CN107483411B - Service identification method and system - Google Patents
Service identification method and system Download PDFInfo
- Publication number
- CN107483411B CN107483411B CN201710611555.3A CN201710611555A CN107483411B CN 107483411 B CN107483411 B CN 107483411B CN 201710611555 A CN201710611555 A CN 201710611555A CN 107483411 B CN107483411 B CN 107483411B
- Authority
- CN
- China
- Prior art keywords
- service
- identified
- library
- early warning
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 230000009471 action Effects 0.000 claims abstract description 29
- 238000012545 processing Methods 0.000 claims abstract description 21
- 238000004891 communication Methods 0.000 description 9
- 238000001514 detection method Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
Abstract
The invention provides service identification methods and systems, and the methods include acquiring a service to be identified corresponding to DPI data flowing through currently, detecting whether an active triggering action of a user for the service to be identified occurs or not if the service to be identified does not belong to a current service feature library, storing the service to be identified to an unidentified service library if the active triggering action occurs, storing the service to be identified to an early warning service library if the active triggering action does not occur, and performing early warning processing according to the service in the early warning service library.
Description
Technical Field
The invention relates to the technical field of communication, in particular to service identification methods and systems related to a home terminal.
Background
At present, when a user performs data interaction with a third-party service system through a home terminal, data flow can be identified and distributed through an intelligent gateway DPI functional module, so that the user can be prompted for services with safety risks.
Disclosure of Invention
The service identification methods and systems provided by the invention can improve the accuracy of the early warning service library and are beneficial to accurate early warning of the services with safety risks.
An th aspect of the present invention is to provide service identification methods, including:
acquiring a service to be identified corresponding to DPI data flowing through currently;
if the service to be identified does not belong to the current service feature library, detecting whether an active triggering action of a user for the service to be identified occurs;
if so, storing the service to be identified to an unidentified service library; and if the business to be identified does not occur, storing the business to be identified to an early warning business library, and carrying out early warning processing according to the business in the early warning business library at present.
Another aspects of the present invention are to provide traffic identification systems, comprising:
the acquisition module is used for acquiring the service to be identified corresponding to the DPI data flowing through currently;
the identification module is used for identifying whether the service to be identified belongs to the current service feature library or not, and if not, detecting whether the active triggering action of the user aiming at the service to be identified occurs or not;
the processing module is used for storing the service to be identified to an unidentified service library if the active triggering action of the user aiming at the service to be identified occurs;
and the processing module is also used for storing the service to be identified to an early warning service library if the service does not occur, and carrying out early warning processing according to the service in the early warning service library.
According to the service identification method and the service identification system, if the current service to be identified is detected not to belong to the service feature library, accurate identification of the service type is realized by detecting whether the user actively triggers the service, the accuracy of the early warning service library is improved, and accurate early warning of the service with the safety risk is facilitated.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic flowchart of service identification methods provided in embodiment of the present invention;
fig. 2A is a schematic flowchart of another service identification methods provided in embodiment of the present invention;
fig. 2B is a schematic flowchart of another service identification methods provided in embodiment of the present invention;
fig. 3 is a schematic flowchart of another service identification methods provided in of the present invention;
fig. 4 is a schematic structural diagram of service identification systems according to a second embodiment of the present invention;
fig. 5 is a schematic structural diagram of another service identification systems according to the second embodiment of the present invention.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete description of the technical solutions of the embodiments of the present invention will be given below with reference to the accompanying drawings of the embodiments of the present invention, and it is obvious that the described embodiments are partial embodiments of of the present invention, rather than all embodiments.
The dimensions of the various layers and regions are exaggerated or reduced for illustrative purposes, and thus the sizes and proportions shown in the figures are not intended to represent actual dimensions nor reflect dimensional relationships.
Fig. 1 is a schematic flow chart of a service identification method provided in of an embodiment of the present invention, as shown in fig. 1, the method includes:
101. and acquiring the service to be identified corresponding to the DPI data flowing through currently.
Specifically, the DPI function module is integrated into the intelligent gateway through a plug-in, divides the obtained DPI data into different service data flows, and detects a specific message in the service data flow through an identification technology, so that content-level information, such as specific service data and a service type, can be extracted, which is beneficial to timely finding and controlling abnormal service traffic.
102. And if the service to be identified does not belong to the current service feature library, detecting whether an active triggering action of a user for the service to be identified occurs.
Specifically, a known service information table is stored in the service feature library, the service feature data which is subjected to security identification is recorded in the service information table, the obtained service data is compared with the service information table, whether the service is an existing service can be obtained, if yes, the service is a security service, if not, is needed to judge whether the service has a security risk, and the judgment standard is whether the user actively triggers the service.
103. And if so, storing the service to be identified to an unidentified service library.
Specifically, if the detection result indicates that the service is a new type of service, the service is actively triggered by the user, and the information of the service is stored in a service list in the unidentified service library.
104. And if the business to be identified does not occur, storing the business to be identified to an early warning business library, and carrying out early warning processing according to the business in the early warning business library at present.
The service characteristic library is a database for storing identified service characteristic data, the unidentified service library is a database for storing new service characteristic data, the new service is actively initiated by a user and indicates that the user has actual requirements on the service but the existing supplier fails to provide the service to the user, in an actual scene, the data in the unidentified service library can be provided for the supplier to research the requirements of the user on the new service, the early warning service library is a database for storing service characteristic data with safety risk, in an actual scene, the service with safety risk can cause hazards such as private information leakage or property loss and the like to the user, and therefore the data in the early warning service library can be provided for the safety processing part for researching how to early warn and intercept services with similar safety risks at a user terminal.
Specifically, if the detection result indicates that the user does not actively trigger the unidentified service, the service automatically runs and communicates with the third-party system terminal under the condition that the user does not allow the service, so that the service has a security risk, for example, user information is lost or the user terminal is infected with a virus, and the service is stored in a service list in an early warning service library at this time, so that the service information is provided to the security processing unit at step for early warning processing.
In practical applications, steps may be further performed to verify the services in the early warning service library to improve the accuracy of the service library, and optionally, the services may be verified manually by a worker periodically, and further optionally, in order to improve the accuracy of the service library and improve the update and maintenance efficiency of the service library, as shown in fig. 2A, in order to improve the accuracy of the service library and simultaneously improve the update and maintenance efficiency of the service library, fig. 2A is a schematic flow diagram of another service identification method provided in embodiment of the present invention, and as shown in fig. 2A, on the basis of embodiment , the method further includes:
201. and analyzing the safety level of the service in the early warning service library, and if the safety level reaches a preset th threshold value, transferring the corresponding service to the unidentified service library.
Specifically, the service list in the early warning service library stores service feature data, such as name, type, trigger type, start time, and the like, and performs security level analysis according to the service feature data to obtain a security level corresponding to the service, where the th threshold may be set according to specific needs of a user.
Similarly, the services in the unidentified service library may be verified to improve the accuracy of the service feature library, and to improve the update efficiency of the service feature library, as shown in fig. 2B, on the basis of any embodiment described above, the method may further include:
202. and analyzing the user demand degree of the service in the unidentified service library, and if the user demand degree reaches a preset second threshold value, transferring the corresponding service to the service feature library.
Specifically, the service list in the unidentified service library stores service feature data, and user demand degree analysis is performed according to the service feature data and the service use condition of the user to obtain the demand degree of the user for the service, wherein the second threshold value can be set according to the specific needs of the user.
It should be noted that the two embodiments may be implemented separately or in combination, for example, the security level analysis is performed on the service in the early warning service library, and the user demand degree analysis is performed on the service in the unidentified service library. Therefore, the service libraries can be accurately and effectively updated and maintained.
Fig. 3 is a schematic flow chart of another service identification methods provided in embodiment of the present invention, and as shown in fig. 3, on the basis of the foregoing implementation, 101 includes:
301. and acquiring the service to be identified corresponding to the DPI data flowing through currently within a preset time threshold.
Specifically, the th time threshold may be set according to the capability of the intelligent gateway itself to obtain the service data, or may be set according to the requirement of the user on the communication fluency.
302. And if the service to be identified is not acquired within the th time threshold, judging that the service to be identified does not belong to the current service feature library.
Specifically, the service to be identified is not acquired, the intelligent gateway acquires a service label through feature data of the service to be identified, the service label is compared in a current service feature library, when a matching result is not found, the service to be identified is judged not to belong to the current service feature library, and two conditions exist for acquiring a result that the service to be identified does not belong to the current service feature library, wherein the type is that the service does not exist in the current service feature database, the service is a new type of service, the second type is that the feature data of the service cannot be acquired within a time threshold due to limitation of identification capability, in a real scene, the occurrence of the second condition can influence the efficiency of the intelligent gateway on service identification and the network communication fluency, and the time threshold is set to solve the problems.
Similarly, in practical applications, since the user triggering the action identifier for the recognition service for too long time may affect the recognition efficiency, in order to further increase the recognition efficiency and improve the network communication fluency, on the basis of the foregoing any embodiment, 102 includes:
303. and if the service to be identified does not belong to the current service feature library, detecting whether the active triggering action of the user aiming at the service to be identified occurs within a preset second time threshold from the current moment.
Specifically, the second time threshold may be set according to the capability of the intelligent gateway itself to acquire the service data, or may be set according to the requirement of the user on the communication fluency.
Accordingly, 104 includes:
304. and if the active triggering action of the user aiming at the service to be identified does not occur within the second time threshold, storing the service to be identified to the early warning service library.
Specifically, the situation that the active triggering action of the user for the service to be recognized does not occur within the second time threshold includes two situations, the th situation is that a user triggering action identifier is obtained according to service characteristic data, the service is judged not to be generated by the active triggering of the user according to the user triggering action identifier, the second situation is that the characteristic data of the service cannot be obtained within the second time threshold due to the limitation of recognition capability, in a real scene, the occurrence of the second situation can affect the efficiency of the intelligent gateway for service recognition and the network communication fluency, and the problem is solved by setting the second time threshold.
The embodiment provides service identification methods, and when it is detected that a current service to be identified does not belong to a service feature library, accurate identification of a service type is realized by detecting whether a user actively triggers the service, so that accuracy of an early warning service library is improved, and accurate early warning of a service with a safety risk is facilitated.
In order to effectively identify a service with a security risk and improve the accuracy of the early warning service library, fig. 4 is a schematic structural diagram of service identification systems provided by the second embodiment of the present invention, as shown in fig. 4, the system includes:
the obtaining module 1 is configured to obtain a service to be identified corresponding to DPI data flowing through currently.
Specifically, the obtaining module 1 includes a DPI functional module, and the DPI functional module divides the obtained DPI data into different service data flows, and detects a specific packet in the service data flow by using an identification technology, so as to extract information of content level, such as specific service data and service type, and facilitate to find and control abnormal service traffic in time. The acquisition module 1 sends the acquired service characteristic data of the service to be identified to the identification module 2.
And the identification module 2 is used for identifying whether the service to be identified belongs to the current service feature library, and if not, detecting whether the active triggering action of the user aiming at the service to be identified occurs.
Specifically, a known service information table is stored in the service feature library, the service feature data which is subjected to security identification is recorded in the service information table, the identification module 2 compares the obtained service data with the service information table to obtain whether the service is an existing service, if so, the service is a security service, if not, is required to detect whether the service has a security risk, the detection standard is whether the user actively triggers the service, and the detection result is sent to the processing module 3.
And the processing module 3 is used for storing the service to be identified to the unidentified service library if the active triggering action of the user aiming at the service to be identified occurs.
And the processing module 3 is further configured to, if the occurrence of the business to be identified does not occur, store the business to be identified into the early warning business library, and perform early warning processing according to the business in the current early warning business library.
The service characteristic library is a database for storing identified service characteristic data, the unidentified service library is a database for storing new service characteristic data, the new service is actively initiated by a user and indicates that the user has actual requirements on the service but the existing supplier fails to provide the service to the user, in an actual scene, the data in the unidentified service library can be provided for the supplier to research the requirements of the user on the new service, the early warning service library is a database for storing service characteristic data with safety risk, in an actual scene, the service with safety risk can cause hazards such as private information leakage or property loss and the like to the user, and therefore the data in the early warning service library can be provided for the safety processing part for researching how to early warn and intercept services with similar safety risks at a user terminal.
Specifically, the processing module 3 stores the service to be identified to the unidentified service library or the early warning service library according to the detection result.
In practical applications, steps may be further performed to verify the services in the early warning service library to improve the accuracy of the service library, and optionally, the services may be verified manually by a worker periodically, and further optionally, in order to improve the accuracy of the service library and improve the efficiency of updating and maintaining the service library, as shown in fig. 5, in order to improve the accuracy of the service library and simultaneously improve the efficiency of updating and maintaining the service library, the system is further configured to provide a schematic structural diagram of another service identification systems in the second embodiment of the present invention, and as shown in fig. 5, on the basis of any embodiment described above, the system further includes:
and the analysis module 4 is configured to perform security level analysis on the services in the early warning service library, and if the security level reaches a preset threshold, forward the corresponding services to the unidentified service library.
Specifically, the service list in the early warning service library stores service feature data, such as name, type, trigger type, start time, etc., and the th analysis module 4 performs security level analysis according to the service feature data to obtain a security level corresponding to the service, where the th threshold may be set according to specific needs of a user.
Similarly, the services in the unidentified service library may be verified to improve the accuracy of the service feature library, and to improve the updating efficiency of the service feature library, as shown in fig. 5, on the basis of any embodiment described above, the system further includes:
and the second analysis module 5 is configured to perform user demand degree analysis on the services in the unidentified service library, and if the user demand degree reaches a preset second threshold, forward the corresponding service to the service feature library.
Specifically, the service list in the unidentified service library stores service feature data, the second analysis module 5 performs user demand degree analysis according to the service feature data and the service use condition of the user to obtain the user demand degree of the service, wherein the second threshold value can be set according to the specific needs of the user.
It should be noted that the above two embodiments may be implemented separately or in combination, for example, the system may include both the th analysis module 4 and the second analysis module 5, so as to update and maintain each service library accurately and efficiently.
On the basis of any embodiment, the obtaining module 1 is specifically configured to obtain the service to be identified corresponding to the DPI data currently flowing through within a preset time threshold value, and the obtaining module 1 is further configured to determine that the service to be identified does not belong to the current service feature library if the service to be identified is not obtained within a time threshold value.
Specifically, the th time threshold can be set according to the capability of the intelligent gateway to acquire service data, or can be set according to the requirement of a user on communication fluency, when a service to be identified is not acquired, the acquisition module 1 compares the service labels in the current service feature library, when a matching result is not found, the service to be identified is judged not to belong to the current service feature library, and a result that the service to be identified does not belong to the current service feature library exists in two cases, wherein the th case is that the service does not exist in the current service feature database, the service is a new type of service, the second case is that the feature data of the service cannot be acquired in the th time threshold due to the limitation of identification capability, in a real scene, the occurrence of the second case can affect the efficiency of the intelligent gateway on service identification and the fluency of network communication, and the th time threshold is set to solve the above problems.
Similarly, in practical applications, since the user trigger action identifier of the identified service has an impact on the identification efficiency, in order to further improve the identification efficiency and improve the network communication fluency, on the basis of any of the foregoing embodiments , the identification module 2 is specifically configured to detect whether the active trigger action of the user for the identified service occurs within a preset second time threshold from the current time if the identified service does not belong to the current service feature library, and correspondingly, the processing module 3 is specifically configured to store the identified service in the early warning service library if the active trigger action of the user for the identified service does not occur within the second time threshold.
The second time threshold value comprises two conditions that no active triggering action of a user aiming at the service to be identified occurs, is that a user triggering action identifier is obtained according to service characteristic data, the service is judged not to be generated by the active triggering of the user according to the user triggering action identifier, and the second condition that the characteristic data of the service cannot be obtained within the second time threshold value due to the limitation of identification capacity.
The embodiment provides service identification systems, and when it is detected that a current service to be identified does not belong to a service feature library, accurate identification of a service type is realized by detecting whether a user actively triggers the service, so that accuracy of an early warning service library is improved, and accurate early warning of a service with a safety risk is facilitated.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working process of the system described above may refer to the corresponding process in the foregoing method embodiment, and is not described herein again.
It will be understood by those skilled in the art that all or a portion of the steps of implementing the various method embodiments described above may be performed by hardware associated with program instructions, and that the program may be stored in a computer readable storage medium, which when executed performs the steps comprising the various method embodiments described above, including ROM, RAM, magnetic or optical disks, among various media capable of storing program code.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1, service identification method, characterized by comprising:
acquiring a service to be identified corresponding to DPI data flowing through currently;
if the service to be identified does not belong to the current service feature library, detecting whether an active triggering action of a user for the service to be identified occurs;
if so, storing the service to be identified to an unidentified service library; and if the business to be identified does not occur, storing the business to be identified to an early warning business library, and carrying out early warning processing according to the business in the early warning business library at present.
2. The method of claim 1, further comprising:
and analyzing the safety level of the service in the early warning service library, and if the safety level reaches a preset th threshold value, transferring the corresponding service to the unidentified service library.
3. The method of claim 1, further comprising:
and analyzing the user demand degree of the service in the unidentified service library, and if the user demand degree reaches a preset second threshold value, transferring the corresponding service to the service feature library.
4. The method according to any of claims , wherein the obtaining of the traffic to be identified corresponding to the DPI data currently flowing through comprises:
acquiring a service to be identified corresponding to the DPI data flowing through currently within a preset time threshold;
the method further comprises the following steps:
and if the service to be identified is not acquired within the th time threshold, judging that the service to be identified does not belong to the current service feature library.
5. The method according to any of claims 1-3 and , wherein the detecting whether an active triggering action of a user for the service to be identified occurs if the service to be identified does not belong to a current service feature library comprises:
if the service to be identified does not belong to the current service feature library, detecting whether an active triggering action of a user for the service to be identified occurs within a preset second time threshold from the current moment;
if the identification does not occur, storing the service to be identified to an early warning service library, including:
and if the active triggering action of the user aiming at the service to be identified does not occur within the second time threshold, storing the service to be identified to the early warning service library.
The service identification system of , comprising:
the acquisition module is used for acquiring the service to be identified corresponding to the DPI data flowing through currently;
the identification module is used for detecting whether the active triggering action of the user aiming at the service to be identified occurs or not if the service to be identified does not belong to the current service feature library;
the processing module is used for storing the service to be identified to an unidentified service library if the active triggering action of the user aiming at the service to be identified occurs;
and the processing module is also used for storing the service to be identified to an early warning service library if the service does not occur, and carrying out early warning processing according to the service in the early warning service library.
7. The system of claim 6, further comprising:
and the analysis module is used for analyzing the security level of the service in the early warning service library, and if the security level reaches a preset threshold, the corresponding service is transferred to the unidentified service library.
8. The system of claim 6, further comprising:
and the second analysis module is used for analyzing the user demand degree of the service in the unidentified service library, and if the user demand degree reaches a preset second threshold value, the corresponding service is transferred to the service feature library.
9. The system of any of , wherein,
the obtaining module is specifically configured to obtain, within a preset th time threshold, a to-be-identified service corresponding to the current DPI data that flows through;
the obtaining module is further configured to determine that the service to be identified does not belong to the current service feature library if the service to be identified is not obtained within the th time threshold.
10. The system of any of , wherein,
the identification module is specifically configured to detect whether an active triggering action of a user for the service to be identified occurs within a preset second time threshold from a current moment if the service to be identified does not belong to a current service feature library;
the processing module is specifically configured to store the service to be identified in the early warning service library if an active triggering action of the user for the service to be identified does not occur within the second time threshold.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710611555.3A CN107483411B (en) | 2017-07-25 | 2017-07-25 | Service identification method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710611555.3A CN107483411B (en) | 2017-07-25 | 2017-07-25 | Service identification method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107483411A CN107483411A (en) | 2017-12-15 |
| CN107483411B true CN107483411B (en) | 2020-01-31 |
Family
ID=60596764
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710611555.3A Active CN107483411B (en) | 2017-07-25 | 2017-07-25 | Service identification method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107483411B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109447320A (en) * | 2018-09-27 | 2019-03-08 | 中国联合网络通信集团有限公司 | The recognition methods of customer service, apparatus and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102025636A (en) * | 2010-12-09 | 2011-04-20 | 北京星网锐捷网络技术有限公司 | Message feature processing method and device as well as network equipment |
| CN104796406A (en) * | 2015-03-20 | 2015-07-22 | 杭州华三通信技术有限公司 | Method and device for identifying application |
| CN106612241A (en) * | 2015-10-27 | 2017-05-03 | 中国移动通信集团浙江有限公司 | Service control method and service control device |
| CN106921637A (en) * | 2015-12-28 | 2017-07-04 | 华为技术有限公司 | The recognition methods of the application message in network traffics and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130288636A1 (en) * | 2012-04-12 | 2013-10-31 | Kelly Roy Peterson | Location data updating and transmission |
-
2017
- 2017-07-25 CN CN201710611555.3A patent/CN107483411B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102025636A (en) * | 2010-12-09 | 2011-04-20 | 北京星网锐捷网络技术有限公司 | Message feature processing method and device as well as network equipment |
| CN104796406A (en) * | 2015-03-20 | 2015-07-22 | 杭州华三通信技术有限公司 | Method and device for identifying application |
| CN106612241A (en) * | 2015-10-27 | 2017-05-03 | 中国移动通信集团浙江有限公司 | Service control method and service control device |
| CN106921637A (en) * | 2015-12-28 | 2017-07-04 | 华为技术有限公司 | The recognition methods of the application message in network traffics and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107483411A (en) | 2017-12-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9721461B2 (en) | Method, apparatus and system for affirming alarm identity of video monitoring system | |
| EP3174264A1 (en) | Apparatus and method for automatically generating detection rule | |
| CN109271793B (en) | Internet of things cloud platform equipment category identification method and system | |
| CN111800412B (en) | Advanced sustainable threat tracing method, system, computer equipment and storage medium | |
| CN107426079A (en) | A kind of processing method and processing device of informing message | |
| CN103034807A (en) | Method and device for detecting malicious program | |
| CN112118249B (en) | Security protection method and device based on log and firewall | |
| CN106899948B (en) | Pseudo base station discovery method, system, terminal and server | |
| CN109409113B (en) | Power grid data safety protection method and distributed power grid data safety protection system | |
| US11870792B2 (en) | Abnormal traffic analysis apparatus, abnormal traffic analysis method, and abnormal traffic analysis program | |
| CN110856188B (en) | Communication method, apparatus, system, and computer-readable storage medium | |
| CN107483411B (en) | Service identification method and system | |
| CN106446720B (en) | The optimization system and optimization method of IDS rule | |
| CN114157501B (en) | Parameter analysis method and device based on TianRui database | |
| CN105872466A (en) | Alarm method and alarm device based on smart TV | |
| EP2930995A1 (en) | Terminal peripheral management method and m2m gateway | |
| CN103761879B (en) | A kind of counterfeit vehicle registration plate identification method and system | |
| CN112818343A (en) | Block chain big data analysis early warning method and system and cloud platform | |
| CN105050103A (en) | Signalling process identification method and signalling process identification device | |
| CN105227540A (en) | A kind of MTD guard system of event-triggered and method | |
| CN111143844B (en) | Safety detection method and system for Internet of things equipment and related device | |
| CN105430623A (en) | Monitoring method, device and system for RCS junk message | |
| CN106899977B (en) | Abnormal flow detection method and device | |
| US20210058794A1 (en) | Abnormal traffic analysis apparatus, abnormal traffic analysis method, and abnormal traffic analysis program | |
| CN107343088B (en) | Information protection method of mobile terminal and mobile terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |