CN107426053B - Automatic construction method for data packet load - Google Patents

Automatic construction method for data packet load Download PDF

Info

Publication number
CN107426053B
CN107426053B CN201710617545.0A CN201710617545A CN107426053B CN 107426053 B CN107426053 B CN 107426053B CN 201710617545 A CN201710617545 A CN 201710617545A CN 107426053 B CN107426053 B CN 107426053B
Authority
CN
China
Prior art keywords
feature
data packet
coverage
configuration
byte
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710617545.0A
Other languages
Chinese (zh)
Other versions
CN107426053A (en
Inventor
林康
罗鹰
张鑫阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kelai Network Technology Co.,Ltd.
Original Assignee
Colasoft Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Colasoft Co ltd filed Critical Colasoft Co ltd
Priority to CN201710617545.0A priority Critical patent/CN107426053B/en
Publication of CN107426053A publication Critical patent/CN107426053A/en
Application granted granted Critical
Publication of CN107426053B publication Critical patent/CN107426053B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/90Buffering arrangements
    • H04L49/9057Arrangements for supporting packet reassembly or resequencing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/90Buffering arrangements
    • H04L49/9042Separate storage for different parts of the packet, e.g. header and payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Communication Control (AREA)

Abstract

The invention discloses an automatic construction method of a data packet load. The method predetermines a feature configuration, comprising: feature content, offset value, and depth. And determining the initial coverage range of each feature configuration in the data packet load according to the deviation value and the depth, adjusting the initial coverage range, and finally filling the adjusted vacant positions. The invention has high flexibility, can support the generation of various types of data packets, can conveniently support specific protocols such as HTTP and the like after being expanded, has higher efficiency compared with the manual one-by-one data packet construction, and is not easy to make mistakes.

Description

Automatic construction method for data packet load
Technical Field
The invention belongs to the technical field of data packets, and particularly relates to an automatic construction method of data packet loads.
Background
When testing and analyzing network security and network anomaly, it is often necessary to construct some data packets containing specific content in the data packet payload, and there may be requirements on the location, format, etc. of these features. Because the content in the actual data packet has many unprintable binary systems, errors are easy to make when the data are constructed manually, and the efficiency is not high.
Therefore, it is necessary to provide a solution that allows a computer to automatically complete packet construction by some simple configuration.
Disclosure of Invention
In order to solve the above problems, the present invention provides an automatic construction method for a data packet load, comprising the following steps:
the method comprises the following steps: the method comprises the steps of determining the characteristic content, the deviation value and the depth of each characteristic configuration to be included in the same data packet load in advance, and determining the initial coverage range of each characteristic configuration in the data packet load according to the deviation value and the depth.
Step two: and detecting whether the initial coverage ranges of the feature configurations are overlapped, and if so, modifying the respective coverage ranges according to the respective feature content lengths so as not to be overlapped. If the modification fails, the feature configurations are not compatible, and the process is skipped. And after monitoring, executing the third step.
Step three: and D, arranging the characteristic configurations in an ascending order according to the deviation value of the coverage area adjusted in the step two.
Step four: and sequentially covering the feature contents and the offset values of each feature configuration from the first bit of the data packet load to the initial coverage area of the last feature configuration, and filling the bits which are not covered before the last feature configuration.
Further, the modified coverage areas of the feature configurations where the two initial coverage areas overlap should just not overlap.
Further, in the second step, the length of the coverage area after the modification of each feature configuration is just the length of the feature content.
Further, the filling is performed manually or by machine.
The invention has the beneficial effects that:
1. the method has high flexibility, can support the generation of various types of data packets, and can also conveniently support specific protocols such as HTTP and the like after being expanded.
2. Compared with the manual one-by-one data packet construction, the method has higher efficiency and is not easy to make mistakes.
Drawings
FIG. 1 is a schematic flow chart of the method of the present invention.
Detailed Description
As shown in fig. 1, the present invention comprises the steps of:
the method comprises the following steps: the method comprises the steps of determining the characteristic content, the offset and the depth of each characteristic configuration to be included in the same data packet load in advance, and determining the initial coverage range of each characteristic configuration to be included in the data packet load according to the offset and the depth.
The characteristic configuration of the data packet load comprises 3 aspects of content, namely characteristic content, offset value and depth.
The feature content is typically a string or binary that occupies a fixed length of the packet.
The offset value refers to the offset of the start position of the feature content overlay of the feature configuration from the start of the packet payload (byte 0). The offset value is minimum 0 and default value is 0. If the offset value is 1, the characteristic content coverage starting position of the characteristic configuration is the 1 st byte of the data packet load.
Depth refers to the length of bytes that a feature configuration occupies in the packet payload, calculated from the offset value. If the depth is 5, the feature configuration occupies 5 bytes. The depth value is 65535 maximum and 65535 default.
The initial coverage may be represented in intervals as (offset value, offset value + depth value), i.e. starting from (including) the offset value and ending with (not including) the offset value + depth value. The offset value for byte 0 of the data packet is 0, the offset value for byte 1 is 1, the offset value for byte 2 is 2. For example, the initial coverage of the feature configuration is (1, 5), the length of the feature content is 3, the initial coverage is from the 1 st byte to the 4 th byte of the packet, and the feature content can be configured in two ways in the packet payload, i.e., from the 1 st byte to the 3 rd byte of the packet payload and from the 2 nd byte to the 4 th byte of the packet payload.
Step two: detecting whether the initial coverage ranges of the feature configurations are overlapped, and if so, modifying the respective coverage ranges according to the respective feature content lengths to ensure that the coverage ranges are not overlapped; if the modification is failed, indicating that the feature configurations are incompatible, and jumping out of the process; after the monitoring is finished, executing a third step;
preferably, the modified coverage areas of the feature configurations with the two initial coverage areas overlapping should just not overlap. The length of the coverage range of each modified feature configuration is just the length of the feature content, so that the size of the data packet is reduced as much as possible while the feature content is ensured to be identifiable, and the subsequent expansion is more convenient.
Step three: arranging the feature configurations in ascending order according to the deviation value of the coverage area adjusted in the second step;
step four: and sequentially covering the feature contents and the offset values of each feature configuration from the first bit of the data packet load to the initial coverage area of the last feature configuration, and filling the bits which are not covered before the last feature configuration.
The way of filling is to let the machine fill the required filling values manually or by configuration. For example, the padding is directly used, and the data is directly set to 0.
The above method is described in detail below with specific examples.
Assume that each bit of the loaded packet is the 0 th byte, the 1 st byte, the 2 nd byte, the 3 rd byte, the 4 th byte, the 5 th byte, the 6 th byte, the 7 th byte, the 8 th byte, the 9 th byte, the 10 th byte, and the 11 th byte in sequence.
For example, there are A, B, C three feature values:
assume a that the initial coverage is (0, 2), i.e. the initial coverage is 0 th byte to 1 st byte, and the characteristic content length is 2.
Assume B has an initial coverage of (4, 10), i.e., an initial coverage of 4 th byte to 9 th byte, and a characteristic content length of 3.
Assume that C has an initial coverage of (5, 11), i.e., an initial coverage of 5 th byte to 10 th byte, and a characteristic content length of 3.
A, B, C the total initial coverage range is from byte 0 of the packet payload to byte 11, within which A, B, C needs to be reasonably configured. A. B has no overlap, no adjustment is needed for a, and there are padding areas between A, B. B. The initial coverage of C overlaps from the 5 th byte to the 9 th byte, and the respective initial coverage needs to be adjusted according to the characteristic content length, so that the two just do not overlap.
A is adjusted to be (0, 2), and the padding blocks between A, B are bytes 2 to 3;
b is adjusted to (4, 7), i.e. the coverage is from byte 4 to byte 6. C is adjusted to (7, 10), no padding block between B, C is empty, and the padding blocks after C are bytes 10 to 11.
Of course, if the first feature configuration a has an offset greater than 0, then the bytes before a need to be padded from the 0 th byte as well. If A is (1, 3), the length is 2, and the initial coverage range is from 1 st byte to 2 nd byte; this indicates that the 0 th byte needs to be padded.

Claims (2)

1. An automated construction method of a packet payload, comprising the steps of:
the method comprises the following steps: the method comprises the steps of determining the feature content, the deviation value and the depth of each feature configuration to be included in the same data packet load in advance, and determining the initial coverage range of each feature configuration in the data packet load according to the deviation value and the depth;
step two: detecting whether the initial coverage ranges of the feature configurations are overlapped, and if so, modifying the respective coverage ranges according to the respective feature content lengths to ensure that the coverage ranges are not overlapped; if the modification is failed, indicating that the feature configurations are incompatible, and ending the method; after the detection is finished, executing the third step; wherein, the coverage areas modified by the characteristic configurations with two overlapped initial coverage areas are just not overlapped, and the length of the coverage area modified by each characteristic configuration is just the length of the characteristic content;
step three: arranging the feature configurations in ascending order according to the deviation value of the coverage area adjusted in the second step;
step four: and sequentially covering the feature contents and the offset values of each feature configuration from the first bit of the data packet load to the initial coverage area of the last feature configuration, and filling the bits which are not covered before the last feature configuration.
2. The method of claim 1, wherein the filling is performed manually or by machine.
CN201710617545.0A 2017-07-26 2017-07-26 Automatic construction method for data packet load Active CN107426053B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710617545.0A CN107426053B (en) 2017-07-26 2017-07-26 Automatic construction method for data packet load

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710617545.0A CN107426053B (en) 2017-07-26 2017-07-26 Automatic construction method for data packet load

Publications (2)

Publication Number Publication Date
CN107426053A CN107426053A (en) 2017-12-01
CN107426053B true CN107426053B (en) 2021-01-05

Family

ID=60431251

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710617545.0A Active CN107426053B (en) 2017-07-26 2017-07-26 Automatic construction method for data packet load

Country Status (1)

Country Link
CN (1) CN107426053B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101854648A (en) * 2010-04-14 2010-10-06 华为技术有限公司 Testing method, device and testing system for single board of communication apparatus
CN103414701A (en) * 2013-07-25 2013-11-27 华为技术有限公司 Rule matching method and device
CN103428215A (en) * 2013-08-12 2013-12-04 广东电网公司电力调度控制中心 Method and system for generating attack traffic of data network
CN103746885A (en) * 2014-01-28 2014-04-23 中国人民解放军信息安全测评认证中心 Test system and test method oriented to next-generation firewall
CN104219221A (en) * 2014-05-30 2014-12-17 郭瑞 Network security flow generating method and network security flow generating system
CN104506484A (en) * 2014-11-11 2015-04-08 中国电子科技集团公司第三十研究所 Proprietary protocol analysis and identification method
CN106209830A (en) * 2016-07-08 2016-12-07 中国人民解放军国防科学技术大学 A kind of message building method represented based on XML procotol

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104993976B (en) * 2015-07-07 2018-07-13 北京科技大学 A kind of PLC safety protection equipments assessment method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101854648A (en) * 2010-04-14 2010-10-06 华为技术有限公司 Testing method, device and testing system for single board of communication apparatus
CN103414701A (en) * 2013-07-25 2013-11-27 华为技术有限公司 Rule matching method and device
CN103428215A (en) * 2013-08-12 2013-12-04 广东电网公司电力调度控制中心 Method and system for generating attack traffic of data network
CN103746885A (en) * 2014-01-28 2014-04-23 中国人民解放军信息安全测评认证中心 Test system and test method oriented to next-generation firewall
CN104219221A (en) * 2014-05-30 2014-12-17 郭瑞 Network security flow generating method and network security flow generating system
CN104506484A (en) * 2014-11-11 2015-04-08 中国电子科技集团公司第三十研究所 Proprietary protocol analysis and identification method
CN106209830A (en) * 2016-07-08 2016-12-07 中国人民解放军国防科学技术大学 A kind of message building method represented based on XML procotol

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Linux内核学习笔记——ip报文组装;tym8865;《CSDN博客,blog.csdn.net/opens_tym/article/details/17658569》;20140101;第1-7页 *
基于DPI技术的P2P流量检测系统设计;张瀚;《中国优秀硕士论文全文数据库》;20130730;4.2.3关联模式实例 *

Also Published As

Publication number Publication date
CN107426053A (en) 2017-12-01

Similar Documents

Publication Publication Date Title
CN105262627B (en) Firmware upgrading method, device and system
CN106657174B (en) Data synchronization method, data updating method and data updating device
US10291482B2 (en) ECU for transmitting large data in HiL test environment, system including the same and method thereof
CN106161256B (en) A kind of processing method and processing device of Border Gateway Protocol (BGP) routing
EP3214891B1 (en) Switching-on method, base station and storage medium
CN106326749B (en) Ile repair method and device
CN102546804B (en) Method for remotely upgrading global positioning system (GPS) terminal on tower crane
CN105912340A (en) Primary device, remote control and overhead upgrading method of remote control
CN104320432A (en) Software installing method and device, server and system
WO2022116088A1 (en) Firmware data processing method and apparatus
CN109271172B (en) Host performance expansion method and device of sweep cluster
CN102868693A (en) URL (Uniform Resource Locator) filtering method and URL (Uniform Resource Locator) filtering system aiming at HTTP (Hyper Text Transport Protocol) segment request
CN104601483A (en) Method, device and apparatus for forwarding messages
CN102457574A (en) Method and system for intelligent multi-address downloading of installation package
CN107426053B (en) Automatic construction method for data packet load
CN106470114B (en) A kind of configuration method and device of OTA upgrade package
CN109995548B (en) Device management method and system, data transmission method and system and terminal device
CN104270287A (en) Message disorder detecting method and device
EP2000868A1 (en) Method of acquiring status information of I/O units
CN105320593A (en) Multi-channel random frame data verification processing method and device
CN103634229A (en) Inter-chip communication method and control device
JP6601256B2 (en) Ethernet switch device
CN110597712B (en) Component attribute verification method, device, terminal and storage medium
JP2019029921A (en) Transmitter, receiver, and communication method
CN104866292A (en) Method and device for extending software function

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 610041 No. 06, floor 15, unit 2, building 1, No. 28, north section of Tianfu Avenue, Chengdu hi tech Zone, China (Sichuan) pilot Free Trade Zone, Chengdu, Sichuan

Patentee after: Chengdu Shumo Technology Co.,Ltd.

Address before: 13 / F and 14 / F, unit 1, building 4, No. 966, north section of Tianfu Avenue, high tech Zone, Chengdu, Sichuan 610041

Patentee before: COLASOFT Co.,Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220321

Address after: 610041 12th, 13th and 14th floors, unit 1, building 4, No. 966, north section of Tianfu Avenue, high tech Zone, Chengdu, Sichuan

Patentee after: Kelai Network Technology Co.,Ltd.

Address before: 610041 No. 06, floor 15, unit 2, building 1, No. 28, north section of Tianfu Avenue, Chengdu hi tech Zone, China (Sichuan) pilot Free Trade Zone, Chengdu, Sichuan

Patentee before: Chengdu Shumo Technology Co.,Ltd.