CN105071987B - Refined net path quality analysis method based on flow analysis - Google Patents

Refined net path quality analysis method based on flow analysis Download PDF

Info

Publication number
CN105071987B
CN105071987B CN201510448753.3A CN201510448753A CN105071987B CN 105071987 B CN105071987 B CN 105071987B CN 201510448753 A CN201510448753 A CN 201510448753A CN 105071987 B CN105071987 B CN 105071987B
Authority
CN
China
Prior art keywords
data packet
session
maxi
heads
packet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201510448753.3A
Other languages
Chinese (zh)
Other versions
CN105071987A (en
Inventor
吴世洲
赵强
黄鹂声
田晓霞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SICHUAN YINHAITIANYI INFORMATION TECHNOLOGY Co Ltd
COMPUTER APPLICATION INST CHINA ENGINEERING PHYSICS ACADEMY
Original Assignee
SICHUAN YINHAITIANYI INFORMATION TECHNOLOGY Co Ltd
COMPUTER APPLICATION INST CHINA ENGINEERING PHYSICS ACADEMY
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SICHUAN YINHAITIANYI INFORMATION TECHNOLOGY Co Ltd, COMPUTER APPLICATION INST CHINA ENGINEERING PHYSICS ACADEMY filed Critical SICHUAN YINHAITIANYI INFORMATION TECHNOLOGY Co Ltd
Priority to CN201510448753.3A priority Critical patent/CN105071987B/en
Publication of CN105071987A publication Critical patent/CN105071987A/en
Application granted granted Critical
Publication of CN105071987B publication Critical patent/CN105071987B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0823Errors, e.g. transmission errors
    • H04L43/0829Packet loss
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up

Abstract

The refined net path quality analysis method based on flow analysis that the invention discloses a kind of, including:A, the arbitrary intermediate node during selection encryption network communication is measurement point, acquires network flow;B, the encrypted data packet that measurement point receives is analyzed, obtain the source address on the heads IP, destination address, the heads IPsec SPI, above-mentioned triple determines a session.C, all data packets for analyzing same session count number of dropped packets according to the sequence number information in data packet IPsec protocol headers, finally calculate the packet loss index of whole link.This method can obtain the quality information in IPsec coded communications path by the encrypted data packets of analyzing IP sec.

Description

Refined net path quality analysis method based on flow analysis
Technical field
The present invention relates to network path quality analysis method technical fields, more precisely in refined net traffic conditions Under the refined net path quality analysis method based on flow analysis.
Background technology
Currently, domestic network coverage face constantly expands, while the average speed of network is also constantly promoted.For user For, it is meant that the quality of service of network is good.In most cases, network improves really, but this and not equal to user Online experience becomes good, as it is possible that encountering network congestion, causes the network performance of user's indirect abnormal.It rapidly to detect It has the failure caused by the factors such as network line, congestion, it, at present can be by measuring technique below come real by years of researches It is existing:
(1)Actively measure.By being influenced on network suffered by probe data packet by the analysis of occurrence features variation, network is obtained The parameters such as state and performance.Such as ICMP type data packets are sent, network round-trip time delay, packet loss and connectivity etc. can be obtained Parameter.If to network transmission data packet and transmission rate is continuously improved until network saturation, the maximum load of network can measure Ability.Actively measuring can be carried out by the intention of gauger, and the controllability of measurement process is relatively high, and operation is flexible, motor-driven.
(2)Using the means of flow analysis, the intermediate node in end to end network path acquires and analyzes flow.Such as: Publication No. CN102868576A, publication date are that Chinese patent literature disclosed in 9 days January in 2013 discloses a kind of broadband networks use Family access link downlink packet loss rate measurement method, including:A, the arbitrary intermediate node for choosing server end and client is to measure Point;B, the TCP message that client is issued to the server end that measurement point receives is analyzed, and counts TCP message header message, The sequence number and payload length information carried according to TCP message predicts the next TCP reports that will be received of measurement point Literary serial number;C, when next TCP message arrives, the TCP message serial number of arrival is compared with the TCP message serial number predicted, Judge whether the link that packet loss and packet loss occur is server side or client access link, then finally obtains user's The foundation of the performance indicators such as downlink packet loss index and time delay.This method can be in the arbitrary intermediate node acquisition user of local side and interconnection Communication flows between net is broadband networks by calculating the analysis of flow the downlink packet loss index of user's access link Operation, quality assurance, fault diagnosis provide supporting method.
However, with the rapid development of Internet, internet security problem also rises many network security protocol prevalences Come, IPsec agreements are exactly one of them.IPsec is IETF(Internet Engineering Task Force, Internet Engineering task force)IPsec groups establish one group of IP security protocol collection.IPsec defines the safety clothes used in network layer Business, function include data encryption, the access control to network element, data source address verification, data integrity inspection and prevent Only Replay Attack.
Above two is directed to the network path quality analysis method of public network for refined net, all no longer suitable With.The reason is as follows that:(1)Flow in refined net is by encryption.IPsec is the third layer for being operated in osi model Network security protocol, the loading section of IP data packets or entire data packet are encrypted by protocol requirement.Therefore, it is impossible to by dividing Transmission Control Protocol stem and load in IP data packets are analysed to obtain network path quality;(2)In refined net, in order to improve peace Quan Xing, the host in network often forbid various active measurement data packets, the ICMP generated such as ping orders.
Therefore, to the end-to-end path quality detection of refined net, there has been no good solutions at present.
Invention content
The present invention is directed to existing for the above-mentioned prior art defects and deficiency, provide a kind of adding based on flow analysis Close network path quality analysis method, this method can be realized by the analysis to the encrypted data packet headers of IPsec to network The calculating of end-to-end path packet loss, and then obtain the path quality of refined net.
The present invention is realized by using following technical proposals:
A kind of refined net path quality analysis method based on flow analysis, it is characterised in that steps are as follows:
A, arbitrary intermediate node during encryption network communication acquires network flow;
B, with AH agreements and the encrypted data packet of ESP agreements, in encrypted data packet the heads AH and the heads ESP carry out Analysis, and to session into line trace;
C, the sequence number in the heads AH and the heads ESP is extracted, packet loss is calculated.
In step A, the arbitrary intermediate node during the encryption network communication specifically refers to:Road in refined net By any position in the equipment connecting link such as device, interchanger, bridge.
The step B is specifically referred to:For with AH agreements and the encrypted data packet of ESP agreements, it is inserted into corresponding AH agreements With the head of ESP agreements, SPI fields are equipped in head for identifying an end-to-end session, using source IP address, Target IP The SPI fields three elements of location, the heads AH or the heads ESP are one per one kind as the classification foundation for identifying encrypted data packet Session is indicated with Si.
The step C is specifically referred to:With AH agreements and the encrypted data packet of ESP agreements, corresponding protocol headers are equipped with one A sequence-number field is used to identify the encrypted data packet of difference in same session, and often sends an encrypted data packet, Sequence number adds 1;Therefore, for an end-to-end session, it is only necessary to analyze all encrypted data that source is sent to destination The sequence number of packet, so that it may which to know which sequence number has arrived at, which sequence number has been lost, and the sequence number lost regards For a packet loss;For the encrypted data packet of each of same encryption session, in the heads AH or the heads ESP that check data packet Sequence-number field, and to determine whether there is packet loss compared with the sequence number of the previous data packet received.
It is described " for the encrypted data packet of each of same encryption session, in the heads AH or the heads ESP that check data packet Sequence-number field, and to determine whether there is packet loss compared with the sequence number of the previous data packet received " specific step Suddenly it is:
1)The encrypted data packet received is analyzed, the encrypted data packet is determined in the way of step B Affiliated session, and set the Serial No. P of the encrypted data packet;For session Si, multiple counter records its states is designed: COUNTi indicates that the data packet sum that the session Si is received, MISSi indicate the number of dropped packets of the session Si, and MAXi is as institute The maximum sequence number in data packet in session Si is stated, if the data packet received is not belonging to any already present session, COUNTi=0, MISSi=0, MAXi=P;Otherwise MISSi and COUNTi are determined by analyzing MAXi and P, point or less 3 kinds of feelings Condition:
(A)If packet loss does not occur in P=MAXi+1, data calculation formula is utilized:COUNTi=COUNTi+1, MAXi= P;
(B)If P>MAXi+1 then shows packet loss or Out-of-sequence packets occurred, temporarily all as packet loss processing:It calculates This number of dropped packets found is updated individual count device using following calculation formula:COUNTi=COUNTi+P-MAXi, MISSi=MISSi+P-MAXi-1, MAXi=P;
(C)If P<MAXi then shows that data packet occur transmits out-of-sequence, step(B)Out-of-sequence as once losing Packet, then need pair(B)In calculating data be adjusted, method of adjustment be MISSi=MISSi-1.
In above-mentioned analysis, the case where P=MAXi is not present, because MAXi indicates to have been received by the maximum sequence number of data packet, Sender can not possibly repeat to send the message of the same sequence number, it is impossible to receive the data of Serial No. MAXi again Packet.
2)Calculating the packet loss formula that some encrypts session is, calculate whole encrypted communications link Packet loss is
Compared with prior art, the advantageous effect of the invention reached is:Under IPsec refined net environment, using this " arbitrary intermediate node acquisition network flows of A. during encryption network communication of method;" can collect it is upper in link Row and all data packets of downlink.Meanwhile step A is the basis that step C calculates packet loss using data packet header sequence number.Using This method " B. analyzes the data packet header in refined net;" can effectively obtain in IPsec refined nets The key messages such as encryption type and the security strategy index that data packet uses, and then obtain the session belonging to encrypted data packet. Using " sequence number of C. extraction data packets, calculating packet loss of this method;" can according to the sequence number of encrypted data packet come The packet loss of each session in analyzing IP sec refined nets, and then obtain the path quality in refined net environment.
Description of the drawings
ESP and AH protocol headers involved in the present invention are made further specifically below in conjunction with Figure of description It is bright, wherein:
Fig. 1 is the data packet format schematic diagram for using AH agreements in a transmission mode;
Fig. 2 is the mode data packet schematic diagram that AH agreements are used under tunnel mode;
Fig. 3 is the data packet format schematic diagram for using ESP agreements in a transmission mode;
Fig. 4 is the mode data packet schematic diagram that ESP agreements are used under tunnel mode;
Fig. 5 is -1 ESP protocol header encapsulating structure schematic diagrames of code;
Fig. 6 is -2 AH protocol header encapsulating structure schematic diagrames of code.
Specific implementation mode
As the preferred forms of the present invention, content includes:End to end in IPsec refined nets, IPsec Consultation is using Encryption Algorithm to being verified, being encrypted from upper layer forward data packet, encapsulated again.Therefore, data packet can be utilized In IP headers analyze data packet.ESP agreements or AH agreements are either utilized, all can again be added before data packet One IP head --- external IP head.In the present invention, the source address of data packet external IP head, purpose are received by parsing measurement point SPI information in address and IPsec determines the affiliated session of the data packet.
The IPsec heads that IPsec cryptographic protocols are inserted into when being verified, being encrypted to data packet provide for the analysis of the present invention Foundation.There are one unidirectionally incremental Counter Values in consensus standard, it is specified that in IPsec(32 bit fields), for preventing Only Replay Attack.No matter whether recipient needs end to end, this field can be added in sender in the data packet of transmission. So in the encrypted networks of IPsec, the sequence number in the heads of the IPsec in the data packet can be analyzed to determine data packet Sum and packet loss.
The preferred plan of this technology:
It is measurement point that this patent, which chooses the arbitrary intermediate node during encryption network communication, during encryption network communication Arbitrary intermediate node specifically refer to:Arbitrary position in the equipment connecting links such as router, interchanger, bridge in refined net It sets.Acquire network flow;The encrypted data packet that measurement point receives is analyzed, source address, the purpose on the heads IP are obtained The SPI of address, the heads IPsec, above-mentioned triple determine a session.All data packets for analyzing same session, according to data The sequence number information in IPsec protocol headers is wrapped, number of dropped packets is counted, finally calculates the packet loss index of whole link.Specifically Steps are as follows:
Arbitrary intermediate node during encryption network communication acquires network flow, and the flow of uplink and downlink can It collects;
Data packet header in refined net is analyzed.With AH agreements and the encrypted data packet of ESP agreements, can insert Enter corresponding AH agreements and ESP protocol headers(As shown in the picture), have in head SPI fields for identify one it is end-to-end Session.This patent is using source IP address, target ip address, the SPI fields of AH or ESP protocol headers this three elements conducts as a result, It identifies that the classification foundation of data packet, all identical data packet of three elements are a session, is indicated with Si.
Trace analysis each encrypts all data packets that session Si is successively reached, and extracts the sequence number of data packet, calculating is lost Packet rate.With AH agreements and the encrypted data packet of ESP agreements, all there are one sequence-number fields for identifying together for corresponding protocol headers Different data packet in one session(As shown in the picture), and an encrypted data packet is often sent, sequence number adds 1;Therefore, right In an end-to-end session, flow analysis system only need trace analysis source be sent to destination all data packets sequence Number, so that it may to know which sequence number has arrived at, which sequence number has been lost, and the sequence number lost, which is considered as, once to be lost Packet.For the encrypted data packet of each of same encryption session, the sequence-number field in its head AH or the heads ESP is checked, and With compared with the sequence number of the previous data packet received to determine whether there is packet loss.Judge encryption session Si packet drops It comprises the concrete steps that:
The encrypted data packet received is analyzed, the affiliated session of the data packet is determined according to the method for step B, And set the Serial No. P of the data packet;For session Si, the data packet sum that the session is received is indicated using COUNTi, MISSi indicates the number of dropped packets of the session, and MAXi is as the maximum sequence number in data packet in the session.If the data packet received It is not belonging to any already present session, then COUNTi=0, MISSi=0, MAXi=P;Otherwise it is determined by analyzing MAXi and P MISSi and COUNTi, here will point 3 kinds of situation discussion:
If packet loss does not occur in P=MAXi+1, data calculation formula is utilized:COUNTi=COUNTi+1, MAXi=P;
If P>Then there is packet loss or data packet transmission delay in MAXi+1, then number of dropped packets is set as P-MAXi-1.According to calculating Formula:COUNTi=COUNTi+P-MAXi, MISSi=MISSi+P-MAXi-1, MAXi=P.
If P<, then there is data packet transmission delay in MAXi, then needs pair(B)In calculating data be adjusted, formula For MISSi=MISSi-1.
In above-mentioned analysis, the case where P=MAXi is not present, because MAXi indicates to have been received by the maximum sequence number of data packet, Sender can not possibly repeat to send the message of the same sequence number, it is impossible to receive the data of Serial No. MAXi again Packet.
Calculating the packet loss formula that some encrypts session is, calculate whole encrypted communications link Packet loss is

Claims (2)

1. a kind of refined net path quality analysis method based on flow analysis, it is characterised in that steps are as follows:
A, arbitrary intermediate node acquires network flow during encryption network communication;
B, with AH agreements and the encrypted data packet of ESP agreements, in encrypted data packet the heads AH and the heads ESP divide Analysis, and to session into line trace;
C, the sequence number in the heads AH and the heads ESP is extracted, packet loss is calculated;
The step B is specifically referred to:For with AH agreements and the encrypted data packet of ESP agreements, it is inserted into corresponding AH agreements and ESP The head of agreement is equipped with SPI fields in head for identifying an end-to-end session, using source IP address, target ip address, AH Classification foundation of the SPI fields three elements on head or the heads ESP as identification data packet, is a session per one kind, with Si tables Show;
The step C is specifically referred to:With AH agreements and the encrypted data packet of ESP agreements, corresponding protocol headers set that there are one sequences Row field is used to identify the different data packet in same session, and often sends an encrypted data packet, and sequence number adds 1; Therefore, for an end-to-end session, it is only necessary to analyze the sequence number that source is sent to all data packets of destination, so that it may with Know which sequence number has arrived at, which sequence number has been lost, and the sequence number lost is considered as a packet loss;For same One encryption each of session encrypted data packet, the heads AH for checking data packet or the sequence-number field in the heads ESP, and with it is preceding The sequence number of one data packet received compares to determine whether there is packet loss;
Described " for the encrypted data packet of each of same encryption session, the heads AH for checking data packet or the sequence in the heads ESP Row field, and to determine whether there is packet loss compared with the sequence number of the previous data packet received " comprises the concrete steps that:
1)The encrypted data packet received is analyzed, is determined in the way of step B belonging to the encrypted data packet Session, and set the Serial No. P of the data packet;For session Si, multiple counter records its states is designed:COUNTi indicates institute The data packet sum that session Si is received is stated, MISSi indicates the number of dropped packets of the session Si, and MAXi is as number in the session Si According to the maximum sequence number in packet, if the data packet received is not belonging to any already present session, COUNTi=0, MISSi=0, MAXi=P;Otherwise MISSi and COUNTi are determined by analyzing MAXi and P, point or less 3 kinds of situations:
(A)If packet loss does not occur in P=MAXi+1, data calculation formula is utilized:COUNTi=COUNTi+1, MAXi=P;
(B)If P>MAXi+1 then shows packet loss or Out-of-sequence packets occurred, temporarily all as packet loss processing:Calculate this It was found that number of dropped packets, individual count device is updated using following calculation formula:COUNTi=COUNTi+P-MAXi, MISSi= MISSi+P-MAXi-1, MAXi=P;
(C)If P<MAXi then shows that data packet occur transmits out-of-sequence, step(B)Out-of-sequence as a packet loss, then It needs pair(B)In calculating data be adjusted, method of adjustment be MISSi=MISSi-1;
2)Calculating the packet loss formula that some encrypts session is, calculate the packet loss of whole encrypted communications link Rate is
2. the refined net path quality analysis method according to claim 1 based on flow analysis, it is characterised in that:A In step, the arbitrary intermediate node during the encryption network communication specifically refers to:Router, exchange in refined net Any position in the equipment connecting link such as machine, bridge.
CN201510448753.3A 2015-07-28 2015-07-28 Refined net path quality analysis method based on flow analysis Expired - Fee Related CN105071987B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510448753.3A CN105071987B (en) 2015-07-28 2015-07-28 Refined net path quality analysis method based on flow analysis

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510448753.3A CN105071987B (en) 2015-07-28 2015-07-28 Refined net path quality analysis method based on flow analysis

Publications (2)

Publication Number Publication Date
CN105071987A CN105071987A (en) 2015-11-18
CN105071987B true CN105071987B (en) 2018-07-24

Family

ID=54501274

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510448753.3A Expired - Fee Related CN105071987B (en) 2015-07-28 2015-07-28 Refined net path quality analysis method based on flow analysis

Country Status (1)

Country Link
CN (1) CN105071987B (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10476673B2 (en) 2017-03-22 2019-11-12 Extrahop Networks, Inc. Managing session secrets for continuous packet capture systems
CN109428867B (en) * 2017-08-30 2020-08-25 华为技术有限公司 Message encryption and decryption method, network equipment and system
US9967292B1 (en) 2017-10-25 2018-05-08 Extrahop Networks, Inc. Inline secret sharing
US10389574B1 (en) 2018-02-07 2019-08-20 Extrahop Networks, Inc. Ranking alerts based on network monitoring
US10270794B1 (en) 2018-02-09 2019-04-23 Extrahop Networks, Inc. Detection of denial of service attacks
US10411978B1 (en) 2018-08-09 2019-09-10 Extrahop Networks, Inc. Correlating causes and effects associated with network activity
US10965702B2 (en) 2019-05-28 2021-03-30 Extrahop Networks, Inc. Detecting injection attacks using passive network monitoring
US10742530B1 (en) 2019-08-05 2020-08-11 Extrahop Networks, Inc. Correlating network traffic that crosses opaque endpoints
US11388072B2 (en) 2019-08-05 2022-07-12 Extrahop Networks, Inc. Correlating network traffic that crosses opaque endpoints
US10742677B1 (en) 2019-09-04 2020-08-11 Extrahop Networks, Inc. Automatic determination of user roles and asset types based on network monitoring
CN110932934B (en) * 2019-11-21 2021-07-13 中国联合网络通信集团有限公司 Network packet loss detection method and device
CN111526100B (en) * 2020-04-16 2021-08-24 中南大学 Cross-network traffic identification method and device based on dynamic identification and path hiding
US11463466B2 (en) 2020-09-23 2022-10-04 Extrahop Networks, Inc. Monitoring encrypted network traffic
EP4218212A1 (en) 2020-09-23 2023-08-02 ExtraHop Networks, Inc. Monitoring encrypted network traffic
US11349861B1 (en) 2021-06-18 2022-05-31 Extrahop Networks, Inc. Identifying network entities based on beaconing activity
US11296967B1 (en) 2021-09-23 2022-04-05 Extrahop Networks, Inc. Combining passive network analysis and active probing
US11843606B2 (en) 2022-03-30 2023-12-12 Extrahop Networks, Inc. Detecting abnormal data access based on data similarity

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101783715A (en) * 2009-11-19 2010-07-21 北京邮电大学 Method and system for monitoring packet loss rate of network
CN101854268A (en) * 2009-04-04 2010-10-06 华为技术有限公司 Method, device and system of IP (Internet Protocol) network performance measurement as well as method, device and system of IP network service quality control
CN102075427A (en) * 2011-01-18 2011-05-25 中兴通讯股份有限公司 Security association-based IPSec message processing method and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102171388B1 (en) * 2010-05-25 2020-10-30 헤드워터 리서치 엘엘씨 Device-assisted services for protecting network capacity

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101854268A (en) * 2009-04-04 2010-10-06 华为技术有限公司 Method, device and system of IP (Internet Protocol) network performance measurement as well as method, device and system of IP network service quality control
CN101783715A (en) * 2009-11-19 2010-07-21 北京邮电大学 Method and system for monitoring packet loss rate of network
CN102075427A (en) * 2011-01-18 2011-05-25 中兴通讯股份有限公司 Security association-based IPSec message processing method and device

Also Published As

Publication number Publication date
CN105071987A (en) 2015-11-18

Similar Documents

Publication Publication Date Title
CN105071987B (en) Refined net path quality analysis method based on flow analysis
US10355944B2 (en) Minimally invasive monitoring of path quality
TWI332159B (en) Method, system, analyser, router, and computer readable medium of detecting a distributed denial of service (ddos) attack in the internet
EP3693859B1 (en) Method and system of latency assessment in a packet data network
JP2008523769A (en) Light packet drop detection for ad hoc networks
EP2409460B1 (en) Path characterisation in networks
KR20130030086A (en) Method and apparatus for defending distributed denial of service attack through abnomal terminated session
EP3369213B1 (en) Performance measurement in a packet-switched communication network
US20140237327A1 (en) Method, apparatus and system for testing network under ipsec mechanism
CN114009089A (en) Estimating quality metrics for delay sensitive traffic flows in a communication network
WO2013055267A1 (en) Detection of load balancing across network paths in a communication network
US10623278B2 (en) Reactive mechanism for in-situ operation, administration, and maintenance traffic
JP6290849B2 (en) Traffic analysis system and traffic analysis method
WO2018214701A1 (en) Data message transmission method, network device, control device, and network system
Mazurczyk et al. On information hiding in retransmissions
CN104579788B (en) A kind of location of mistake method of distributed dynamic route network
Lin et al. MECPASS: Distributed denial of service defense architecture for mobile networks
CN108833430A (en) A kind of topological guard method of software defined network
Siregar et al. Implementation of network monitoring and packets capturing using random early detection (RED) method
JP5178573B2 (en) Communication system and communication method
Morton Round-trip packet loss metrics
Bellaiche et al. SYN flooding attack detection based on entropy computing
Mnisi et al. Active throughput estimation using RTT of differing ICMP packet sizes
JP2010233272A (en) Method and device for estimating tcp communication quality
JP5028202B2 (en) Control network system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180724

Termination date: 20210728

CF01 Termination of patent right due to non-payment of annual fee