---|
| 张玮: "基于协议分析的网络流量监测系统研究与开发", 《中国优秀硕士学位论文全文数据库(电子期刊)》 * |
| 李军等: "一种应用层协议解析加速算法", 《一种应用层协议解析加速算法》 * |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107370753A (en) * | 2017-08-23 | 2017-11-21 | 上海斐讯数据通信技术有限公司 | A kind of data pack protocol parses field processing method and system |
| CN107704606B (en) * | 2017-10-17 | 2021-01-08 | 南京茂毓通软件科技有限公司 | Universal extraction method for instant chat protocol elements based on custom tag language |
| CN107704606A (en) * | 2017-10-17 | 2018-02-16 | 南京茂毓通软件科技有限公司 | The general abstracting method of instant chat protocol element based on customized label language |
| CN107864199A (en) * | 2017-11-07 | 2018-03-30 | 山东网智物联网科技有限公司 | The realization device of Internet of Things communication means, device and Internet of Things Network Communication |
| CN108933784A (en) * | 2018-06-26 | 2018-12-04 | 北京威努特技术有限公司 | A kind of statement of industry control protocol-decoding rule and optimization coding/decoding method |
| CN108933784B (en) * | 2018-06-26 | 2021-02-09 | 北京威努特技术有限公司 | Industrial control protocol decoding rule expression and optimized decoding method |
| CN109474582A (en) * | 2018-10-25 | 2019-03-15 | 北京轩宇信息技术有限公司 | A kind of processing method and processing device emulating embedded system data communication protocol |
| CN110266702A (en) * | 2019-06-25 | 2019-09-20 | 上海电气泰雷兹交通自动化系统有限公司 | Wireshark protocol analysis method based on XML |
| CN111541697A (en) * | 2020-04-24 | 2020-08-14 | 卡斯柯信号有限公司 | On-line communication method based on protocol configuration |
| CN112118232A (en) * | 2020-08-25 | 2020-12-22 | 通号城市轨道交通技术有限公司 | Message protocol analysis method and device |
| CN112118232B (en) * | 2020-08-25 | 2022-10-18 | 通号城市轨道交通技术有限公司 | Message protocol analysis method and device |
| CN112511551A (en) * | 2020-12-08 | 2021-03-16 | 中国船舶重工集团公司第七一六研究所 | Communication application layer protocol analysis method and system for multiple types of data streams |
| CN112511551B (en) * | 2020-12-08 | 2022-03-22 | 中国船舶重工集团公司第七一六研究所 | Communication application layer protocol analysis method and system for multiple types of data streams |
| CN114979309A (en) * | 2022-05-18 | 2022-08-30 | 中国电子科技集团公司第二十八研究所 | Method for supporting random access and processing of networked target data |
| CN114979309B (en) * | 2022-05-18 | 2023-08-18 | 中国电子科技集团公司第二十八研究所 | Method for supporting random access and processing of networked target data |
| CN115190190A (en) * | 2022-08-03 | 2022-10-14 | 国网湖南省电力有限公司 | Pre-analysis method and pre-analysis system of power Internet of things protocol |
| CN115190190B (en) * | 2022-08-03 | 2023-09-26 | 国网湖南省电力有限公司 | Pre-analysis method and pre-analysis system for electric power Internet of things protocol |
| WO2024086973A1 (en) * | 2022-10-24 | 2024-05-02 | 华为技术有限公司 | Data processing method and apparatus, and intelligent driving device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106713357A (en) | Universal network protocol analysis method | |
| CN104503816B (en) | A kind of hardware language VHDL to MSVL automated conversion system | |
| CN100483419C (en) | Data format verification method and device | |
| Garlan et al. | Acme: An architecture description interchange language | |
| Groth et al. | PROV-overview | |
| CN105335570B (en) | A method of netlist comparison is carried out based on component pin connection relation | |
| CN102012954B (en) | Subsystem integration method and subsystem integration system for integration design of system-on-chip | |
| CN104239073B (en) | Data maintenance system rapid prototyping development system and method | |
| CN107783967A (en) | Technology for the document translation of automation | |
| CN102880468B (en) | Code intelligent prompting method and system for electronic control unit (ECU) program development | |
| CN104461531B (en) | A kind of implementation method of reporting system SQL | |
| CN109768970A (en) | It is a kind of based on configurable puppy parc generation method | |
| CN103425497B (en) | The method and apparatus that a kind of network engineering script is changed across producer | |
| CN109753492A (en) | A kind of system constituting method and device based on metadata configurations | |
| CN109948213A (en) | A kind of synergy emulation method and device based on FMI standard | |
| CN103593335A (en) | Chinese semantic proofreading method based on ontology consistency verification and reasoning | |
| CN109460219A (en) | The method of rapid serial Interface Control File | |
| CN102779321A (en) | Method and device used for verifying message and based on integrated Ethernet chip (IEC) 61968 message type definition | |
| CN109032860A (en) | A kind of ARINC429 bus general purpose simulation system and emulation mode | |
| CN103902269A (en) | System and method for generating MIB files through XML files | |
| CN109471624A (en) | Data sharing model control system and data framework generation method based on GOSAA | |
| CN108460068A (en) | Method, apparatus, storage medium and the terminal that report imports and exports | |
| CN104750866B (en) | Method and system based on flush type WEB server dynamic generation menu bar | |
| CN102023859A (en) | Digital development environment-oriented software integration method with reliability, maintainability and supportability | |
| CN103810292A (en) | Method and device for configuring graphical interface |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170524 |
|
| RJ01 | Rejection of invention patent application after publication |