CN105429996A - Method for intelligently finding and locating address translation equipment - Google Patents
Method for intelligently finding and locating address translation equipment Download PDFInfo
- Publication number
- CN105429996A CN105429996A CN201510940543.6A CN201510940543A CN105429996A CN 105429996 A CN105429996 A CN 105429996A CN 201510940543 A CN201510940543 A CN 201510940543A CN 105429996 A CN105429996 A CN 105429996A
- Authority
- CN
- China
- Prior art keywords
- equipment
- information
- net
- suspicious
- net equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/52—Network services specially adapted for the location of the user terminal
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for intelligently finding and locating address translation equipment. Monitoring equipment hardware bypasses on a core switch of a management and control network; a core monitoring program, a data analyzing program and an equipment scanning program are embedded in the monitoring equipment hardware; the core monitoring program is used for mirroring all communication data packets passing through the core switch to a local server in real time; the data analyzing program is used for unpacking the communication data packets mirrored to the local server, acquiring characteristic information and analyzing the IP address of suspicious NET equipment; and the equipment scanning program is used for independently scanning the suspicious NET equipment and directly obtaining information of the suspicious NET equipment. The method for intelligently finding and locating the address translation equipment disclosed by the invention has the function of independently finding the NET equipment; by means of characteristic modelling analysis and a similarity weighted algorithm, the high-efficiency controllability and the manageability of a network boundary can be realized; the network stability is improved; and the information security in a special network environment can be enhanced.
Description
[technical field]
The present invention relates to the technical field that dedicated network border control controls, particularly a kind of method of intelligence discovery and positioning address conversion equipment.
[background technology]
While the deep development and technological progress of network application, the network security threats such as unauthorized access, malicious attack, virus propagation are also more and more serious.More and more huger in scale, under the ad hoc network environment that structure becomes increasingly complex, a lot of user is equipment access or escape supervision conveniently, terminal computer is linked in the middle of management and control network privately by address-translating device (NET equipment), and unauthorized access intranet resources.And the network monitoring management means of present stage cannot find this type of access behavior timely and effectively, more cannot the terminal equipment of access be positioned and be controlled, and this unlawful practice changes whole topology of networks, whole network is made to be in imperfect supervision state, thus the situation of change of network boundary structure cannot be grasped in time, there is great potential safety hazard in intranet resources information, very easily brings adverse consequences.
In order to improve network security, strengthen the information security under ad hoc network environment, stop the problem of privately being built Webweb and unauthorized device access by NET equipment, Strengthening Management person is to the controllability on dedicated network border and pipe, and the automatic identification realized NET equipment and location, position, be necessary a kind of method proposing intelligence discovery and positioning address conversion equipment.
[summary of the invention]
The object of the invention is to overcome above-mentioned the deficiencies in the prior art, a kind of method of intelligence discovery and positioning address conversion equipment is provided, it is intended to solve NET equipment in prior art and privately builds Webweb and unauthorized device access, the controllability on dedicated network border and the poor technical problem of pipe.
For achieving the above object, the present invention proposes a kind of method of intelligence discovery and positioning address conversion equipment, it is based on bypass monitoring equipment hardware on management and control server switch, described monitoring equipment hardware inside embeds core monitoring facilities, DAP and device scan program, described core monitoring facilities will pass through all communication data packet mirror images of core switch to home server in real time, described DAP is unpacked and acquisition characteristics information to the communication data packet of mirror image to home server, by existing NET apparatus characteristic analytical model, modeling and feature difference analysis are carried out to gathered data characteristic information, analyze the IP address of suspicious NET equipment, described device scan program is carried out from main scanning suspicious NET equipment, the information of the suspicious NET equipment of direct acquisition, concrete steps are as follows:
A), mirror image obtains network packet: the hardware-initiated core monitoring facilities of the monitoring equipment of bypass on core switch, will be a to home server by all communication data packet mirror images of core switch;
B), communication data packet is resolved: the DAP in monitoring equipment hardware to be unpacked analysis to mirror image to the communication data packet of home server, and the characteristic information of collection communication packet, described characteristic information comprises request source IP address, source port, destination interface, communication protocol type;
C), analytical characteristic information: DAP is according to the communication data of existing NET apparatus characteristic analytical model to collection, comprise the protocol information of communication data, IP address, port numbers and content characteristic information, carry out modeling and feature difference analysis, analyze suspicious NET IP address of equipment;
D), device scan: to analyze and after locking the IP address of suspicious NET equipment, the device scan program of monitoring equipment hardware inside initiatively scans the suspicious NET equipment of this IP address, the directly relevant information of this suspicious NET equipment of acquisition;
E), equipment confirmation is carried out: this device type of hardware characteristics validation of information obtained by device scan, if confirm as NET equipment, goes to step G); If really admit a fault NET equipment, then return back to step e);
F), again check: the current NET equipment be identified is contrasted with historical data, if this NET apparatus characteristic information repeatedly occurs, carry out similarity weights accumulation process; If this NET apparatus characteristic information did not occur in the historical data, carried out the process of similarity weights regressive;
G), accurately identify NET equipment: calculated by the assignment of the similarity weights to NET equipment, improve and find the accuracy of NET equipment.
