CN103095604A - System and method for identifying specific application of home network - Google Patents
System and method for identifying specific application of home network Download PDFInfo
- Publication number
- CN103095604A CN103095604A CN2013100018890A CN201310001889A CN103095604A CN 103095604 A CN103095604 A CN 103095604A CN 2013100018890 A CN2013100018890 A CN 2013100018890A CN 201310001889 A CN201310001889 A CN 201310001889A CN 103095604 A CN103095604 A CN 103095604A
- Authority
- CN
- China
- Prior art keywords
- flow
- identification
- concrete
- gateway
- application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A system for identifying specific application of home network comprises a gateway and a background system, wherein the gateway is provided with a first internal memory, a first flow identifying module and a first communication module; the background system is provided with a second internal memory, a second flow identifying module and a second communication module; the first communication module and the second communication module are used for setting up communication connection between the gateway and the background system; the gateway is used for using the first flow identifying module to preliminarily identify corresponding specific application of flow after receiving the flow according to information stored in the first internal memory; and the background system is used for using the second flow identifying module to identify the flow which cannot be identified by the gateway according to information stored in the second internal memory. The invention further provides a method for identifying specific application of the home network. The system and the method for identifying specific application of the home network adopt a multilevel identifying mode and have high identifying efficiency.
Description
Technical field
The present invention relates to network and communication technical field, but the particularly concrete system and method for using of a kind of Real time identification home network.
Background technology
Along with the fast development of telecommunications industry and the raising of people's living standard, and to the demand of acquisition of information, number of broadband customers increases rapidly.Be accompanied by the fast development of broadband access, broad band value-added service is also in continuous growth.People have also had very large demand to video and HD video, video communication, shopping online etc. on the basis of original browsing page.
But the growth along with broad band value-added service; the situation that often can exist a plurality of intelligent terminals and a plurality of application (as video request program, biography screen, web page browsing etc.) to carry out simultaneously in home network environment; but due to limited bandwidth; often the problem of a plurality of application bandwidth-hoggings can occur, thereby have a strong impact on user's experience impression.And will address this problem, need to identify the concrete application in home network, then carry out QoS(Quality of Service, service quality for different application according to the priority level that sets in advance) arrange, thus solve the band-limited problem of seizing.
Summary of the invention
In view of this, the invention provides a kind of concrete system that uses of home network and concrete method of using of identification home network identified.
The concrete system that uses of identification home network provided by the invention comprises gateway and background system.Gateway has the first internal memory, first flow identification module and first communication module.Background system has the second internal memory, the second flow identification module and second communication module.First communication module and second communication module are used for establishing a communications link between gateway and background system.Gateway is used for utilizing the first flow identification module tentatively to identify concrete application corresponding to flow according to the information of the first memory storage after receiving flow.Background system is used for utilizing the second flow identification module according to the flow of the information identification gateway None-identified of the second memory storage.
According to one embodiment of present invention, the information of the first memory storage comprises the first application result table, the information that stores in the second internal memory comprises the second application result table, the second application result table comprises a plurality of the first information corresponding to application result table, the first flow identification module is crossed the concrete application of the preliminary identification of inquiry the first application result table according to the five-tuple information exchange of flow, and the second flow identification module is crossed the further concrete application of identification of inquiry the second application result table according to the five-tuple information exchange of flow.
According to one embodiment of present invention, the information of the second memory storage also comprises the recognition rule table, and the second flow identification module is also according to the fixation features value in the heading of flow and the concrete application of recognition rule table identification.
According to one embodiment of present invention, background system also comprises timer, and the second flow identification module also carries out the correlated characteristic statistics of the flow of some cycles, and timer is informed the second flow identification module after measurement period finishes.
According to one embodiment of present invention, background system also comprises database, and the second flow identification module is charged to recognition result in the second internal memory and database when identifying concrete application.
According to one embodiment of present invention, background system also comprises initialization module, and initialization module is used for when background system starts, timer, the second internal memory being carried out initialization, and the data in database are synchronized in the second internal memory.
The concrete method of using of identification home network provided by the present invention comprises: utilize gateway to receive flow; Utilize concrete application of first flow identification module identification preliminary according to the information of the first memory storage; Utilize gateway that the flow of None-identified is sent to background system; Utilize the second flow identification module according to the flow of the information identification gateway None-identified of the second memory storage.
According to one embodiment of present invention, the first flow identification module is crossed the concrete application of the preliminary identification of the first application result table of inquiry the first memory storage according to the five-tuple information exchange of flow; The second flow identification module crosses according to the five-tuple information exchange of flow the flow that the second application result table of inquiring about the second memory storage is further identified the gateway None-identified, and the second application result table comprises a plurality of the first information corresponding to application result table.
According to one embodiment of present invention, described method also comprises: utilize the second flow identification module according to the concrete application of recognition rule table identification of the fixation features value in the heading of flow and the second memory storage.
According to one embodiment of present invention, described method also comprises: utilize the second flow identification module to carry out the correlated characteristic statistics of the flow of some cycles, and finish the rear concrete application of statistical nature contrast recognition rule table identification according to flow at measurement period.
To sum up, the present invention adopts the mode of multi-level identification, utilize gateway to flow corresponding concrete application tentatively identify, and utilize background system to continue the flow of identification gateway None-identified, can greatly improve the recognition efficiency of application; And, the present invention in identifying be mainly the five-tuple information according to flow, the fixation features value in heading etc. more than transport layer correlated characteristic and the statistical nature of flow flow is identified, do not need the application layer of flow is unpacked, thereby can further improve the recognition efficiency of application, and the impact that not whether encrypted by message.
Above-mentioned explanation is only the general introduction of technical solution of the present invention, for can clearer understanding technological means of the present invention, and can be implemented according to the content of specification, and for above and other purpose of the present invention, feature and advantage can be become apparent, below especially exemplified by preferred embodiment, and the cooperation accompanying drawing, be described in detail as follows.
Description of drawings
Figure 1 shows that the present invention identifies the schematic diagram of the concrete system that uses of home network.
Figure 2 shows that the present invention identifies the FB(flow block) of the concrete method of using of home network
Embodiment
Reach for further setting forth the present invention technological means and the effect that predetermined goal of the invention is taked, below in conjunction with accompanying drawing and preferred embodiment, the concrete system that uses of identification home network and concrete its embodiment of method, structure, feature and the effect thereof of using of identification home network to foundation the present invention proposes are described in detail as follows.
Figure 1 shows that the present invention identifies the schematic diagram of the concrete system that uses of home network.As shown in Figure 1, the system 100 of the concrete application of identification home network of the present invention comprises gateway 110 and background system 120.Described gateway 110 comprises the first internal memory 111, first flow identification module 112 and first communication module 113.Described background system 120 comprises the second internal memory 121, the second flow identification module 122, second communication module 123, database 124, timer 125, initialization module 126 and web page server 127.
Store the first application result table in described the first internal memory 111.Store the five-tuple information (comprising source IP/ source port, purpose IP/ destination interface, protocol type) and the concrete corresponding relation of using of flow in described the first application result table.Described first flow identification module 112 extracts the five-tuple information of flow after gateway 110 is received flow, according to the concrete application of five-tuple information inquiry the first application result table with preliminary identification correspondence.Described first communication module 113 is used for the flow of gateway 110 None-identifieds is sent to background system 120, and carries out heartbeat message regularly with background system 120 and confirm alternately, guarantees communication connection normally between gateway 110 and background system 120.
Described second communication module 123 is used for receiving the flow that first communication module 113 transmits, and sends it to the second flow identification module 122.Store the second application result table in described the second internal memory 121, described the second application result table comprises the information that the first application result table of a plurality of gateways 110 of communicating by letter with background system 120 is corresponding.Described the second flow identification module 122 is according to the five-tuple information inquiry second application result table of flow, with the flow of identification gateway 110 None-identifieds.If according to the second application result table above-mentioned flow of None-identified also, the second flow identification module 122 is also according to the recognition rule table of the fixation features value in the heading of the flow that receives (as port numbers, IP address etc.) inquiry the second internal memory 121 interior storages, store fixation features value and the concrete corresponding relation of using in the heading of flow in described recognition rule table, the second flow identification module 122 can be identified the flow of None-identified according to the fixation features value in the heading of flow.If according to the above-mentioned flow of None-identified also of the fixation features value in the heading of flow, the second flow identification module 122 also carries out the statistics of the correlated characteristic (as above downlink message is counted ratio, the up-downgoing message size compares etc.) of some cycles to above-mentioned flow, also store the statistical nature and the concrete corresponding relation of using of flow in described recognition rule table, make the second flow identification module 122 finish rear statistical nature according to flow and the concrete application of recognition rule table identification at measurement period.
Described the second flow identification module 122 is also charged to recognition result in the second internal memory 121 and database 124 when identifying concrete application.Particularly, described the second flow identification module 122 is when the five-tuple information according to flow identifies concrete application, recognition result is charged in the second application result table and database 124, and when the statistical nature according to the fixation features value in the heading of flow and flow identifies concrete application, recognition result is charged in recognition rule table and database 124.Described second communication module 123 also can be synchronized to recognition result the first internal memory 111 of gateway 110 when the second flow identification module 122 identifies concrete application in.
Described initialization module 126 is used for when background system 120 starts, system resource (as timer 125, the second internal memory 121 etc.) being carried out initialization, and the data in database 124 are synchronized in the second internal memory 121.Described timer 125 has clocking capability, and informs that after measurement period finishes the second flow identification module 122 carries out flow identification according to the traffic statistics feature; Described timer 125 also can be worked with other module cooperative of background system 120, if do not receive the corresponding flow of using in certain hour (can arrange according to need, be defaulted as 30 seconds) after flow identification is completed, this application of apprizing system finishes.Described web page server 127 is used for supporting graphic user interface (Graphical User Interface, be called for short GUI, claim again graphical user interface), so that graphic user interface can show the recognition result of concrete application, and can carry out the setting of relevant parameter (as measurement period, application result table, recognition rule table etc.).
Figure 2 shows that the present invention identifies the FB(flow block) of the concrete method of using of home network.As shown in Figure 2, the concrete method of using of identification home network of the present invention comprises:
Step S201: utilize the flow that gateway 110 carries out to receive and forward, and when forwarding, it is copied portion and send to first flow identification module 112;
Step S202: utilize first flow identification module 112 to extract the five-tuple information (comprising source IP/ source port, purpose IP/ destination interface, protocol type) of flow, according to five-tuple information inquiry the first application result table with concrete application corresponding to preliminary identification flow, if can inquire concrete application corresponding to this flow in the first application result table, finish identification process, otherwise continue next flow process;
Step S203: utilize first communication module 113 that the flow of gateway 110 None-identifieds is sent to background system 120;
Step S204: background system 120 utilizes second communication module 123 to receive flow;
Step S205: utilize the second flow identification module 122 according to the five-tuple information inquiry second application result table of flow, flow with identification gateway 110 None-identifieds, if the result of finding, by second communication module 123 and first communication module 113, recognition result is sent to gateway 110, be stored in the first internal memory 111; If the result of can not find out is carried out next step flow process;
Step S206: utilize the second flow identification module 122 according to the fixation features value in the heading of the flow that receives (as port numbers, IP address etc.) inquiry recognition rule table, continue the flow of identification preceding step None-identified according to the fixation features value in the heading of flow; If can identify concrete application, recognition result is charged in the second internal memory 121 and database 124 simultaneously, and by second communication module 123 and first communication module 113, recognition result is sent to gateway 110, be stored in the first internal memory 111; If None-identified goes out concrete application, carry out next step flow process;
Step S207: utilize the flow of 122 pairs of preceding step None-identifieds of the second flow identification module to carry out the statistics of the correlated characteristic (as above downlink message count ratio, up-downgoing message size compare etc.) of some cycles, and after measurement period finishes according to statistical nature and the concrete application of recognition rule table identification of flow; If can identify concrete application, recognition result is charged in the second internal memory 121 and database 124 simultaneously, and by second communication module 123 and first communication module 113, recognition result is sent to gateway 110, be stored in the first internal memory 111; If go out concrete application according to existing regular None-identified, need to finish whole flow process, and carry out by another way the identification of flow.
In sum, the present invention adopts the mode of multi-level identification, utilizes concrete application corresponding to 110 pairs of flows of gateway tentatively to identify, and utilizes background system 120 to continue the flow of identification gateway 110 None-identifieds, can greatly improve the recognition efficiency of application; And, the present invention in identifying be mainly the five-tuple information according to flow, the fixation features value in heading etc. more than transport layer correlated characteristic and the statistical nature of flow flow is identified, do not need the application layer of flow is unpacked, thereby can further improve the recognition efficiency of application, and the impact that not whether encrypted by message.
the above, it is only preferred embodiment of the present invention, be not that the present invention is done any pro forma restriction, although the present invention discloses as above with preferred embodiment, yet be not to limit the present invention, any those skilled in the art, within not breaking away from the technical solution of the present invention scope, when the technology contents that can utilize above-mentioned announcement is made a little change or is modified to the equivalent embodiment of equivalent variations, in every case be not break away from the technical solution of the present invention content, any simple modification that foundation technical spirit of the present invention is done above embodiment, equivalent variations and modification, all still belong in the scope of technical solution of the present invention.
Claims (10)
1. identify the system that home network is specifically used for one kind, comprise gateway and background system, it is characterized in that, described gateway has the first internal memory, first flow identification module and first communication module, described background system has the second internal memory, the second flow identification module and second communication module, described first communication module and second communication module are used for establishing a communications link between gateway and background system, described gateway is used for utilizing the first flow identification module tentatively to identify concrete application corresponding to flow according to the information of the first memory storage after receiving flow, described background system is used for utilizing the second flow identification module according to the flow of the information identification gateway None-identified of the second memory storage.
2. the identification home network as claimed in claim 1 concrete system that uses, it is characterized in that, the information of described the first memory storage comprises the first application result table, the information that stores in described the second internal memory comprises the second application result table, described the second application result table comprises a plurality of the first information corresponding to application result table, described first flow identification module is crossed the concrete application of the preliminary identification of inquiry the first application result table according to the five-tuple information exchange of flow, described the second flow identification module is crossed the further concrete application of identification of inquiry the second application result table according to the five-tuple information exchange of flow.
3. the identification home network as claimed in claim 2 concrete system that uses, it is characterized in that, the information of described the second memory storage also comprises the recognition rule table, and described the second flow identification module is also according to the fixation features value in the heading of flow and the concrete application of recognition rule table identification.
4. identification home network as described in any one in the claim 1-3 concrete system that uses, it is characterized in that, described background system also comprises timer, described the second flow identification module also carries out the correlated characteristic statistics of the flow of some cycles, and described timer is informed the second flow identification module after measurement period finishes.
5. the system of the concrete application of identification home network as claimed in claim 4, is characterized in that, described background system also comprises database, and described the second flow identification module is charged to recognition result in the second internal memory and database when identifying concrete application.
6. the identification home network as claimed in claim 5 concrete system that uses, it is characterized in that, described background system also comprises initialization module, described initialization module is used for when background system starts, timer, the second internal memory being carried out initialization, and the data in database are synchronized in the second internal memory.
7. identify the concrete method of using of home network for one kind, it is characterized in that, comprising:
Utilize gateway to receive flow;
Utilize concrete application of first flow identification module identification preliminary according to the information of the first memory storage;
Utilize gateway that the flow of None-identified is sent to background system;
Utilize the second flow identification module according to the flow of the information identification gateway None-identified of the second memory storage.
8. the concrete method of using of identification home network as claimed in claim 7, is characterized in that, described first flow identification module is crossed the concrete application of the preliminary identification of the first application result table of inquiry the first memory storage according to the five-tuple information exchange of flow; Described the second flow identification module crosses according to the five-tuple information exchange of flow the flow that the second application result table of inquiring about the second memory storage is further identified the gateway None-identified, and described the second application result table comprises a plurality of the first information corresponding to application result table.
9. the concrete method of using of identification home network as claimed in claim 8, is characterized in that, described method also comprises:
Utilize the second flow identification module according to the concrete application of recognition rule table identification of the fixation features value in the heading of flow and the second memory storage.
10. the concrete method of using of identification home network as claimed in claim 9, is characterized in that, described method also comprises:
Utilize the second flow identification module to carry out the correlated characteristic statistics of the flow of some cycles, and finish the rear concrete application of statistical nature contrast recognition rule table identification according to flow at measurement period.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013100018890A CN103095604A (en) | 2013-01-04 | 2013-01-04 | System and method for identifying specific application of home network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013100018890A CN103095604A (en) | 2013-01-04 | 2013-01-04 | System and method for identifying specific application of home network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103095604A true CN103095604A (en) | 2013-05-08 |
Family
ID=48207756
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013100018890A Pending CN103095604A (en) | 2013-01-04 | 2013-01-04 | System and method for identifying specific application of home network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103095604A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103986715A (en) * | 2014-05-21 | 2014-08-13 | 海信集团有限公司 | Network traffic control method and device |
| CN106209505A (en) * | 2016-06-29 | 2016-12-07 | 北京网康科技有限公司 | A kind of application identifies device and method, fire wall, server |
| CN106453147A (en) * | 2016-11-28 | 2017-02-22 | 北京小米移动软件有限公司 | Bandwidth allocation method, bandwidth allocation apparatus and electronic device |
| WO2017113900A1 (en) * | 2015-12-28 | 2017-07-06 | 华为技术有限公司 | Method and apparatus for identifying application information in network traffic |
| CN107888449A (en) * | 2017-11-15 | 2018-04-06 | 中国联合网络通信集团有限公司 | The recognition methods of type of service and the network equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101399749A (en) * | 2007-09-27 | 2009-04-01 | 华为技术有限公司 | Method, system and device for packet filtering |
| CN101414939A (en) * | 2008-11-28 | 2009-04-22 | 武汉虹旭信息技术有限责任公司 | Internet application recognition method based on dynamical depth package detection |
| CN102025636A (en) * | 2010-12-09 | 2011-04-20 | 北京星网锐捷网络技术有限公司 | Message feature processing method and device as well as network equipment |
| CN102075404A (en) * | 2009-11-19 | 2011-05-25 | 华为技术有限公司 | Message detection method and device |
| CN102164078A (en) * | 2011-03-25 | 2011-08-24 | 北京星网锐捷网络技术有限公司 | Policy routing method, device and system |
| CN102201982A (en) * | 2011-04-29 | 2011-09-28 | 北京网康科技有限公司 | Application identification method and equipment thereof |
-
2013
- 2013-01-04 CN CN2013100018890A patent/CN103095604A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101399749A (en) * | 2007-09-27 | 2009-04-01 | 华为技术有限公司 | Method, system and device for packet filtering |
| CN101414939A (en) * | 2008-11-28 | 2009-04-22 | 武汉虹旭信息技术有限责任公司 | Internet application recognition method based on dynamical depth package detection |
| CN102075404A (en) * | 2009-11-19 | 2011-05-25 | 华为技术有限公司 | Message detection method and device |
| CN102025636A (en) * | 2010-12-09 | 2011-04-20 | 北京星网锐捷网络技术有限公司 | Message feature processing method and device as well as network equipment |
| CN102164078A (en) * | 2011-03-25 | 2011-08-24 | 北京星网锐捷网络技术有限公司 | Policy routing method, device and system |
| CN102201982A (en) * | 2011-04-29 | 2011-09-28 | 北京网康科技有限公司 | Application identification method and equipment thereof |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103986715A (en) * | 2014-05-21 | 2014-08-13 | 海信集团有限公司 | Network traffic control method and device |
| CN103986715B (en) * | 2014-05-21 | 2017-10-03 | 海信集团有限公司 | A kind of method and device of control of network flow quantity |
| WO2017113900A1 (en) * | 2015-12-28 | 2017-07-06 | 华为技术有限公司 | Method and apparatus for identifying application information in network traffic |
| US11582188B2 (en) | 2015-12-28 | 2023-02-14 | Huawei Technologies Co., Ltd. | Method for identifying application information in network traffic, and apparatus |
| US11855967B2 (en) | 2015-12-28 | 2023-12-26 | Huawei Technologies Co., Ltd. | Method for identifying application information in network traffic, and apparatus |
| CN106209505A (en) * | 2016-06-29 | 2016-12-07 | 北京网康科技有限公司 | A kind of application identifies device and method, fire wall, server |
| CN106453147A (en) * | 2016-11-28 | 2017-02-22 | 北京小米移动软件有限公司 | Bandwidth allocation method, bandwidth allocation apparatus and electronic device |
| CN107888449A (en) * | 2017-11-15 | 2018-04-06 | 中国联合网络通信集团有限公司 | The recognition methods of type of service and the network equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103501486B (en) | A kind of information push method and push server | |
| EP2642815A1 (en) | Method for establishing and using public path and m2m communication method and system | |
| EP2887761A1 (en) | Verification method for the verification of a Connection Request from a Roaming Mobile Entity | |
| CN104486743A (en) | Method for user information correlation of XDR (external data representation) data of interfaces of core network | |
| CN103095604A (en) | System and method for identifying specific application of home network | |
| CN101577722A (en) | Method for realizing MAC forced forwarding function and device | |
| CN101990004A (en) | Method for distributing virtual ID and virtual IP based on home gateway of internet of things | |
| CN103973569A (en) | Data message forwarding method, customer premises equipment and system | |
| CN104270302B (en) | The transmission system of online order and transfer approach | |
| CN103095654A (en) | Virtual local area network (VLAN) configuration method, wireless access point and network control point | |
| CN101237332A (en) | Billing method, billing system and traffic statistical device | |
| CN102202281A (en) | Ticket processing method and system | |
| CN104468408A (en) | Method for adjusting dynamically service bandwidth and control center server | |
| CN109391661A (en) | The block chain network-building method and system of internet-of-things terminal | |
| CN102387083B (en) | Network access control method and system | |
| CN103067359A (en) | System and method based on connection multiplexing and capable of improving server concurrent processing capacity | |
| CN105207860A (en) | Business acceleration system and method | |
| CN103780483A (en) | Method, system and device for obtaining resource information of terminal device of Internet of Thingss | |
| CN105450997A (en) | Cloud storage based video monitoring system | |
| CN102413508A (en) | Control method for access of machine terminal to network, and device for the same | |
| CN103051738B (en) | A kind of dhcp address distribution method and system | |
| CN103796191A (en) | Method, device and terminal for sending data to user terminal | |
| CN103327129A (en) | Domain name analyticmethod for multi-WAN-port gateway device | |
| CN101175038A (en) | Data stream information transmission method, communication system and equipment | |
| US20230138558A1 (en) | Methods and systems for selecting a user plane function in a wireless communication network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130508 |