CN107835175B - Network connection tracking method adopting balanced binary tree algorithm - Google Patents
Network connection tracking method adopting balanced binary tree algorithm Download PDFInfo
- Publication number
- CN107835175B CN107835175B CN201711096312.7A CN201711096312A CN107835175B CN 107835175 B CN107835175 B CN 107835175B CN 201711096312 A CN201711096312 A CN 201711096312A CN 107835175 B CN107835175 B CN 107835175B
- Authority
- CN
- China
- Prior art keywords
- node
- binary tree
- nodes
- tree
- subtree
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2483—Traffic characterised by specific attributes, e.g. priority or QoS involving identification of individual flows
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
- H04L69/32—Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
- H04L69/322—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
- H04L69/329—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network connection tracking method adopting a balanced binary tree algorithm, which comprises the following steps: obtaining each connected five-tuple Y, said Y comprising: inserting the Y into a balanced binary tree by using a source IP, a target IP, a source port, a target port and a protocol; step S102, searching whether Y exists in the balanced binary tree T, and if Y exists, updating the current root node RXIf said Y is not present. The technical scheme provided by the invention has the advantages of realizing high-speed connection matching under limited memory and tracking network connection by application layer equipment such as a firewall and the like.
Description
Technical Field
The invention relates to the field of information security, in particular to a network connection tracking method adopting a balanced binary tree algorithm.
Background
The prior art provides an optimization method for connection tracking under a netfilter frame, and provides an optimization method for connection tracking under the netfilter frame, which comprises the following steps: defining and initializing a current connection tracking number M, a maximum connection tracking number Mmax, a currently applied connection tracking number N and a maximum applied connection tracking number Nmax, wherein Nmax is more than Mmax; when a new application for connection tracking, add 1 to N, judge M > Mmax? If so, creating a new connection trace after aging treatment; if not, then judge N > Nmax? If yes, returning an error, otherwise, creating a new connection track; after the newly applied connection trace is confirmed, M is added with 1 and added into the confirmed connection trace linked list. The embodiment of the invention ensures the number of effective connection tracking; the exception handling is optimized; the responsibility of connection tracking in two stages of alloc initialization and confirm is clarified; the normal internet surfing is ensured, and resources with good speed can be well reserved during downloading.
The prior art further provides a system and a method for identifying network traffic based on dynamic packet sampling, and provides a method and a system for tracking network connection, where the method includes a connection tracking logic, where the connection tracking logic includes a table for processing unconfirmed connections and a table for processing confirmed connections, and the method includes the following steps: judging whether the unconfirmed connection meets the confirmation condition; if the confirmation condition is met, migrating to a table for processing the confirmed connection; and sequentially processing the connections in the list for processing the confirmed connections by the protocol stack. The invention utilizes a two-stage connection tracking table structure to minimize the occupation of limited network resources by invalid connections or meaningless connections, and simultaneously distinguishes data packets in advance so as to track the connection state of the data packets.
The prior art can not realize the high-speed connection matching under the limited memory and the problem that the application layer equipment such as a firewall tracks the network connection.
Disclosure of Invention
The application provides a network connection tracking method adopting a balanced binary tree algorithm. The method solves the problems that the technical scheme in the prior art can not realize high-speed connection matching under a limited memory and application layer equipment such as a firewall tracks network connection.
In one aspect, a network connection tracking method using a balanced binary tree algorithm is provided, the method comprising the following steps:
step S101, obtaining five-tuple Y of each connection, wherein Y comprises: inserting the Y into a balanced binary tree by using a source IP, a target IP, a source port, a target port and a protocol;
step S102, searching whether Y exists in the balanced binary tree T, and if Y exists, updating the current root node RXIf said Y is not present, step 103 and subsequent steps;
step S103, judging whether the number of the nodes in the balanced binary tree T has vacancy or not, if the number of the nodes in the balanced binary tree T has no vacancy, finishing the operation, and if the number of the nodes in the balanced binary tree T has vacancy, judging the RXWhether or not data is present, e.g. RXAbsence of data, inserting data into said RXStep 105 and the subsequent steps are executed; such as RXPresence data, perform step S104;
step S104, the Y and the five-tuple X of the current root nodeXBy comparison, if Y<Xx, entering the left child node Rx-1 of the Rx and then performing the step D, if Y is>Xx, entering a right child node Rx +1 of the Rx, then performing step D, and if Y is equal to Xx, updating data of the current root node Rx;
step S105, determining the balance inversion sequence of the binary tree to be F1 or F2 according to the state;
the right subtree of the current root node is marked as R, and the left subtree of the current root node is marked as L;
f1, if the number of the nodes of the right subtree of R is larger than that of the nodes of L, turning the binary tree T to the left, if the number of the nodes of the left subtree of R is larger than that of the nodes of L, turning R to the right first, updating the node information of R, and then turning the binary tree T to the left;
f2, if the number of the nodes of the left sub-tree of the L is larger than that of the nodes of the R, turning the binary tree T to the right, if the number of the nodes of the right sub-tree of the L is larger than that of the nodes of the R, turning the L to the left first, updating the node information of the L, and then turning the binary tree T to the right;
step S106, turning over the child nodes, specifically comprising:
taking the left sub-tree of the current root node as a root node, turning over the left sub-tree in the step F, and updating the information of the left sub-tree;
taking the right subtree of the current root node as a root node, and turning over the right subtree in the step F to update the information of the right subtree;
step S107, after data processing is carried out in the double linked list, the quintuple of the current data is moved to the head node of the time linked list in the double linked list;
and step S108, deleting the quintuple in the balanced binary tree and deleting the quintuple in the doubly linked list when the connection is finished.
Optionally, the searching whether the Y exists in the balanced binary tree T includes:
a comparison is made between Y and Xx,
if Y < Xx, enter the left child node Rx-1 of the root node Rx and compare,
if Y > Xx, the right child node Rx +1 entering the root node Rx is compared,
if Y ═ Xx, then said Y is present in the binary tree T; and if the node is empty, the Y does not exist in the binary tree T.
Optionally, the balancing whether the number of nodes in the binary tree T is empty includes:
if the current node number N is larger than or equal to the maximum node number M, no binary tree node is left;
if N < M, the nodes of the binary tree have residue.
Optionally, when the connection is ended, deleting the five-tuple in the balanced binary tree and deleting the five-tuple in the doubly linked list, including:
firstly, searching a node A needing to be deleted, and checking whether the node A has a left subtree and a right subtree or not;
if the left and right subtrees do not exist, the node A is directly deleted.
If only the left sub-tree or the right sub-tree exists, deleting the node A and replacing the node A by using the child node of the node A;
if the left subtree and the right subtree exist, deleting the node A, selecting the right child node with a large value to replace the node A according to conditions, and updating the content of the time chain table.
In a second aspect, there is provided a computer program product comprising a non-transitory computer readable storage medium having a computer program stored thereon, the computer program being operable to cause a computer to perform the method of the first aspect.
In a third aspect, a computer-readable storage medium storing a computer program for electronic data exchange, wherein the computer program causes a computer to perform the method of the first aspect.
The technical scheme provided by the invention can complete insertion, matching and deletion at a higher speed by performing connection tracking on the balanced binary tree, and the increase speed of the matching speed of the connection tracking is n times under the condition that the connection number is increased by 2 n-1. After the balanced binary tree is used for connection tracking, because the calculation method is stable and can be estimated, the consumed memory and time can be accurately calculated and controlled without being influenced by the change of flow addresses in the network, and the matching speed is stable and unchanged no matter whether the quintuple is centralized or scattered.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of a network connection tracking method using a balanced binary tree algorithm according to a first preferred embodiment of the present invention;
fig. 2 is a block diagram of a network connection tracking system according to a second preferred embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a network connection tracking method using a balanced binary tree algorithm according to a first preferred embodiment of the present invention, where the method is shown in fig. 1 and includes the following steps:
A. and acquiring a five-tuple { source IP, target IP, source port, target port and protocol } of each connection, marking as Y, and inserting the connection Y into the balanced binary tree.
And B, marking the binary tree as T, marking the maximum node number of the binary tree as M, marking the current node number as N, marking the current root node as Rx, and marking the current root node quintuple as Xx.
C, searching whether Y exists in the binary tree T:
the specific way of executing C may be:
y is compared to Xx.
If Y < Xx, enter the left child node Rx-1 of the root node Rx and compare.
If Y > Xx, the right child node Rx +1 of the root node Rx is entered and compared.
If Y is Xx, it is indicated that Y exists in the binary tree T, and only the data of the current root node Rx needs to be updated; and if the node is empty, the fact that Y does not exist in the binary tree T is indicated, and the step D is carried out.
D: and judging whether the number of the nodes in the binary tree T is vacant or not.
The specific way of executing D may be: comparison of N with M is performed.
If N is larger than or equal to M, the nodes of the binary tree are not remained, and no processing is performed.
If N < M, judging whether data exists in current root node Rx, namely whether data can be inserted. If Rx has data, executing step E; and if the Rx does not have data, inserting the data into the Rx, and performing the step F to overturn the binary tree.
E, comparing the quintuple Y with the quintuple Xx.
If Y < Xx, enter the left child node Rx-1 of the root node Rx and then go to step D.
And if Y is larger than Xx, entering the right child node Rx +1 of the root node Rx and then performing the step D.
If Y is equal to Xx, the description data is the same, and only the data of the current root node Rx needs to be updated.
And F, balanced inversion of the binary tree. The order of flipping is determined to be F1 or F2 according to the state.
The right sub-tree of the current root node is denoted as R and the left sub-tree of the current root node is denoted as L.
F1, updating R. And if the number of the nodes of the right subtree of the R is greater than that of the nodes of the L, turning the binary tree T leftwards. And if the number of the nodes of the left subtree of the R is greater than that of the nodes of the L, turning the R to the right, updating the node information of the R, and turning the binary tree T to the left. Otherwise, no processing is carried out;
f2, updating L. And if the number of the nodes of the left subtree of the L is greater than that of the nodes of the R, turning the binary tree T rightwards. And if the node number of the right sub-number of the L is larger than that of the R, turning the L to the left, updating the node information of the L, and turning the binary tree T to the right. Otherwise, no processing is performed.
G: and turning over the child nodes.
And F, taking the left sub-tree of the current root node as the root node, turning the left sub-tree in the step F, and updating the information of the left sub-tree.
And F, taking the right subtree of the current root node as the root node, turning the right subtree in the step F, and updating the information of the right subtree.
And F, the current root node turns the left subtree.
And F, the current root node turns the right subtree.
And H, after data processing is carried out in the double linked list, moving quintuple of the current data to a head node of the time linked list in the double linked list, and ensuring that the current accessed data is always arranged at the beginning of the time linked list.
I: when the connection is finished, deleting the quintuple in the balanced binary tree and deleting the quintuple in the doubly linked list.
Firstly, searching a node A needing to be deleted, and checking whether the node A has a left subtree and a right subtree.
If the left and right subtrees do not exist, the node A is directly deleted.
And if only the left sub-tree or the right sub-tree exists, deleting the node A and replacing the node A by using the child nodes of the node A.
If the left subtree and the right subtree exist, deleting the node A, and selecting the right child node with a large value to replace the node A according to conditions.
The contents of the time linked list are updated at the same time.
The invention has the beneficial effects that:
by performing connection tracing using a balanced binary tree, insertion, matching and deletion can be completed at a higher speed, and the matching speed of the connection tracing is increased by n times under the condition that the number of connections is increased by 2 n-1.
After the balanced binary tree is used for connection tracking, because the calculation method is stable and can be estimated, the consumed memory and time can be accurately calculated and controlled without being influenced by the change of flow addresses in the network, and the matching speed is stable and unchanged no matter whether the quintuple is centralized or scattered.
It should be noted that, for simplicity of description, the above-mentioned embodiments of the method are described as a series of acts or combinations, but those skilled in the art will recognize that the present invention is not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the invention. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required by the invention.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: flash Memory disks, Read-Only memories (ROMs), Random Access Memories (RAMs), magnetic or optical disks, and the like.
The content downloading method, the related device and the system provided by the embodiment of the present invention are described in detail above, and a specific example is applied in the text to explain the principle and the embodiment of the present invention, and the description of the above embodiment is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (5)
1. A network connection tracking method using a balanced binary tree algorithm, the method comprising the steps of:
step S101, obtaining five-tuple Y of each connection, wherein Y comprises: inserting the Y into a balanced binary tree by using a source IP, a target IP, a source port, a target port and a protocol;
step S102, searching whether Y exists in the balanced binary tree T, and if Y exists, updating the current root node RXIf said Y is not present, step 103 and subsequent steps;
step S103, judging whether the number of the nodes in the balanced binary tree T has vacancy or not, if the number of the nodes in the balanced binary tree T has no vacancy, finishing the operation, and if the number of the nodes in the balanced binary tree T has vacancy, judging the RXWhether or not data is present, e.g. RXAbsence of data, inserting data into said RXStep 105 and the subsequent steps are executed; such as RXPresence data, perform step S104;
step S104, the Y and the five-tuple X of the current root nodeXBy comparison, if Y<Xx, entering the left child node Rx-1 of the Rx and then performing the step D, if Y is>Xx, entering a right child node Rx +1 of the Rx, then performing step D, and if Y is equal to Xx, updating data of the current root node Rx;
step S105, determining the balance inversion sequence of the binary tree to be F1 or F2 according to the state;
the right subtree of the current root node is marked as R, and the left subtree of the current root node is marked as L;
f1, if the number of the nodes of the right subtree of R is larger than that of the nodes of L, turning the binary tree T to the left, if the number of the nodes of the left subtree of R is larger than that of the nodes of L, turning R to the right first, updating the node information of R, and then turning the binary tree T to the left;
f2, if the number of the nodes of the left sub-tree of the L is larger than that of the nodes of the R, turning the binary tree T to the right, if the number of the nodes of the right sub-tree of the L is larger than that of the nodes of the R, turning the L to the left first, updating the node information of the L, and then turning the binary tree T to the right;
step S106, turning over the child nodes, specifically comprising:
taking the left sub-tree of the current root node as the root node, performing step F1 to turn over the left sub-tree, and updating the information of the left sub-tree;
taking the right subtree of the current root node as a root node, and performing step F2 to turn the right subtree and update the information of the right subtree;
step S107, after data processing is carried out in the double linked list, the quintuple of the current data is moved to the head node of the time linked list in the double linked list;
and step S108, deleting the quintuple in the balanced binary tree and deleting the quintuple in the doubly linked list when the connection is finished.
2. The method of claim 1, wherein the finding whether the Y is present in a balanced binary tree T comprises:
a comparison is made between Y and Xx,
if Y < Xx, enter the left child node Rx-1 of the root node Rx and compare,
if Y > Xx, the right child node Rx +1 entering the root node Rx is compared,
if Y ═ Xx, then said Y is present in the binary tree T; and if the node is empty, the Y does not exist in the binary tree T.
3. The method of claim 1, wherein balancing whether the number of nodes in the binary tree T is free comprises:
if the current node number N is larger than or equal to the maximum node number M, no binary tree node is left;
if N < M, the nodes of the binary tree have residue.
4. The method according to claim 1, wherein deleting the quintuple in the balanced binary tree when the connection is ended and deleting the quintuple in the doubly linked list comprises:
firstly, searching a node A needing to be deleted, and checking whether the node A has a left subtree and a right subtree or not;
if the left and right subtrees do not exist, the node A is directly deleted;
if only a left sub-tree or a right sub-tree exists, deleting the node A and replacing the node A by using the child node of the node A;
if the left subtree and the right subtree exist, deleting the node A, selecting the right child node with a large value to replace the node A according to conditions, and updating the content of the time chain table.
5. A computer-readable storage medium, characterized in that it stores a computer program for electronic data exchange, wherein the computer program causes a computer to perform the method according to any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711096312.7A CN107835175B (en) | 2017-11-09 | 2017-11-09 | Network connection tracking method adopting balanced binary tree algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711096312.7A CN107835175B (en) | 2017-11-09 | 2017-11-09 | Network connection tracking method adopting balanced binary tree algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107835175A CN107835175A (en) | 2018-03-23 |
| CN107835175B true CN107835175B (en) | 2020-09-22 |
Family
ID=61654085
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711096312.7A Active CN107835175B (en) | 2017-11-09 | 2017-11-09 | Network connection tracking method adopting balanced binary tree algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107835175B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109445763B (en) * | 2018-10-25 | 2022-02-01 | 长沙新弘软件有限公司 | Unbalanced binary tree construction method based on binary boundary value calculation |
| CN109787755B (en) * | 2018-12-14 | 2021-11-12 | 魏勇 | Key generation method, key generation device and electronic equipment |
| CN113778948A (en) * | 2021-09-01 | 2021-12-10 | 中国人民银行清算总中心 | Message persistent storage method and device |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1493040A (en) * | 2001-02-24 | 2004-04-28 | �Ҵ���˾ | Global tree network for computing structures |
| CN1831830A (en) * | 2006-04-13 | 2006-09-13 | 复旦大学 | Topological structure optimization method of clock tree |
| CN1934561A (en) * | 2004-02-12 | 2007-03-21 | 城域信息包系统公司 | Restoration mechanism for network topologies |
| CN101068186A (en) * | 2007-06-05 | 2007-11-07 | 华为技术有限公司 | Customer end node network topological structure method and stream media distributing system |
| CN101188535A (en) * | 2007-12-06 | 2008-05-28 | 上海大学 | Method for identifying the section energy balance route of wireless sensor network based on 2-child tree |
| CN101436981A (en) * | 2007-11-13 | 2009-05-20 | 中国电信股份有限公司 | Domain name server system of extended IPv4 network |
| CN101554021A (en) * | 2006-08-02 | 2009-10-07 | 佛罗里达大学研究基金会股份有限公司 | Succinct representation of static packet classifiers |
| US7865608B1 (en) * | 2005-01-21 | 2011-01-04 | Oracle America, Inc. | Method and apparatus for fast and scalable matching of structured data streams |
| CN104253712A (en) * | 2013-06-26 | 2014-12-31 | 北京思普崚技术有限公司 | Method utilizing deep packet detection technology to carry out P2P network identification |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20050091611A (en) * | 2004-03-12 | 2005-09-15 | 삼성전자주식회사 | Method and apparatus for performing fast handover |
| KR101210273B1 (en) * | 2008-12-18 | 2012-12-10 | 한국전자통신연구원 | Method for composing On-Chip network topology |
| US9819575B2 (en) * | 2015-03-10 | 2017-11-14 | Dell Products Lp | Path selection based on error analysis |
| US9893979B2 (en) * | 2015-05-23 | 2018-02-13 | Cisco Technology, Inc. | Network topology discovery by resolving loops |
-
2017
- 2017-11-09 CN CN201711096312.7A patent/CN107835175B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1493040A (en) * | 2001-02-24 | 2004-04-28 | �Ҵ���˾ | Global tree network for computing structures |
| CN1934561A (en) * | 2004-02-12 | 2007-03-21 | 城域信息包系统公司 | Restoration mechanism for network topologies |
| US7865608B1 (en) * | 2005-01-21 | 2011-01-04 | Oracle America, Inc. | Method and apparatus for fast and scalable matching of structured data streams |
| CN1831830A (en) * | 2006-04-13 | 2006-09-13 | 复旦大学 | Topological structure optimization method of clock tree |
| CN101554021A (en) * | 2006-08-02 | 2009-10-07 | 佛罗里达大学研究基金会股份有限公司 | Succinct representation of static packet classifiers |
| CN101068186A (en) * | 2007-06-05 | 2007-11-07 | 华为技术有限公司 | Customer end node network topological structure method and stream media distributing system |
| CN101436981A (en) * | 2007-11-13 | 2009-05-20 | 中国电信股份有限公司 | Domain name server system of extended IPv4 network |
| CN101188535A (en) * | 2007-12-06 | 2008-05-28 | 上海大学 | Method for identifying the section energy balance route of wireless sensor network based on 2-child tree |
| CN104253712A (en) * | 2013-06-26 | 2014-12-31 | 北京思普崚技术有限公司 | Method utilizing deep packet detection technology to carry out P2P network identification |
Non-Patent Citations (7)
| Title |
|---|
| 《A Novel Key Management Scheme Supporting Network Dynamic Update in Wireless Sensor Network》;Sai Ji, Liping Huang ,Jin Wang;《International Journal of Grid and Distributed Computing》;20130215;全文 * |
| 《Kowari: A Platform for Semantic Web Storage and Analysis》;David Wood,Paul Gearon,Tom Adams;《XTech 2005 Conference》;20050314;全文 * |
| 《ε实数比较方法对平衡二叉树节点归并算法的影响》;高洪涛,林峰,颜永年;《清华大学学报(自然科学版) 》;20060703;全文 * |
| 《一种基于二叉树结构的入侵检测研究》;纪祥敏,纪祥敏,戴英侠,连一峰,刘青普戴英侠,连一峰,刘青普;《计算机应用研究》;20050810;全文 * |
| 《二叉树顺序存储结构探讨》;沈华;《电脑编程技巧与维护》;20141030;全文 * |
| 《几种BC网络上完全二叉树的嵌入研究》;刘钊;《中国博士学位论文全文数据库》;20161103;全文 * |
| 《基于P2P网络的分布式存储关键技术研究》;彭邓华;《湖南理工学院》;20170604;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107835175A (en) | 2018-03-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10021026B2 (en) | Incremental update of a shape graph | |
| CN109688057B (en) | Message forwarding method and device of segment routing network based on IPV6 | |
| CN109617927B (en) | Method and device for matching security policy | |
| CN107835175B (en) | Network connection tracking method adopting balanced binary tree algorithm | |
| US8312066B2 (en) | Hash collision resolution with key compression in a MAC forwarding data structure | |
| US10148571B2 (en) | Jump on a match optimization for longest prefix match using a binary search tree | |
| EP3193477A1 (en) | Data plane learning of bi-directional service chains | |
| US11012358B2 (en) | Forwarding table management | |
| US20130294450A1 (en) | Optimized trie-based address lookup | |
| CN110083746B (en) | Quick matching identification method and device based on character strings | |
| EP3145134A1 (en) | Lookup device, lookup configuration method and lookup method | |
| CN110557335B (en) | Ternary Content Addressable Memory (TCAM) table item processing method and device | |
| CN108259218A (en) | A kind of IP address distribution method and device | |
| WO2014047863A1 (en) | Generating a shape graph for a routing table | |
| RU2454008C2 (en) | Fitness based routing | |
| US10289384B2 (en) | Methods, systems, and computer readable media for processing data containing type-length-value (TLV) elements | |
| EP3384642B1 (en) | Forwarding table compression | |
| CN113037681A (en) | ACL rule management method, device, computer equipment and computer readable medium | |
| US8730961B1 (en) | System and method for optimizing router lookup | |
| US20160337232A1 (en) | Flow-indexing for datapath packet processing | |
| CN107870925B (en) | Character string filtering method and related device | |
| CN111641555B (en) | Route convergence method and device | |
| WO2022002123A1 (en) | Verification method and apparatus for network configuration | |
| CN113596098A (en) | Session retrieval method, device, equipment and computer-readable storage medium | |
| CN107948091B (en) | Method and device for classifying network packets |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP02 | Change in the address of a patent holder | ||
| CP02 | Change in the address of a patent holder |
Address after: Unit 308, unit a and B, MinLong Pavilion, New District Avenue, Mintai community, Minzhi street, Longhua District, Shenzhen City, Guangdong Province Patentee after: SHENZHEN CLOUDSECURITY TECHNOLOGY Co.,Ltd. Address before: 518000 Guangdong city of Shenzhen province Futian District North Road Home sculpture 27-33B Patentee before: SHENZHEN CLOUDSECURITY TECHNOLOGY Co.,Ltd. |
|
| CP02 | Change in the address of a patent holder | ||
| CP02 | Change in the address of a patent holder |
Address after: A708, Huibaojiang Building, No. 398, Minzhi Avenue, Minzhi Community, Longhua District, Shenzhen, Guangdong 518000 Patentee after: SHENZHEN CLOUDSECURITY TECHNOLOGY CO.,LTD. Address before: 518000 Unit 308, Minlongge A and B, New Area Avenue, Mintai Community, Minzhi Street, Longhua District, Shenzhen City, Guangdong Province Patentee before: SHENZHEN CLOUDSECURITY TECHNOLOGY CO.,LTD. |