As preferably, described step B) in communication protocol type comprise host-host protocol and application layer protocol.
As preferably, described step C) in feature difference analysis comprise application protocol difference analysis, operating system difference analysis and application characteristic difference analysis.
As preferably, described step D) in the relevant information of suspicious NET equipment comprise the system information of suspicious NET equipment, hardware information and manufacturer's information.
As preferably, described step e) in the information of suspicious NET equipment comprise device systems information, hardware information, go out manufacturer's information.
As preferably, described step e) in equipment be confirmed to be by current NET facility information with unconfirmed before the relevant information of this equipment that obtains mate.
As preferably, described match objects comprises OS Type, port, protocol type characteristic information.
Beneficial effect of the present invention: compared with prior art, the method of a kind of intelligence discovery provided by the invention and positioning address conversion equipment, tool has the following advantages: 1. NET automatic device discovery: legacy network devices management major part is the mode manually put on record based on assets, passive and can not dynamic supervision, and this method can by content analyses such as communication data packet characteristic informations in administration network, automatic discovery and location NET equipment, realize network boundary dynamic supervision object; 2. apparatus characteristic modeling analysis: utilize network packet analytical technology, feature modeling analytical technology, carries out large aggregation of data analysis to the communication data feature changed through NET equipment, Timeliness coverage NET equipment; 3. Similarity-Weighted algorithm: by the superposition of feature, the comparison of historical data and calculating, realize calculating the assignment of NET unit affinity degree, improves the accuracy found, accurately and early can reject NET equipment.The method of a kind of intelligence discovery of the present invention and positioning address conversion equipment, realizes efficient controllability and the pipe on dedicated network border, strengthens the information security under ad hoc network environment.
Feature of the present invention and advantage will be described in detail by reference to the accompanying drawings by embodiment.
[accompanying drawing explanation]
Fig. 1 is the schematic flow sheet of the method for a kind of intelligence discovery of the present invention and positioning address conversion equipment.
[embodiment]
For making the object, technical solutions and advantages of the present invention clearly understand, below by accompanying drawing and embodiment, the present invention is further elaborated.But should be appreciated that, specific embodiment described herein, only in order to explain the present invention, is not limited to scope of the present invention.In addition, in the following description, the description to known features and technology is eliminated, to avoid unnecessarily obscuring concept of the present invention.
Consult Fig. 1, the embodiment of the present invention provides a kind of method of intelligence discovery and positioning address conversion equipment, it is based on bypass monitoring equipment hardware on management and control server switch, described monitoring equipment hardware inside embeds core monitoring facilities, DAP and device scan program, described core monitoring facilities will pass through all communication data packet mirror images of core switch to home server in real time, described DAP is unpacked and acquisition characteristics information to the communication data packet of mirror image to home server, by existing NET apparatus characteristic analytical model, modeling and feature difference analysis are carried out to gathered data characteristic information, and analyze the IP address of suspicious NET equipment, described device scan program is carried out from main scanning suspicious NET equipment, the information of the suspicious NET equipment of direct acquisition.
The dynamic supervision of administration network boundary is realized by core monitoring facilities, improving current legacy network devices management major part is the mode manually put on record based on assets, passive and can not the present situation of dynamic supervision, improve the real-time of network supervision, improve the stability of dedicated network, realize resolving all data by DAP, after screening investigation one by one, analyze the IP address of suspicious NET equipment, by device scan program, the equipment belonging to suspicious IP address is carried out from main scanning, by determining whether current equipment is NET equipment after coupling.Core monitoring facilities, DAP and device scan program three interlock, automatically monitor, analyze and locate, and realizes efficient controllability and the pipe on dedicated network border, strengthen the information security under ad hoc network environment.
Concrete steps are as follows:
A), mirror image acquisition network packet: the hardware-initiated core monitoring facilities of the monitoring equipment of bypass on core switch, all communication data packet mirror images that will pass through core switch are a to home server.
B), communication data packet is resolved: the DAP in monitoring equipment hardware to be unpacked analysis to mirror image to the communication data packet of home server, and the characteristic information of collection communication packet, described characteristic information comprises request source IP address, source port, destination interface, communication protocol type.
Wherein, communication protocol type comprises host-host protocol and application layer protocol.
C), analytical characteristic information: DAP is according to the communication data of existing NET apparatus characteristic analytical model to collection, comprise the protocol information of communication data, IP address, port numbers and content characteristic information, carry out modeling and feature difference analysis, analyze suspicious NET IP address of equipment.
Wherein, feature difference analysis comprises application protocol difference analysis, operating system difference analysis and application characteristic difference analysis.According to different application protocol results, different operating system results and different characteristic results, then carry out large aggregation of data arrangement, analyze the characteristic information of the system of specific IP address, agreement and application.
Utilize network packet analytical technology, feature modeling analytical technology; large aggregation of data analysis is carried out to the communication data characteristic information changed through NET equipment; and according to otherness judged result Timeliness coverage NET equipment; improve the promptness of NET device discovery; prevent the significant data in dedicated network from revealing, improve the safeguard protection of network.
D), device scan: to analyze and after locking the IP address of suspicious NET equipment, the device scan program of monitoring equipment hardware inside initiatively scans the suspicious NET equipment of this IP address, the directly relevant information of this suspicious NET equipment of acquisition.
Wherein, the relevant information of suspicious NET equipment comprises the system information of suspicious NET equipment, hardware information and manufacturer's information.
E), equipment confirmation is carried out: this device type of hardware characteristics validation of information obtained by device scan, if confirm as NET equipment, goes to step G); If really admit a fault NET equipment, then return back to step e).
Wherein, the information of suspicious NET equipment comprises device systems information, hardware information, goes out manufacturer's information.
Further, equipment be confirmed to be by current NET facility information with unconfirmed before the relevant information of this equipment that obtains mate, match objects comprises OS Type, port, protocol type characteristic information.
F), again check: the current NET equipment be identified is contrasted with historical data, if this NET apparatus characteristic information repeatedly occurs, carry out similarity weights accumulation process; If this NET apparatus characteristic information did not occur in the historical data, carried out the process of similarity weights regressive.
G), accurately identify NET equipment: calculated by the assignment of the similarity weights to NET equipment, improve and find the accuracy of NET equipment.
By Similarity-Weighted algorithm, the superposition of characteristic information, the comparison of historical data and calculating are carried out to NET equipment, realize calculating the assignment of NET unit affinity degree, the dubiety of similarity weights higher then NET equipment is larger, once this NET equipment accesses administration network again, just can identify it according to its similarity weights in the past, and be rejected in time, improve the accuracy of NET device discovery, the situation preventing fish that has escape the net and pick by mistake.
The hardware monitoring device that bypass the present invention proposes on management and control server switch, just can easily efficiently automatically find and identify NET equipment, and accuracy of identification is high, the NET equipment in prior art that solves builds Webweb and unauthorized device access privately, the controllability on dedicated network border and the poor problem of pipe, improve the fail safe of administration network.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement or improvement etc., all should be included within protection scope of the present invention.
Claims (7)
1. the method for an intelligence discovery and positioning address conversion equipment, it is based on bypass monitoring equipment hardware on management and control server switch, described monitoring equipment hardware inside embeds core monitoring facilities, DAP and device scan program, described core monitoring facilities will pass through all communication data packet mirror images of core switch to home server in real time, described DAP is unpacked and acquisition characteristics information to the communication data packet of mirror image to home server, by existing NET apparatus characteristic analytical model, modeling and feature difference analysis are carried out to gathered data characteristic information, and analyze the IP address of suspicious NET equipment, described device scan program is carried out from main scanning suspicious NET equipment, the information of the suspicious NET equipment of direct acquisition, it is characterized in that: concrete steps are as follows:
A), mirror image obtains network packet: the hardware-initiated core monitoring facilities of the monitoring equipment of bypass on core switch, will be a to home server by all communication data packet mirror images of core switch;
B), communication data packet is resolved: the DAP in monitoring equipment hardware to be unpacked analysis to mirror image to the communication data packet of home server, and the characteristic information of collection communication packet, described characteristic information comprises request source IP address, source port, destination interface, communication protocol type;
C), analytical characteristic information: DAP is according to the communication data of existing NET apparatus characteristic analytical model to collection, comprise the protocol information of communication data, IP address, port numbers and content characteristic information, carry out modeling and feature difference analysis, analyze suspicious NET IP address of equipment;
D), device scan: to analyze and after locking the IP address of suspicious NET equipment, the device scan program of monitoring equipment hardware inside initiatively scans the suspicious NET equipment of this IP address, the directly relevant information of this suspicious NET equipment of acquisition;
E), equipment confirmation is carried out: reaffirm the characteristic information content that device scan program obtains, and confirm this device type, if confirm as NET equipment, go to step G); If really admit a fault NET equipment, then return back to step e);
F), again check: the current NET equipment be identified is contrasted with historical data, if this NET apparatus characteristic information repeatedly occurs, carry out similarity weights accumulation process; If this NET apparatus characteristic information did not occur in the historical data, carried out the process of similarity weights regressive;
G), accurately identify NET equipment: calculated by the assignment of the similarity weights to NET equipment, improve and find the accuracy of NET equipment.
2. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step B) in communication protocol type comprise host-host protocol and application layer protocol.
3. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step C) in feature difference analysis comprise application protocol difference analysis, operating system difference analysis and application characteristic difference analysis.
4. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step D) in the relevant information of suspicious NET equipment comprise the system information of suspicious NET equipment, hardware information and manufacturer's information.
5. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step e) in the information of suspicious NET equipment comprise device systems information, hardware information, go out manufacturer's information.
6. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step e) middle equipment be confirmed to be by current NET facility information with unconfirmed before the relevant information of this equipment that obtains mate.
7. the method for a kind of intelligence discovery as claimed in claim 6 and positioning address conversion equipment, is characterized in that: described match objects comprises OS Type, port, protocol type characteristic information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510940543.6A CN105429996B (en) | 2015-12-15 | 2015-12-15 | A method of intelligence discovery and positioning address conversion equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510940543.6A CN105429996B (en) | 2015-12-15 | 2015-12-15 | A method of intelligence discovery and positioning address conversion equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105429996A true CN105429996A (en) | 2016-03-23 |
CN105429996B CN105429996B (en) | 2019-05-31 |
Family
ID=55507937
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510940543.6A Active CN105429996B (en) | 2015-12-15 | 2015-12-15 | A method of intelligence discovery and positioning address conversion equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105429996B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107222330A (en) * | 2017-04-26 | 2017-09-29 | 浙江远望信息股份有限公司 | A kind of intelligent identifying system request and the method for response sensitive content |
CN107454202A (en) * | 2017-07-11 | 2017-12-08 | 浙江远望信息股份有限公司 | A kind of NAT borders based on http protocol analysis find method |
CN107483651A (en) * | 2017-07-11 | 2017-12-15 | 浙江远望信息股份有限公司 | A kind of NAT borders based on terminal time change find method |
CN108173834A (en) * | 2017-12-25 | 2018-06-15 | 北京计算机技术及应用研究所 | Terminal fingerprints technology identifies " all-purpose card " network terminal |
CN110120948A (en) * | 2019-05-06 | 2019-08-13 | 四川英得赛克科技有限公司 | Based on wireless and cable data stream similarity analysis illegal external connection monitoring method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030014424A1 (en) * | 1999-07-08 | 2003-01-16 | Cohesia Corporation | Representation, management, filtering and synthesis of technical content |
CN1812373A (en) * | 2005-01-28 | 2006-08-02 | 三星电子株式会社 | Communication system, method and apparatus for providing mirroring service in the communication system |
CN1909504A (en) * | 2006-01-11 | 2007-02-07 | 郑凯 | Method for controlling LAN host machine public net message based on by-pass interception technology |
CN101212338A (en) * | 2006-12-30 | 2008-07-02 | 上海复旦光华信息科技股份有限公司 | Detecting probe interlock based network security event tracking system and method |
-
2015
- 2015-12-15 CN CN201510940543.6A patent/CN105429996B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030014424A1 (en) * | 1999-07-08 | 2003-01-16 | Cohesia Corporation | Representation, management, filtering and synthesis of technical content |
CN1812373A (en) * | 2005-01-28 | 2006-08-02 | 三星电子株式会社 | Communication system, method and apparatus for providing mirroring service in the communication system |
CN1909504A (en) * | 2006-01-11 | 2007-02-07 | 郑凯 | Method for controlling LAN host machine public net message based on by-pass interception technology |
CN101212338A (en) * | 2006-12-30 | 2008-07-02 | 上海复旦光华信息科技股份有限公司 | Detecting probe interlock based network security event tracking system and method |
Non-Patent Citations (1)
Title |
---|
高骥翔: "基于网络流量特征的NAT识别方法", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107222330A (en) * | 2017-04-26 | 2017-09-29 | 浙江远望信息股份有限公司 | A kind of intelligent identifying system request and the method for response sensitive content |
CN107454202A (en) * | 2017-07-11 | 2017-12-08 | 浙江远望信息股份有限公司 | A kind of NAT borders based on http protocol analysis find method |
CN107483651A (en) * | 2017-07-11 | 2017-12-15 | 浙江远望信息股份有限公司 | A kind of NAT borders based on terminal time change find method |
CN108173834A (en) * | 2017-12-25 | 2018-06-15 | 北京计算机技术及应用研究所 | Terminal fingerprints technology identifies " all-purpose card " network terminal |
CN110120948A (en) * | 2019-05-06 | 2019-08-13 | 四川英得赛克科技有限公司 | Based on wireless and cable data stream similarity analysis illegal external connection monitoring method |
Also Published As
Publication number | Publication date |
---|---|
CN105429996B (en) | 2019-05-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108183895B (en) | Network asset information acquisition system | |
CN107659543B (en) | Protection method for APT (android packet) attack of cloud platform | |
CN107135093B (en) | Internet of things intrusion detection method and detection system based on finite automaton | |
CN105493060B (en) | Sweet end Active Network Security | |
CN105429996A (en) | Method for intelligently finding and locating address translation equipment | |
KR101883400B1 (en) | detecting methods and systems of security vulnerability using agentless | |
CN106603507A (en) | Method and system for automatically completing network security self checking | |
CN103746992B (en) | Based on reverse intruding detection system and method thereof | |
CN107295010A (en) | A kind of enterprise network security management cloud service platform system and its implementation | |
CN109167794B (en) | Attack detection method for network system security measurement | |
CN114679292B (en) | Honeypot identification method, device, equipment and medium based on network space mapping | |
CN111510463B (en) | Abnormal behavior recognition system | |
CN109587156A (en) | Abnormal network access connection identification and blocking-up method, system, medium and equipment | |
CN105447385B (en) | A kind of applied database honey jar detected at many levels realizes system and method | |
CN114422255A (en) | Cloud security simulation detection system and detection method | |
JP2023550974A (en) | Image-based malicious code detection method and device and artificial intelligence-based endpoint threat detection and response system using the same | |
CN104486320A (en) | Intranet sensitive information disclosure evidence collection system and method based on honeynet technology | |
CN106650425A (en) | Method and device for controlling security sandbox | |
CN106603339B (en) | Simulate the test macro and test method of wan environment | |
CN111970233A (en) | Analysis and identification method for network violation external connection scene | |
CN113965355B (en) | Illegal IP (Internet protocol) intra-provincial network plugging method and device based on SOC (system on chip) | |
CN108234431A (en) | A kind of backstage logs in behavioral value method and detection service device | |
CN112422486B (en) | SDK-based safety protection method and device | |
CN112688899A (en) | In-cloud security threat detection method and device, computing equipment and storage medium | |
CN110493254A (en) | Industrial Yunan County's overall evaluating method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |