CN102739473A - Network detecting method using intelligent network card - Google Patents
Network detecting method using intelligent network card Download PDFInfo
- Publication number
- CN102739473A CN102739473A CN2012102364709A CN201210236470A CN102739473A CN 102739473 A CN102739473 A CN 102739473A CN 2012102364709 A CN2012102364709 A CN 2012102364709A CN 201210236470 A CN201210236470 A CN 201210236470A CN 102739473 A CN102739473 A CN 102739473A
- Authority
- CN
- China
- Prior art keywords
- intelligent network
- data
- network adapter
- module
- action
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a network detecting method using an intelligent network card, wherein the intelligent network card is serially connected with an exit of a local network or a small industry network, and stores an ACL (access control list) rule; a quintuple group ACL (access control list) rule of a server end is transmitted to an intelligent network card storing module by a network card management module firstly, then the intelligent network card receives network data and performs stream reverting treatment to the data; in a data processing module of the intelligent network card, the treated message is matched with the existing ACL (access control list) rule in the storing module, and corresponding actions of discarding, transmitting, marking, massage transmitting or log transmitting are adopted. According to the method, analysis and detection actions for the network data by the server is delivered to the intelligent network card for treating, so that the load of the background server CPU (central processing unit) is reduced effectively, and meanwhile, a plurality of standard compatible interfaces are provided, thereby enabling the existing associated network processing program to use the intelligent network card in seamless manner, and further developing the advantages of the intelligent network card on the analysis and detection of the network data. The method is suitable for various situations such as network detection.
Description
Technical field
The present invention relates to the network measuring application, especially a kind of network measuring method of application intelligent network interface card.
Background technology
In local area network (LAN) or small-scale intranet net, ARP deception, IP spoofing, false IP, IP fragmentation, false MAC, super large Ping bag, format error data, the frequency of giving out a contract for a project a series of Intranets such as agreement virus such as exceed standard are attacked and can both be caused phenomenons such as Intranet goes offline, clamping stagnation.These Intranets are attacked ubiquity in network.Detection method commonly used is that the network measuring software on the background server scans the IP bag content of the subnet of coming in and going out, and according to feature string sensitive information is mated, thereby whether the judgment data bag is legal information.This network measuring method has increased the weight of the burden of background server CPU undoubtedly, has reduced systematic function, and when the network peak value occurred, application program can't fast processing receive data, the consequence that causes network card data to abandon; Simultaneously, when the invador splits into a plurality of IP fragmentation with sensitive information, detect software and can't from single IP bag, parse invalid information.
Summary of the invention
The objective of the invention is in local area network (LAN) or the small-scale intranet network measuring; Adopt the software on the background server that the network information that network interface card receives is detected; The burden of existing background server CPU is heavy, and systematic function is poor, and application program can't fast processing receive data; Network card data is prone to the problem that abandons and can't from IP fragmentation, detect invalid information; For the effectively control and the propagation of prevention flame, the leakage of confidential information, complete carries out the Web content detection to local area network (LAN) or small-scale intranet information, proposes a kind of network measuring method of intelligent network adapter.Said intelligent network adapter carries out IP fragmentation reorganization and the reorganization of TCP stream to the data that receive; According to the acl rule of storage and the DPI function that has the network data of importing server into is carried out preliminary treatment then; Directly on intelligent network adapter, network attack bags such as agreement virus are tackled and controlled, detection range is extended to the portal of local area network (LAN) or small-scale intranet, realizes analysis and measuring ability to network data; And alleviated server CPU burden, improved systematic function.
Technical scheme of the present invention is:
A kind of network measuring method of application intelligent network interface card is stored acl rule in the described intelligent network adapter, and the network measuring method may further comprise the steps:
A, employing network interface card administration module are issued to the five-tuple acl rule of server end in the intelligent network adapter memory module;
B, intelligent network adapter receiving network data, and the data that receive are carried out IP fragmentation reorganization and the reorganization of TCP stream;
C, in the data processing module of intelligent network adapter, existing acl rule in message that receives and the memory module is mated, and takes to abandon accordingly, transparent transmission, labels, sends message or send the action of daily record.
Intelligent network adapter of the present invention comprises memory module, data processing module and data transmit-receive module; Memory module is used to store acl rule; Data transmit-receive module is used to realize Data Receiving and the transmission of intelligent network adapter to network; The coupling of IP fragmentation reorganization and TCP stream reorganization back and existing acl rule is carried out the message that receives in the data processing module realization; Data processing module links to each other with the respective signal end of memory module, data transmit-receive module;
Described server end configuration network interface card administration module and intelligent network adapter driver module; The network interface card administration module is used to realize the operation to interpolation, deletion and the query function of intelligent network adapter acl rule; The intelligent network adapter driver module is used to realize Data Receiving and the transmission of intelligent network adapter to server end.
Intelligent network adapter of the present invention also comprises the DPI module, is used for the deep layer bag that receives data is detected.
Intelligent network adapter of the present invention provides multiple standards or special-purpose DLL, with the open server end upper layer software (applications) of giving of the function of intelligent network adapter network data analysis, detection.
Among the step C of the present invention:
If adopt and abandon action, intelligent network adapter is ignored the message that employing abandons action according to acl rule;
If adopt the transparent transmission action; The data designated message that adopts the transparent transmission action is uploaded to background server in the homogeneous turbulence buffering; The different threads of upper layer software (applications) reading of data from the stream of correspondence buffering more then, and send to data in the data queue of a plurality of threads and go;
If adopt the action that labels, intelligent network adapter requires the message that hits rule is carried out mark according to acl rule, and with its end that uploads onto the server;
Send the message action if adopt, intelligent network adapter sends the message that has the TCP sign according to the acl rule action of coupling.
Send diary action if adopt, intelligent network adapter sends the daily record message to log server according to the acl rule action of coupling.
Five-tuple of the present invention is meant: the destination slogan of the protocol number of source IP address, purpose IP address, IP, the source port number of TCP/UDP, TCP/UDP.
Beneficial effect of the present invention:
The network measuring method of intelligent network adapter of the present invention; This method is given the intelligent network adapter processing with server to the analysis and the detection action of network data; Directly on intelligent network adapter, the network attack bag is tackled and controlled, detection range is extended to the least significant end of network, improves the management to business; Make network controlled, can manage, can prevent, and can reduce background server CPU burden effectively; Simultaneously; Provide and comprised multiple standards compatibility interfaces such as self-defining special purpose interface and libpcap, libnet, libnids; Can let the seamless use intelligent network adapter of existing network of relation handling procedure; Functions such as bag analysis are caught in realization to network packet, further bring into play the advantage of intelligent network adapter to the analysis and the detection of network data, and this method can be used for multiple places such as network measuring.
Description of drawings
Fig. 1 is intelligent network adapter data analysis of the present invention and detection sketch map.
Embodiment
Below in conjunction with accompanying drawing and embodiment the present invention is further described.
As shown in Figure 1, a kind of network measuring method of intelligent network adapter is stored acl rule in the described intelligent network adapter, and the network measuring method may further comprise the steps:
A, employing network interface card administration module are issued to the five-tuple acl rule of server end in the intelligent network adapter memory module;
B, intelligent network adapter receiving network data, and the data that receive are carried out IP fragmentation reorganization and the reorganization of TCP stream;
C, in the data processing module of intelligent network adapter, existing acl rule in message that receives and the memory module is mated, and takes to abandon accordingly, transparent transmission, labels, sends message or send the action of daily record;
If adopt and abandon action, intelligent network adapter is ignored the message that employing abandons action according to acl rule;
If adopt the transparent transmission action; The data designated message that adopts the transparent transmission action is uploaded to background server in the homogeneous turbulence buffering; The different threads of upper layer software (applications) reading of data from the stream of correspondence buffering more then, and send to data in the data queue of a plurality of threads and go;
If adopt the action that labels, intelligent network adapter requires the message that hits rule is carried out mark according to acl rule, and with its end that uploads onto the server;
Send the message action if adopt, intelligent network adapter sends the message that has the TCP sign according to the acl rule action of coupling.
Send diary action if adopt, intelligent network adapter sends the daily record message to log server according to the acl rule action of coupling.
Intelligent network adapter of the present invention comprises memory module, data processing module and data transmit-receive module; Memory module is used to store acl rule; Data transmit-receive module is used to realize Data Receiving and the transmission of intelligent network adapter to network; The coupling of IP fragmentation reorganization and TCP stream reorganization back and existing acl rule is carried out the message that receives in the data processing module realization; Data processing module links to each other with the respective signal end of memory module, data transmit-receive module;
Server end configuration network interface card administration module of the present invention and intelligent network adapter driver module; The network interface card administration module is used to realize the operation to interpolation, deletion and the query function of intelligent network adapter acl rule; The intelligent network adapter driver module is used to realize Data Receiving and the transmission of intelligent network adapter to server end.
Intelligent network adapter of the present invention also comprises detection module, is used for the deep layer bag that receives data is detected.The deep layer bag detects the not only content of layer below 4 of analyzing IP bag, comprises source address, destination address, source port, destination interface and protocol type, but also has increased application layer analysis, discerns various application and content thereof.
Intelligent network adapter of the present invention provides multiple standards or special-purpose DLL, with the open server end upper layer software (applications) of giving of the function of intelligent network adapter network data analysis, detection.
During practical implementation:
A kind of network measuring method of intelligent network adapter; Intelligent network adapter can carry out IP fragmentation reorganization and the reorganization of TCP stream to the IP bag that receives according to existing algorithm; Come the resolution data bag according to basic agreement such as the IP of TCP/IP protocol suite, TCP, UDP and port numbers then, thereby judge network information flow, the route of process, the size of packet, the content of packet or the like information.
Intelligent network adapter inside provides receiving the deep layer bag measuring ability of data.
Intelligent network adapter drives at user's space and has customized a cover network interface card management tool, realizes the operations such as interpolation, deletion and query function to the intelligent network adapter acl rule.Said method comprises the steps:
In step 101, the network interface card management tool that the user uses intelligent network adapter to provide is issued to the five-tuple acl rule in the intelligent network adapter internal memory.Five-tuple is meant: the destination slogan of the protocol number of source IP address, purpose IP address, IP, the source port number of TCP/UDP, TCP/UDP.
In step 103, intelligent network adapter is the message that receives and regular coupling, and takes to abandon, transparent transmission, labels, sends message, sends actions such as daily record;
In step 104, intelligent network adapter is ignored the message that employing abandons action according to acl rule;
In step 105, the data designated message that adopts the transparent transmission action is uploaded to background server, and is distributed to data in the data queue of the thread that needs and goes;
Can require to send the message (step 106) that has the TCP sign according to acl rule;
Can send the daily record message to log server (step 107) according to the acl rule action of coupling;
Said intelligent network adapter has encapsulated the api interface function of standard in the server user space; The function of maximized open intelligent network adapter; Simultaneously; Support to multiple standards compatibility interfaces such as libpcap, libnet, libnids further is provided, has realized the use intelligent network adapter that existing network of relation handling procedure is seamless.
Functions such as the IP fragmentation reorganization that utilizes intelligent network adapter of instrument maximizings such as the special purpose interface of use intelligent network adapter or libpcap, libnet, libnids, tcp data reorganization, acl rule filtration, DPI realize the preliminary treatment of packets such as outer of data capture processing, filtration treatment and construction data bag.
When utilizing the network interface card DLL to realize that intelligent network adapter is caught packet function, intelligent network adapter sends to data in each thread of multithreading processing server through the requirement of network interface card interface according to load balancing according to the data preliminary treatment requirement of server end uniformly.When utilizing the network interface card DLL to realize the intelligent network adapter filtering function, the rule that issues according to NIC driver is carried out transparent transmission, action such as is abandoned and carry out according to rule qualified data flow.
The present invention does not relate to all identical with the prior art prior art that maybe can adopt of part and realizes.
Claims (8)
1. the network measuring method of an application intelligent network interface card is characterized in that described intelligent network adapter is serially connected with local area network (LAN) or small-scale intranet exit, and all packets are done transparent transmission, simultaneously to by way of flow analyze and detect.
2. according to the network measuring method of right 1 described application intelligent network interface card, it is characterized in that:
Described intelligent network adapter comprises memory module, data processing module and data transmit-receive module; Memory module is used to store acl rule; Data transmit-receive module is used to realize Data Receiving and the transmission of intelligent network adapter to network; The coupling of IP fragmentation reorganization and TCP stream reorganization back and existing acl rule is carried out the message that receives in the data processing module realization;
Described server end configuration network interface card administration module and intelligent network adapter driver module; The network interface card administration module is used to realize the operation to interpolation, deletion and the query function of intelligent network adapter acl rule; The intelligent network adapter driver module is used to realize Data Receiving and the transmission of intelligent network adapter to server end.
3. according to the network measuring method of right 1 described application intelligent network interface card, it is characterized in that may further comprise the steps:
A, employing network interface card administration module are issued to the five-tuple acl rule of server end in the intelligent network adapter memory module;
B, intelligent network adapter receiving network data, and the data that receive are carried out IP fragmentation reorganization and the reorganization of TCP stream;
C, in the data processing module of intelligent network adapter, will mate through existing acl rule in the message of overcurrent reduction and the memory module, and take to abandon accordingly, transparent transmission, label, send the action of message or transmission daily record.
4. according to the network measuring method of right 3 described application intelligent network interface cards, it is characterized in that described five-tuple is meant: the destination slogan of the protocol number of source IP address, purpose IP address, IP, the source port number of TCP/UDP, TCP/UDP.
5. according to the network measuring method of right 3 described application intelligent network interface cards, it is characterized in that intelligent network adapter is done protocal analysis and fragment reorganization to the IP packet that receives, and then does the protocol status analysis of TCP layer and the splicing of packet.
6. according to the network measuring method of right 3 described application intelligent network interface cards, it is characterized in that, among the step C:
If adopt and abandon action, intelligent network adapter is ignored the message that employing abandons action according to acl rule;
If adopt the transparent transmission action; The data designated message that adopts the transparent transmission action is uploaded to background server in the homogeneous turbulence buffering; The different threads of upper layer software (applications) reading of data from the stream of correspondence buffering more then, and send to data in the data queue of a plurality of threads and go;
If adopt the action that labels, intelligent network adapter requires the message that hits rule is carried out mark according to acl rule, and with its end that uploads onto the server;
Send the message action if adopt, intelligent network adapter sends the message that has the TCP sign according to the acl rule action of coupling;
Send diary action if adopt, intelligent network adapter sends the daily record message to log server according to the acl rule action of coupling.
7. according to the network measuring method of right 3 described application intelligent network interface cards, it is characterized in that described intelligent network adapter also comprises the DPI module, be used for the deep layer bag that receives data is detected.
8. according to the network measuring method of right 3 described application intelligent network interface cards; It is characterized in that; Said intelligent network adapter provides multiple standards or special-purpose DLL; With the open server end upper layer software (applications) of giving of the function of intelligent network adapter network data analysis, detection, upper layer software (applications) can be caught bag analysis to the data of the portal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210236470.9A CN102739473B (en) | 2012-07-09 | 2012-07-09 | Network detecting method using intelligent network card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210236470.9A CN102739473B (en) | 2012-07-09 | 2012-07-09 | Network detecting method using intelligent network card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102739473A true CN102739473A (en) | 2012-10-17 |
| CN102739473B CN102739473B (en) | 2015-06-24 |
Family
ID=46994302
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210236470.9A Active CN102739473B (en) | 2012-07-09 | 2012-07-09 | Network detecting method using intelligent network card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102739473B (en) |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102904730A (en) * | 2012-10-26 | 2013-01-30 | 曙光信息产业(北京)有限公司 | Intelligent acceleration network card capable of filtering and picking traffic according to protocol, port and IP address |
| CN103856362A (en) * | 2012-11-29 | 2014-06-11 | 腾讯科技(深圳)有限公司 | Terminal application test method and terminal |
| CN103873356A (en) * | 2012-12-11 | 2014-06-18 | 中国电信股份有限公司 | Household gateway based application identification method and system, and household gateway |
| CN104639335A (en) * | 2015-01-30 | 2015-05-20 | 国家计算机网络与信息安全管理中心 | Secondary development system and secondary development method driven by intelligent network card |
| CN105337976A (en) * | 2015-11-06 | 2016-02-17 | 西安交大捷普网络科技有限公司 | Real-time high-efficiency database audit realization method |
| CN108200092A (en) * | 2018-02-08 | 2018-06-22 | 赛特斯信息科技股份有限公司 | Accelerate the method and system of message ACL matching treatments based on NFV technologies |
| CN109005194A (en) * | 2018-09-04 | 2018-12-14 | 厦门安胜网络科技有限公司 | Portless shadow communication means and computer storage medium based on KCP agreement |
| CN110944023A (en) * | 2019-12-31 | 2020-03-31 | 联想(北京)有限公司 | Network security management equipment and network security management method |
| CN111064714A (en) * | 2019-11-29 | 2020-04-24 | 苏州浪潮智能科技有限公司 | Intelligent network card ACL updating device based on FPGA |
| CN111064750A (en) * | 2019-12-31 | 2020-04-24 | 苏州浪潮智能科技有限公司 | Network message control method and device of data center |
| CN111541726A (en) * | 2020-07-08 | 2020-08-14 | 支付宝(杭州)信息技术有限公司 | Replay transaction identification method and device based on block chain all-in-one machine |
| CN111555973A (en) * | 2020-04-28 | 2020-08-18 | 深圳震有科技股份有限公司 | Data packet forwarding method and device based on 5G data forwarding plane |
| CN112769804A (en) * | 2020-12-31 | 2021-05-07 | 北京恒光信息技术股份有限公司 | Internet security supervision method, system, computer equipment and readable storage medium |
| CN113360740A (en) * | 2021-06-04 | 2021-09-07 | 上海天旦网络科技发展有限公司 | Data packet labeling method and system |
| CN113709135A (en) * | 2021-08-24 | 2021-11-26 | 杭州迪普科技股份有限公司 | SSL flow audit acquisition system and method |
| CN114666368A (en) * | 2022-03-28 | 2022-06-24 | 广东电网有限责任公司 | Access control method, device, equipment and storage medium of power internet of things |
| US11444783B2 (en) | 2020-07-08 | 2022-09-13 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for processing transactions based on blockchain integrated station |
| US11463553B2 (en) | 2020-07-08 | 2022-10-04 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for identifying to-be-filtered transaction based on blockchain integrated station |
| US11665234B2 (en) | 2020-07-08 | 2023-05-30 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for synchronizing data based on blockchain integrated station |
| CN116192419A (en) * | 2022-11-15 | 2023-05-30 | 中亿(深圳)信息科技有限公司 | Application program data safety protection method and device based on Internet of things card |
| CN116527586B (en) * | 2023-07-05 | 2023-09-19 | 北京亿赛通科技发展有限责任公司 | Series proxy system based on multilink load balancing network |
| US11783339B2 (en) | 2020-07-08 | 2023-10-10 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for transferring transaction based on blockchain integrated station |
| WO2023236858A1 (en) * | 2022-06-06 | 2023-12-14 | 华为技术有限公司 | Flow table rule management method, traffic management method and system, and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1480857A (en) * | 2003-06-05 | 2004-03-10 | 中国科学院计算技术研究所 | Intelligent kilomega ethernet card with dual optical ports |
| CN101350840A (en) * | 2007-07-17 | 2009-01-21 | 中兴通讯股份有限公司 | Ethernet data acquisition network card and Ethernet data acquisition method |
| CN101582880A (en) * | 2008-05-14 | 2009-11-18 | 北京启明星辰信息技术股份有限公司 | Method and system for filtering messages based on audited object |
| US8037175B1 (en) * | 2006-05-12 | 2011-10-11 | Juniper Networks, Inc. | Network device having service card for intercept and monitoring of packet flows |
-
2012
- 2012-07-09 CN CN201210236470.9A patent/CN102739473B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1480857A (en) * | 2003-06-05 | 2004-03-10 | 中国科学院计算技术研究所 | Intelligent kilomega ethernet card with dual optical ports |
| US8037175B1 (en) * | 2006-05-12 | 2011-10-11 | Juniper Networks, Inc. | Network device having service card for intercept and monitoring of packet flows |
| CN101350840A (en) * | 2007-07-17 | 2009-01-21 | 中兴通讯股份有限公司 | Ethernet data acquisition network card and Ethernet data acquisition method |
| CN101582880A (en) * | 2008-05-14 | 2009-11-18 | 北京启明星辰信息技术股份有限公司 | Method and system for filtering messages based on audited object |
Cited By (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102904730A (en) * | 2012-10-26 | 2013-01-30 | 曙光信息产业(北京)有限公司 | Intelligent acceleration network card capable of filtering and picking traffic according to protocol, port and IP address |
| CN103856362A (en) * | 2012-11-29 | 2014-06-11 | 腾讯科技(深圳)有限公司 | Terminal application test method and terminal |
| CN103873356A (en) * | 2012-12-11 | 2014-06-18 | 中国电信股份有限公司 | Household gateway based application identification method and system, and household gateway |
| CN103873356B (en) * | 2012-12-11 | 2018-02-02 | 中国电信股份有限公司 | Application and identification method, system and home gateway based on home gateway |
| CN104639335A (en) * | 2015-01-30 | 2015-05-20 | 国家计算机网络与信息安全管理中心 | Secondary development system and secondary development method driven by intelligent network card |
| CN104639335B (en) * | 2015-01-30 | 2018-03-09 | 国家计算机网络与信息安全管理中心 | The second development system and its method of intelligent network adapter driving |
| CN105337976A (en) * | 2015-11-06 | 2016-02-17 | 西安交大捷普网络科技有限公司 | Real-time high-efficiency database audit realization method |
| CN108200092A (en) * | 2018-02-08 | 2018-06-22 | 赛特斯信息科技股份有限公司 | Accelerate the method and system of message ACL matching treatments based on NFV technologies |
| CN109005194B (en) * | 2018-09-04 | 2020-10-27 | 厦门安胜网络科技有限公司 | No-port shadow communication method based on KCP protocol and computer storage medium |
| CN109005194A (en) * | 2018-09-04 | 2018-12-14 | 厦门安胜网络科技有限公司 | Portless shadow communication means and computer storage medium based on KCP agreement |
| CN111064714A (en) * | 2019-11-29 | 2020-04-24 | 苏州浪潮智能科技有限公司 | Intelligent network card ACL updating device based on FPGA |
| CN111064750A (en) * | 2019-12-31 | 2020-04-24 | 苏州浪潮智能科技有限公司 | Network message control method and device of data center |
| CN110944023A (en) * | 2019-12-31 | 2020-03-31 | 联想(北京)有限公司 | Network security management equipment and network security management method |
| CN111555973A (en) * | 2020-04-28 | 2020-08-18 | 深圳震有科技股份有限公司 | Data packet forwarding method and device based on 5G data forwarding plane |
| US11336660B2 (en) | 2020-07-08 | 2022-05-17 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for identifying replay transaction based on blockchain integrated station |
| US11783339B2 (en) | 2020-07-08 | 2023-10-10 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for transferring transaction based on blockchain integrated station |
| CN111541726A (en) * | 2020-07-08 | 2020-08-14 | 支付宝(杭州)信息技术有限公司 | Replay transaction identification method and device based on block chain all-in-one machine |
| US11444783B2 (en) | 2020-07-08 | 2022-09-13 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for processing transactions based on blockchain integrated station |
| US11463553B2 (en) | 2020-07-08 | 2022-10-04 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for identifying to-be-filtered transaction based on blockchain integrated station |
| US11665234B2 (en) | 2020-07-08 | 2023-05-30 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and apparatuses for synchronizing data based on blockchain integrated station |
| CN112769804A (en) * | 2020-12-31 | 2021-05-07 | 北京恒光信息技术股份有限公司 | Internet security supervision method, system, computer equipment and readable storage medium |
| CN113360740A (en) * | 2021-06-04 | 2021-09-07 | 上海天旦网络科技发展有限公司 | Data packet labeling method and system |
| CN113709135A (en) * | 2021-08-24 | 2021-11-26 | 杭州迪普科技股份有限公司 | SSL flow audit acquisition system and method |
| CN113709135B (en) * | 2021-08-24 | 2023-02-07 | 杭州迪普科技股份有限公司 | SSL flow audit acquisition system and method |
| CN114666368A (en) * | 2022-03-28 | 2022-06-24 | 广东电网有限责任公司 | Access control method, device, equipment and storage medium of power internet of things |
| CN114666368B (en) * | 2022-03-28 | 2024-01-30 | 广东电网有限责任公司 | Access control method, device, equipment and storage medium of electric power Internet of things |
| WO2023236858A1 (en) * | 2022-06-06 | 2023-12-14 | 华为技术有限公司 | Flow table rule management method, traffic management method and system, and storage medium |
| CN116192419B (en) * | 2022-11-15 | 2023-09-26 | 中亿(深圳)信息科技有限公司 | Application program data safety protection method and device based on Internet of things card |
| CN116192419A (en) * | 2022-11-15 | 2023-05-30 | 中亿(深圳)信息科技有限公司 | Application program data safety protection method and device based on Internet of things card |
| CN116527586B (en) * | 2023-07-05 | 2023-09-19 | 北京亿赛通科技发展有限责任公司 | Series proxy system based on multilink load balancing network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102739473B (en) | 2015-06-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102739473A (en) | Network detecting method using intelligent network card | |
| CN103929334B (en) | Network Abnormal Notification Method and device | |
| CN105337991B (en) | A kind of integrated message flow is searched and update method | |
| Santiago del Rio et al. | Wire-speed statistical classification of network traffic on commodity hardware | |
| CN107181738A (en) | A kind of software implementation intruding detection system and method | |
| CN102801659B (en) | A kind of security gateway implementation method based on Flow Policy and device | |
| US9866639B2 (en) | Communication apparatus, information processor, communication method, and computer-readable storage medium | |
| CN103607399A (en) | Special IP network safety monitor system and method based on hidden network | |
| Xing et al. | Research on the defense against ARP spoofing attacks based on Winpcap | |
| CN102904730A (en) | Intelligent acceleration network card capable of filtering and picking traffic according to protocol, port and IP address | |
| US9961147B2 (en) | Communication apparatus, information processor, communication method, and computer-readable storage medium | |
| CN103617142B (en) | A kind of express network collecting method based on pf_ring | |
| CN106789728A (en) | A kind of voip traffic real-time identification method based on NetFPGA | |
| CN107040405A (en) | Passive type various dimensions main frame Fingerprint Model construction method and its device under network environment | |
| CN106850547A (en) | A kind of data restoration method and system based on http protocol | |
| CN103685222A (en) | A data matching detection method based on a determinacy finite state automation | |
| CN103746869A (en) | Data/mask and regular expression combined multistage deep packet detection method | |
| CN102098291A (en) | FPGA (Field Programmable Gate Array)-based network security log processing method and device | |
| CN103607350B (en) | Method and device for generating route | |
| CN103441952A (en) | Network data package processing method based on multi-core or many-core embedded processor | |
| Wellem et al. | A hardware-accelerated infrastructure for flexible sketch-based network traffic monitoring | |
| CN102497372A (en) | System and method based on Internet protocol (IP) message destination port filtering strategy | |
| CN105282102B (en) | Data flow processing method and system and IPv6 data processing equipment | |
| Xiaoguang et al. | Packet capture and protocol analysis based on Winpcap | |
| KR100864889B1 (en) | Device and method for tcp stateful packet filter |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB03 | Change of inventor or designer information |
Inventor after: Zhou Li Inventor after: Dai Li Inventor after: Lu Song Inventor after: Zou Cuan Inventor after: Wang Lidong Inventor after: Zhang Xiaoming Inventor after: Wang Weicheng Inventor after: Wang Yong Inventor after: Sun Hao Inventor after: Yan Wei Inventor before: Wang Lidong Inventor before: Sun Bo Inventor before: Yan Hanbing Inventor before: Yuan Chunyang Inventor before: Zhang Xiaoming Inventor before: Dai Li Inventor before: Sun Hao Inventor before: Yan Wei |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: INVENTOR; FROM: WANG LIDONG SUN BO YAN HANBING YUAN CHUNYANG ZHANG XIAOMING DAI LI SUN HAOYAN WEI TO: ZHOU LI LU SONG ZOU XIN WANG LIDONG ZHANG XIAOMING WANG WEISHENG WANG YONG SUN HAO YAN WEI DAI LI |
|
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: Yuhuatai District of Nanjing City, Jiangsu province 210012 Bauhinia Road No. 68 Applicant after: Nanjing Sinovatio Technology LLC Applicant after: State Computer Network and Information Safety Management Center Address before: Yuhuatai District of Nanjing City, Jiangsu province 210012 Bauhinia Road No. 68 Applicant before: Nanjing Zhongxing Special Software Co., Ltd. Applicant before: State Computer Network and Information Safety Management Center |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: APPLICANT; FROM: NANJING ZHONGXING SPECIAL SOFTWARE CO., LTD. TO: NANJING SINOVATIO TECHNOLOGY LLC |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee | ||
| CP02 | Change in the address of a patent holder |
Address after: 210012 Yuhuatai, Jiangsu province tulip Road, No. 17, No. Patentee after: Nanjing Sinovatio Technology LLC Patentee after: State Computer Network and Information Safety Management Center Address before: Yuhuatai District of Nanjing City, Jiangsu province 210012 Bauhinia Road No. 68 Patentee before: Nanjing Sinovatio Technology LLC Patentee before: State Computer Network and Information Safety Management Center |