CN109257297B - Method for monitoring data directional flow - Google Patents

Method for monitoring data directional flow Download PDF

Info

Publication number
CN109257297B
CN109257297B CN201811377464.9A CN201811377464A CN109257297B CN 109257297 B CN109257297 B CN 109257297B CN 201811377464 A CN201811377464 A CN 201811377464A CN 109257297 B CN109257297 B CN 109257297B
Authority
CN
China
Prior art keywords
specific
specific user
monitoring
public security
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811377464.9A
Other languages
Chinese (zh)
Other versions
CN109257297A (en
Inventor
梁煜锋
徐冉
刘健文
周伟
廖飏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GUANGZHOU ZHUJIANG DIGITAL MEDIA GROUP CO Ltd
Original Assignee
GUANGZHOU ZHUJIANG DIGITAL MEDIA GROUP CO Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GUANGZHOU ZHUJIANG DIGITAL MEDIA GROUP CO Ltd filed Critical GUANGZHOU ZHUJIANG DIGITAL MEDIA GROUP CO Ltd
Priority to CN201811377464.9A priority Critical patent/CN109257297B/en
Publication of CN109257297A publication Critical patent/CN109257297A/en
Application granted granted Critical
Publication of CN109257297B publication Critical patent/CN109257297B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/20Traffic policing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5053Lease time; Renewal aspects

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a data directional flow monitoring method, which comprises connecting BOSS system of broadcast and television broadband operator with public security network monitoring system, setting specific user package in BOSS system according to specific user list of public security network monitoring, allocating specific IP address to specific user in specific user list through DHCP system, and forwards the data flow of these specific IP addresses to the public security network monitoring system through policy routing at the broadband egress, thereby realizing real-time monitoring of network data of specific users, greatly reducing investment of flow monitoring equipment for the public security network monitoring system, realizing intelligentization of data extraction and greatly reducing monitored data flow, the monitoring effect is guaranteed, meanwhile, the monitoring efficiency is greatly improved, and the equipment cost investment can be greatly reduced.

Description

Method for monitoring data directional flow
Technical Field
The invention relates to a method for identifying a sender of network data and monitoring the flow.
Background
As shown in fig. 1, in the prior art, broadcast and television broadband operators all forward all traffic to a policeman system network supervision center by splitting at an egress router physical layer, and do not perform any screening. However, with the explosive growth of internet information in recent years, broadband traffic also grows in a geometric progression, the traffic monitoring, analyzing and extracting of single or partial users from such huge data traffic is basically impossible, and the cost of manpower and material resources for realizing the monitoring and the analyzing is very large.
In addition, such huge data traffic is extracted manually at present, when the public security needs the data of a certain user, the equivalent IP address, the internet surfing time and the website access address are sent to the broadcasting and television broadband operator, and the broadcasting and television broadband operator manually checks the relevant system and then sends the system to the public security, so that the analysis of suspicious data by the public security system is not timely enough.
Disclosure of Invention
The invention aims to provide a data quantitative flow monitoring method which can automatically classify suspicious data and uniformly forward the suspicious data to a public security network monitoring system.
A method for monitoring data directional flow comprises the following steps:
the public security network monitoring system establishes a specific user list, is connected with the BOSS system and sends the specific user list to the BOSS system;
the BOSS system establishes a specific package for the users in the specific user list and sends the user information of the specific package to the DHCP system;
after receiving the information of a specific user of a specific package, the DHCP system establishes a client class (CLIENTCLASS) for the specific user and allocates a specific IP address section to the client class; after the terminal of a specific user is restarted, the terminal can reallocate the IP address in the specific IP address field to the specific user to replace the original IP address;
and setting a policy router to distinguish the data flow of a source IP address belonging to a specific user in the specific IP address field, and forwarding the data flow to a public security network monitoring system.
The data directional flow monitoring method comprises the steps of butt-jointing a BOSS system of a radio and television broadband operator with a public security network monitoring system, setting a specific user package in the BOSS system by the BOSS system according to a specific user list of the public security network monitoring, distributing specific IP addresses to specific users in the specific user list by a DHCP system, and forwarding data streams of the specific IP addresses to the public security network monitoring system by a policy route at a broadband outlet, wherein the operator only needs to transmit directional flow at present, the data processing amount is reduced to one dozen ten-thousandth of the original data processing amount, so that the real-time monitoring of network data of the specific users is realized, the public security network monitoring system can greatly reduce the investment of flow monitoring equipment, the equipment and the cost are also greatly reduced, the public security network monitoring system only extracts the network data of the specific users for monitoring, the extraction of the data is intelligentized, and the monitored data flow is greatly reduced, the monitoring effect is guaranteed, meanwhile, the monitoring efficiency is greatly improved, and the equipment cost investment can be greatly reduced.
Drawings
Fig. 1 is a schematic diagram of a raw data directional flow monitoring method.
Fig. 2 is a schematic diagram of a data directional traffic monitoring method according to the present invention.
Detailed Description
As shown in fig. 2, the directional traffic monitoring method is implemented by a directional traffic monitoring system, which includes a public security network monitoring system and a BOSS system communicated with the public security network monitoring system, one end of a policy router is connected to an HFC network, the other end of the policy router is connected to a broadband outlet, the public security network monitoring system and the policy router are interconnected through three layers, and a DHCP system is connected to the HFC network.
The public security network monitoring system establishes a specific user list by monitoring and recording the IP address of the sensitive content browsed in the network and the time period of continuously browsing the sensitive content.
The public security network monitoring system is in butt joint with the BOSS system, namely the BOSS system is authorized by a public security network monitoring team, the three layers of optical fibers are used for directly connecting network equipment of the public security network monitoring system, and a specific user name list is sent to the BOSS system; the BOSS system searches for a corresponding client in the BOSS system according to the IP address of a specific time period in a specific user list, and establishes a specific package for the client, wherein the package is that a set of services and products ordered by the client in the BOSS system is displayed to distinguish user identifications of the services and the products ordered by different users, and the user information of the client is sent to a DHCP system as specific user information; after receiving the information of a specific user, the DHCP system establishes a client class (CLIENTCLASS) for the specific user and allocates a specific IP address section to the client class; after the terminal of a specific user is restarted, the terminal can reallocate the IP address in the specific IP address field to the specific user to replace the original IP address; and setting a policy router to distinguish the data flow of a source IP address belonging to a specific user in the specific IP address field, and forwarding the data flow belonging to the specific user to the public security network monitoring system.
The data directional flow monitoring method comprises the steps of butt-jointing a BOSS system of a broadcasting and television broadband operator with a public security network monitoring system, setting a specific user package in the BOSS system according to a specific user list of the public security network monitoring system by the BOSS system, distributing a specific IP address to a specific user in the specific user list through a DHCP system, and forwards the data flow of these specific IP addresses to the public security network monitoring system through policy routing at the broadband egress, thereby realizing real-time monitoring of network data of specific users, greatly reducing investment of flow monitoring equipment for the public security network monitoring system, realizing intelligentization of data extraction and greatly reducing monitored data flow, the monitoring effect is guaranteed, meanwhile, the monitoring efficiency is greatly improved, and the equipment cost investment can be greatly reduced.

Claims (2)

1. A method for monitoring data directional flow comprises the following steps:
the public security network monitoring system establishes a specific user list, is connected with the BOSS system and sends the specific user list to the BOSS system;
the BOSS system establishes a specific package for the users in the specific user list and sends the user information of the specific package to the DHCP system;
after receiving the information of a specific user of a specific package, a DHCP system creates a client class for the specific user and allocates a specific IP address section to the client class; after the terminal of a specific user is restarted, the terminal can reallocate the IP address in the specific IP address field to the specific user to replace the original IP address;
setting a policy router to distinguish data streams of a source IP address belonging to a specific user in the specific IP address field, and forwarding the data streams to a public security network monitoring system;
the BOSS system establishes the specific package and sets a specific user identifier for the specific user in the specific user list.
2. The method for monitoring data directed traffic of claim 1, wherein: and establishing the specific user list according to the IP address of the sensitive content browsed in a specific time period.
CN201811377464.9A 2018-11-19 2018-11-19 Method for monitoring data directional flow Active CN109257297B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811377464.9A CN109257297B (en) 2018-11-19 2018-11-19 Method for monitoring data directional flow

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811377464.9A CN109257297B (en) 2018-11-19 2018-11-19 Method for monitoring data directional flow

Publications (2)

Publication Number Publication Date
CN109257297A CN109257297A (en) 2019-01-22
CN109257297B true CN109257297B (en) 2021-11-05

Family

ID=65043343

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811377464.9A Active CN109257297B (en) 2018-11-19 2018-11-19 Method for monitoring data directional flow

Country Status (1)

Country Link
CN (1) CN109257297B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107180400A (en) * 2017-04-26 2017-09-19 江苏新和网络科技发展有限公司 A kind of intelligent control system applied to public security bureau
CN107426046A (en) * 2016-05-24 2017-12-01 深圳市信锐网科技术有限公司 User's Internet data capturing analysis method and system
CN108156043A (en) * 2018-02-24 2018-06-12 浙江远望通信技术有限公司 A kind of video monitoring safety cut-in method based on white list and constraint set flow control
CN108632221A (en) * 2017-03-22 2018-10-09 华为技术有限公司 Position method, equipment and the system of the compromised slave in Intranet

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107426046A (en) * 2016-05-24 2017-12-01 深圳市信锐网科技术有限公司 User's Internet data capturing analysis method and system
CN108632221A (en) * 2017-03-22 2018-10-09 华为技术有限公司 Position method, equipment and the system of the compromised slave in Intranet
CN107180400A (en) * 2017-04-26 2017-09-19 江苏新和网络科技发展有限公司 A kind of intelligent control system applied to public security bureau
CN108156043A (en) * 2018-02-24 2018-06-12 浙江远望通信技术有限公司 A kind of video monitoring safety cut-in method based on white list and constraint set flow control

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
一种面向海量网络审计日志的敏感用户挖掘分析架构;李栋科;《网络空间安全》;20180425;第9卷(第4期);全文 *

Also Published As

Publication number Publication date
CN109257297A (en) 2019-01-22

Similar Documents

Publication Publication Date Title
CN102143035B (en) Data traffic processing method, network device and network system
CN1154326C (en) Interception system and method
EP3016329B1 (en) Service path allocation method, router and service execution entity
EP1715628A1 (en) A method for realizing the multicast service
CN1943190A (en) Flooding suppression method
CN102340409B (en) The management method of the network equipment
WO2008069458A1 (en) System for and method of providing iptv service in next generation network
CN102739457A (en) Network flow recognition system and method based on DPI (Deep Packet Inspection) and SVM (Support Vector Machine) technology
KR20040102162A (en) Method and apparatus for identifying transport streams as networks
WO2013178109A1 (en) Method for service content distribution under heterogeneous network and service management platform
CN112217771A (en) Data forwarding method and data forwarding device based on tenant information
CN106506391A (en) A kind of distribution method of network traffics and router
US11650994B2 (en) Monitoring network traffic to determine similar content
US20160380900A1 (en) Method and apparatus for managing traffic received from a client device in a communication network
CN109302642A (en) Collecting method and device
EP2792182B1 (en) Classification of intercepted internet payload
CN109257297B (en) Method for monitoring data directional flow
US9930411B2 (en) Networking method and networking device
CN107483970B (en) Method and equipment for determining hot live video
CN107294954A (en) Cloud pipe platform, the network log-in management system and method based on cloud pipe platform
CN104065656B (en) A kind of media stream data recognition methods
CN104883269A (en) Method and apparatus of treating AC logs
CN103686447B (en) Video transmission method and system
CN104579832B (en) A kind of OpenFlow network security detection methods and system
CN102752266A (en) Access control method and equipment thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant