CN109379256B - Ethernet data packet capturing and analyzing method and device and storage medium - Google Patents
Ethernet data packet capturing and analyzing method and device and storage medium Download PDFInfo
- Publication number
- CN109379256B CN109379256B CN201811617664.7A CN201811617664A CN109379256B CN 109379256 B CN109379256 B CN 109379256B CN 201811617664 A CN201811617664 A CN 201811617664A CN 109379256 B CN109379256 B CN 109379256B
- Authority
- CN
- China
- Prior art keywords
- data packet
- data packets
- packet
- capturing
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/02—Capturing of monitoring data
- H04L43/028—Capturing of monitoring data by filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
- H04L43/045—Processing captured monitoring data, e.g. for logfile generation for graphical visualisation of monitoring data
Landscapes
- Engineering & Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for capturing and analyzing Ethernet data packets, a device thereof and a storage medium, wherein some irrelevant data packets can be filtered out by setting the filtering conditions of the data packets, thereby avoiding unnecessary occupation of the bandwidth of network transmission and improving the capturing efficiency of the data packets; by analyzing the captured data packets and counting the captured data packets, the situation of the captured data packets can be grasped in detail, so that a reliable reference is provided for processing the data packets. The capture analysis method of the invention can rapidly capture the data packet on the software level, improve the reliability of processing the data packet, does not need to upgrade hardware, and reduces the use cost while improving the application efficiency.
Description
Technical Field
The invention relates to the technical field of internet communication, in particular to a method and a device for capturing and analyzing an Ethernet data packet and a storage medium.
Background
With the rapid development of internet communication technology, the network speed is also greatly improved, the data traffic of the network is also increased in the communication process, most of the existing internet communication is performed in the form of data packets, and many applications require data packet-based capture. With the increase of data flow, the requirements for capturing speed and stability of data packets become higher, and the requirements for hardware performance are increased, but because the existing common data packet capturing method is single, the use cost is inevitably increased to adapt to the increase. Therefore, it is necessary to provide a method for capturing data packets quickly and improving the reliability of processing the data packets at the software level.
Disclosure of Invention
In order to solve the above problems, an object of the present invention is to provide a method, an apparatus, and a storage medium for capturing and analyzing an ethernet packet, which can rapidly capture the packet and improve the reliability of processing the packet.
The technical scheme adopted by the invention for solving the problems is as follows:
in a first aspect, an embodiment of the present invention provides an ethernet packet capturing and analyzing method, including:
establishing an Ethernet connection;
setting a filtering condition of the data packet;
capturing a data packet;
analyzing each captured data packet;
and counting the captured data packets.
Further, the method also comprises displaying the information of the captured data packet.
Further, the displaying the captured information of the data packets is to scroll the information of the data packets on a screen, and render different types of data packets with different colors as a distinction.
Further, the information of the displayed data packet includes at least one of a sequence number, a capture time, a source MAC address, a destination MAC address, a length, a protocol type, a source IP address, and a destination IP address.
Further, the establishing the ethernet connection includes:
network card interface configuration is carried out, and all network card interfaces in the current network are searched;
and selecting one of the network card interfaces as a subsequent operation interface.
Further, continuously capturing the data packet before triggering the data packet end capturing signal; stopping capturing the data packet after the capturing signal of the data packet is triggered to end, and continuing capturing the data packet and emptying the previously captured data packet when the capturing signal of the data packet is triggered again.
Further, the analyzing each captured data packet includes:
classifying the data packets according to the protocol types of the data packets;
and analyzing the packet number, the link layer data and the protocol header of the data packet.
Further, the counting the captured data packets includes:
classifying the data packets according to the protocol types of the data packets;
and counting the number of each type of data packet and the total number of all data packets.
In a second aspect, an embodiment of the present invention further provides an ethernet packet capturing and analyzing system, including:
a connection unit for establishing an ethernet connection;
the filtering unit is used for setting the filtering condition of the data packet;
a capturing unit for capturing the data packet;
the analysis unit is used for analyzing each captured data packet;
and the counting unit is used for counting the captured data packets.
Further, the device also comprises a display unit for displaying the information of the captured data packet.
In a third aspect, an embodiment of the present invention further provides an ethernet packet capturing and analyzing apparatus, including:
at least one processor;
and a memory communicatively coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method according to the first aspect of the invention.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, wherein the computer-readable storage medium stores computer-executable instructions for causing a computer to execute the method according to the first aspect of the present invention.
The one or more technical schemes provided by the embodiment of the invention have at least the following beneficial effects that the Ethernet data packet capturing and analyzing method adopted in the technical scheme of the invention can filter some irrelevant data packets by setting the filtering condition of the data packets, thereby avoiding unnecessary occupation of the bandwidth of network transmission and improving the capturing efficiency of the data packets; by analyzing the captured data packets and counting the captured data packets, the situation of the captured data packets can be grasped in detail, so that a reliable reference is provided for processing the data packets. The capture analysis method of the invention can rapidly capture the data packet on the software level, improve the reliability of processing the data packet, does not need to upgrade hardware, and reduces the use cost while improving the application efficiency.
According to the Ethernet data packet capturing and analyzing system adopted in the technical scheme, the filtering conditions of the data packets are set through the filtering unit, some irrelevant data packets can be filtered, unnecessary occupation of network transmission bandwidth is avoided, and the capturing efficiency of the data packets is improved; by analyzing the captured data packet by the analyzing unit and counting the captured data packet by the counting unit, the condition of the captured data packet can be grasped in detail, thereby providing reliable reference for processing the data packet. The capture analysis system, the device and the storage medium thereof can rapidly capture the data packet on the software level, improve the reliability of processing the data packet, do not need to upgrade hardware, and reduce the use cost while improving the application efficiency.
Drawings
The invention is further illustrated with reference to the following figures and examples.
FIG. 1 is a flow diagram of one embodiment of an Ethernet packet capture analysis method of the present invention;
FIG. 2 is a flow chart of the Ethernet connection establishment in one embodiment of the Ethernet packet capture analysis method of the present invention;
FIG. 3 is a flow chart of the analysis of each captured packet in an embodiment of the Ethernet packet capture analysis method of the present invention;
FIG. 4 is a flow chart of statistics on captured packets in an embodiment of the Ethernet packet capture analysis method of the present invention;
FIG. 5 is a flow chart of another embodiment of an Ethernet packet capture analysis method of the present invention;
FIG. 6 is a schematic diagram of an Ethernet packet capture analysis system in accordance with an embodiment of the invention;
fig. 7 is a schematic structural diagram of an ethernet packet capturing and analyzing apparatus according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
It should be noted that, if not conflicted, the various features of the embodiments of the invention may be combined with each other within the scope of protection of the invention. Additionally, while functional block divisions are performed in apparatus schematics, with logical sequences shown in flowcharts, in some cases, steps shown or described may be performed in sequences other than block divisions in apparatus or flowcharts.
With the rapid development of internet communication technology, the network speed is also greatly improved, the data traffic of the network is also increased in the communication process, most of the existing internet communication is performed in the form of data packets, and many applications require data packet-based capture. With the increase of data flow, the requirements for capturing speed and stability of data packets become higher, and the requirements for hardware performance are increased, but because the existing common data packet capturing method is single, the use cost is inevitably increased to adapt to the increase. Therefore, it is necessary to provide a method for capturing data packets quickly and improving the reliability of processing the data packets at the software level.
Based on the above, the invention provides an Ethernet data packet capturing and analyzing method, which can filter some irrelevant data packets by setting the filtering conditions of the data packets, avoid unnecessary occupation of the bandwidth of network transmission and improve the capturing efficiency of the data packets; by analyzing the captured data packets and counting the captured data packets, the situation of the captured data packets can be grasped in detail, so that a reliable reference is provided for processing the data packets. The capture analysis method of the invention can rapidly capture the data packet on the software level, improve the reliability of processing the data packet, does not need to upgrade hardware, and reduces the use cost while improving the application efficiency.
The embodiments of the present invention will be further explained with reference to the drawings. The embodiment of the invention is realized based on a Qt tool, wherein the Qt is a cross-platform C + + application program framework, supports various operating systems, and can simultaneously support desktop program development, embedded program development and mobile program development. The code is only written once and can be transplanted to different platforms. The advantages of Qt over other application frameworks, including good cross-platform and portability, greatly increase its range of application. Meanwhile, Qt is an object-oriented application program framework, and a good packaging mechanism enables the modularization degree to be high. Furthermore, there are many communication modes in the Qt environment, and common ones include TCP/IP and UDP communication based on the network. The Qt tool has good encapsulation, portability and cross-platform performance, and greatly enhances the expandability of software.
In addition, the embodiment of the invention also uses a WinPcap tool. WinPcap is an open source library based on the Win32 platform for capturing and analyzing network packets, and most network applications access the network through widely used operating system elements, such as sockets. This is a simple implementation because the operating system has already properly handled the underlying implementation details (e.g., protocol processing, encapsulating packets, etc.) and provides a familiar interface similar to reading and writing files. However, sometimes this "simple approach" does not meet the task requirements, as some applications need to directly access the packets in the network. That is, those applications need to access the original packets, i.e., packets that have not been processed by the operating system using the network protocol. The purpose of WinPcap generation is to provide this access for Win32 applications.
Referring to fig. 1, a first embodiment of the present invention provides an ethernet packet capture analysis method, including but not limited to the following steps:
s100, establishing Ethernet connection;
s200, setting the filtering condition of the data packet;
s300, capturing a data packet;
s400, analyzing each captured data packet;
and S500, counting the captured data packets.
In the embodiment, by setting the filtering condition of the data packet, some irrelevant data packets can be filtered, thereby avoiding unnecessary occupation of the bandwidth of network transmission and improving the capturing efficiency of the data packet; by analyzing the captured data packets and counting the captured data packets, the situation of the captured data packets can be grasped in detail, so that a reliable reference is provided for processing the data packets.
Further, based on the first embodiment, a second embodiment of the present invention further provides an ethernet packet capturing and analyzing method, wherein the method further includes the following steps:
and S600, displaying the information of the captured data packet.
In this embodiment, the captured data packet is displayed, so that a background developer can conveniently perform real-time monitoring, grasp the captured data packet in real time, and conveniently process the data packet, for example, optimize software or perform troubleshooting work. The display is realized by a Qt tool, the realization form comprises a list and the like, and the displayed carrier only needs to use a common display screen.
Further, based on the second embodiment, the third embodiment of the present invention further provides an ethernet packet capturing and analyzing method, wherein the displaying the captured information of the packet is to scroll the information of the packet on a screen, and render different types of packets with different colors as a distinction.
Because the number of the ethernet data packets is huge, in the embodiment, the information of the data packets is displayed in a rolling display mode, if the information of the previous data packets needs to be viewed, page turning or rolling viewing can be performed, and the integrity of information display of the data packets is ensured. In addition, different colors are used for rendering different types of data packets for distinguishing, so that the information display of the data packets is more visual, a background developer can check the information conveniently, and the development or maintenance efficiency is improved. If the information of a single data packet is excessive, all the information of the data packet can be displayed by a small area window of the screen through selecting the single data packet, and the size of the area window can be freely adjusted according to the information quantity required to be displayed.
Further, based on the second or third embodiment, a fourth embodiment of the present invention further provides a method for capturing and analyzing an ethernet packet, wherein the displayed information of the packet includes a sequence number, a capturing time, a source MAC address, a destination MAC address, a length, a protocol type, a source IP address, and a destination IP address, and basically has all common information of the packet.
Further, referring to fig. 2, based on the first embodiment, a fifth embodiment of the present invention further provides an ethernet packet capturing and analyzing method, wherein the step S100 of establishing an ethernet connection specifically includes the following steps:
s110, network card interface configuration is carried out, and all network card interfaces in the current network are searched;
and S120, selecting one of the network card interfaces as a subsequent operation interface.
In this embodiment, network card interface configuration is performed through WinPcap, all network card interfaces in the current network are found, and one of the network card interfaces is selected as a subsequent operation interface, so that ethernet connection is established. A menu of 'please select a network card interface' can pop up in the interface, and the operation is a necessary option, if the network card is not selected, prompt information can pop up. By selecting a network card as a subsequent operation interface, the target of data packet capture can be established, and the uniqueness of a communication channel is ensured.
Further, based on the first embodiment, a sixth embodiment of the present invention further provides an ethernet packet capturing and analyzing method, wherein before triggering a packet end capturing signal, the packet is captured continuously; stopping capturing the data packet after the capturing signal of the data packet is triggered to end, and continuing capturing the data packet and emptying the previously captured data packet when the capturing signal of the data packet is triggered again.
In this embodiment, after stopping the data packet capturing, if a new round of data packet capturing is performed again, the previously captured data packet is emptied, so as to avoid interference of information of an old data packet on information of the new round of captured data packet and disturbance of subsequent analysis and statistics of the data packet. The trigger data packet capturing signal or the data packet capturing ending signal is realized based on the Qt tool signal and the slot mechanism, and the realization mode can be a button, a computer key and the like.
Further, referring to fig. 3, based on the first embodiment, a seventh embodiment of the present invention further provides an ethernet packet capturing and analyzing method, wherein the S400 analyzes each captured packet, specifically including the following steps:
s410, classifying the data packets according to the protocol types of the data packets;
and S420, analyzing the packet number, the link layer data and the protocol header of the data packet.
In this embodiment, the captured data packets are first classified, for example, into ARP protocol type data packets, UDP protocol type data packets, and the like; and the link layer data comprises source MAC, destination MAC, etc.; for the ARP protocol type data packet, the ARP protocol header comprises a hardware type, a protocol type, a hardware address length, a protocol address length, an operation code, a sender MAC, a sender IP, a receiver MAC and a receiver IP. And for the UDP protocol type data packet, an IP protocol header and a UDP protocol header are included. The IP protocol header includes version, IP header length, service type, total length, identification, flags, segment offset, lifetime, protocol header checksum, source IP, destination IP. The UDP header includes a source port, a destination port, a total length, and a checksum. It should be noted that the types of the data packets are not limited to 2 described in this embodiment, and may be TCP packets, HTTP packets, and the like; meanwhile, the protocol header of each type of packet may include one or more items described in this embodiment.
Further, referring to fig. 4, based on the first embodiment, an eighth embodiment of the present invention further provides an ethernet packet capturing and analyzing method, wherein the step S500 of performing statistics on the captured packet specifically includes the following steps:
s410, classifying the data packets according to the protocol types of the data packets;
and S510, counting the number of each type of data packet and the total number of all the data packets.
In this embodiment, the types of the data packets may be TCP packets, HTTP packets, UDP packets, ARP packets, ICMP packets, IPV4 packets, or other packets, and by counting the number of each type of data packet and the total number of all data packets, classification and judgment on the conditions of the data packets captured this time can be facilitated, and the conditions of the data packets captured this time can also be reflected as a whole.
In addition, referring to fig. 5, the ninth embodiment of the present invention further provides an ethernet packet capturing and analyzing method, including but not limited to the following steps:
s710, using WinPcap to configure network card interfaces, searching all network card interfaces in the current network, and selecting one network card interface as a subsequent operation interface;
s720, setting the filtering condition of the data packet according to the statement of the specified format;
s730, capturing the data packet by using WinPcap;
s740, classifying the data packets according to the protocol types of the data packets, analyzing the packet numbers, the link layer data and the protocol headers of the data packets, and counting the number of each type of data packets and the total number of all the data packets;
and S750, scrolling and displaying the captured information of the data packet, and rendering different colors of the data packet according to the protocol type for distinguishing.
In the embodiment, by setting the filtering condition of the data packet, some irrelevant data packets can be filtered, thereby avoiding unnecessary occupation of the bandwidth of network transmission and improving the capturing efficiency of the data packet; by analyzing the captured data packets and counting the captured data packets, the situation of the captured data packets can be grasped in detail, so that a reliable reference is provided for processing the data packets. The capture analysis method of the invention can rapidly capture the data packet on the software level, improve the reliability of processing the data packet, does not need to upgrade hardware, and reduces the use cost while improving the application efficiency.
Further, referring to fig. 6, a tenth embodiment of the present invention provides an ethernet packet capturing and analyzing system, including:
a connection unit for establishing an ethernet connection;
the filtering unit is used for setting the filtering condition of the data packet;
a capturing unit for capturing the data packet;
the analysis unit is used for analyzing each captured data packet;
the statistic unit is used for carrying out statistics on the captured data packets;
and the display unit is used for displaying the captured information of the data packet.
It should be noted that, since the ethernet packet capturing and analyzing system in the present embodiment is based on the same inventive concept as the ethernet packet capturing and analyzing method, the contents of the corresponding methods in the first to ninth embodiments are also applicable to the present embodiment, and are not described in detail herein.
Referring to fig. 7, an eleventh embodiment of the present invention further provides an ethernet packet capturing and analyzing apparatus, including:
at least one processor;
and a memory communicatively coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform any one of the methods of ethernet packet capture analysis as described in any one of the first to ninth embodiments above.
The device can be any type of intelligent terminal, such as a mobile phone, a tablet computer, a personal computer, and the like.
The processor and memory may be connected by a bus or other means, such as by a bus in FIG. 7.
The memory, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules corresponding to the ethernet packet capture analysis method in the embodiments of the present invention. The processor executes various functional applications and data processing of the ethernet packet capturing and analyzing device by running non-transitory software programs, instructions and modules stored in the memory, that is, the ethernet packet capturing and analyzing method of any one of the above method embodiments is implemented.
The memory may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created from use of the ethernet packet capture analysis device, and the like. Further, the memory may include high speed random access memory, and may also include non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory remotely located from the processor, and the remote memory may be connected to the ethernet packet capture analysis device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory and, when executed by the one or more processors, perform the ethernet packet capture analysis method in any of the method embodiments described above, e.g., performing method steps S100 through S600 in fig. 1, and method steps S710 through S750 in fig. 5, described above.
The eleventh embodiment of the present invention further provides a computer-readable storage medium, which stores computer-executable instructions, which are executed by one or more control processors, for example, by one of the processors in fig. 7, and can enable the one or more processors to execute one of the ethernet packet capture analysis methods in the above-described method embodiments, for example, execute the above-described method steps S100 to S600 in fig. 1, the method steps S110 to S120 in fig. 2, the method steps S410 to S420 in fig. 3, the method steps S410 to S510 in fig. 4, and the method steps S710 to S750 in fig. 5, so as to implement the functions of the respective modules of the ethernet packet capture analysis system in fig. 6.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, may be located in one place, or may be distributed over a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a general hardware platform, and certainly can also be implemented by hardware. It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware related to instructions of a computer program, which can be stored in a computer readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
While the preferred embodiments of the present invention have been described in detail, it will be understood by those skilled in the art that the foregoing and various other changes, omissions and deviations in the form and detail thereof may be made without departing from the scope of this invention.
Claims (7)
1. An ethernet packet capture analysis method, comprising:
establishing an Ethernet connection;
setting a filtering condition of the data packet;
capturing a data packet;
analyzing each captured data packet;
counting the captured data packets;
displaying the captured information of the data packet;
the captured information of the data packets is displayed in a rolling way on a screen, and different types of data packets are rendered by using different colors for distinguishing;
continuously capturing the data packet before triggering the data packet end capturing signal; stopping capturing the data packet after the capturing signal of the data packet is triggered to end, and continuing capturing the data packet and emptying the previously captured data packet when the capturing signal of the data packet is triggered again.
2. The method of claim 1, wherein the information of the displayed data packets comprises at least one of sequence number, capture time, source MAC address, destination MAC address, length, protocol type, source IP address and destination IP address.
3. The method according to claim 1, wherein the establishing an ethernet connection comprises:
network card interface configuration is carried out, and all network card interfaces in the current network are searched;
and selecting one of the network card interfaces as a subsequent operation interface.
4. The method of claim 1, wherein analyzing each captured packet comprises:
classifying the data packets according to the protocol types of the data packets;
and analyzing the packet number, the link layer data and the protocol header of the data packet.
5. The method of claim 1, wherein the performing statistics on the captured packets comprises:
classifying the data packets according to the protocol types of the data packets;
and counting the number of each type of data packet and the total number of all data packets.
6. An ethernet packet capture analysis apparatus, comprising:
at least one processor;
and a memory communicatively coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-5.
7. A computer-readable storage medium having stored thereon computer-executable instructions for causing a computer to perform the method of any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811617664.7A CN109379256B (en) | 2018-12-27 | 2018-12-27 | Ethernet data packet capturing and analyzing method and device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811617664.7A CN109379256B (en) | 2018-12-27 | 2018-12-27 | Ethernet data packet capturing and analyzing method and device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109379256A CN109379256A (en) | 2019-02-22 |
| CN109379256B true CN109379256B (en) | 2020-11-10 |
Family
ID=65372350
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811617664.7A Active CN109379256B (en) | 2018-12-27 | 2018-12-27 | Ethernet data packet capturing and analyzing method and device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109379256B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102244610A (en) * | 2011-06-24 | 2011-11-16 | 吉林中软吉大信息技术有限公司 | Method for resolving protocol by using capture data |
| CN108400910A (en) * | 2018-02-24 | 2018-08-14 | 上海康斐信息技术有限公司 | A kind of router realizes the method and system of network protocol analysis |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10616382B2 (en) * | 2016-09-02 | 2020-04-07 | Accedian Networks Inc. | Efficient capture and streaming of data packets |
-
2018
- 2018-12-27 CN CN201811617664.7A patent/CN109379256B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102244610A (en) * | 2011-06-24 | 2011-11-16 | 吉林中软吉大信息技术有限公司 | Method for resolving protocol by using capture data |
| CN108400910A (en) * | 2018-02-24 | 2018-08-14 | 上海康斐信息技术有限公司 | A kind of router realizes the method and system of network protocol analysis |
Non-Patent Citations (1)
| Title |
|---|
| 基于WinCE的网络数据包的捕获和解析;马俊功等;《网络安全技术与应用》;20100831(第8期);28-30 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109379256A (en) | 2019-02-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9185014B2 (en) | Real-time adaptive processing of network data packets for analysis | |
| CN109327357B (en) | Feature extraction method and device of application software and electronic equipment | |
| US9015822B2 (en) | Automatic invocation of DTN bundle protocol | |
| CN106656838A (en) | Data flow analyzing method and system | |
| CN101867932B (en) | Harmful information filtration system based on mobile Internet and method thereof | |
| CN108229159B (en) | Malicious code detection method and system | |
| CN110855493A (en) | Application topological graph drawing device for mixed environment | |
| CN111224894A (en) | Traffic collection marking method and system for iOS device | |
| CN113067810A (en) | Network packet capturing method, device, equipment and medium | |
| CN112822204A (en) | NAT detection method, device, equipment and medium | |
| CN112910725B (en) | Network flow detection method and device and computer readable storage medium | |
| CN109379256B (en) | Ethernet data packet capturing and analyzing method and device and storage medium | |
| US20150222529A1 (en) | Information transmission system, information communication apparatus, and information transmission apparatus | |
| Xiaoguang et al. | Packet capture and protocol analysis based on Winpcap | |
| CN114024758B (en) | Flow characteristic extraction method, system, storage medium and electronic equipment | |
| CN114650416B (en) | Hidden camera finding method based on Internet monitoring | |
| CN105577453A (en) | System and method for realizing application test of mobile terminals | |
| CN116016295A (en) | Ethernet performance monitoring method, system, industrial control equipment and storage medium | |
| CN114553546A (en) | Message capturing method and device based on network application | |
| CN108234425A (en) | A kind of virtual machine traffic monitoring method | |
| CN110752994B (en) | Traffic classification processing method, device, equipment and readable storage medium | |
| CN112640392A (en) | Trojan horse detection method, device and equipment | |
| CN113660134A (en) | Port detection method, device, electronic device and storage medium | |
| CN109617866B (en) | Industrial control system host session data filtering method and device | |
| CN111106977B (en) | Data stream detection method, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 211135 floor 1-3, auxiliary building, building 6, artificial intelligence Industrial Park, Nanjing City, Jiangsu Province Patentee after: Zhongke Nanjing mobile communication and computing Innovation Research Institute Address before: 211135 3rd floor, building 6, no.266 Chuangyan Road, Qilin high tech Zone, Nanjing City, Jiangsu Province Patentee before: INSTITUTE OF COMPUTING TECHNOLOGY, CHINESE ACADEMY OF SCIENCES, NANJING INSTITUTE OF MOBILE COMMUNICATIONS AND COMPUTING INNOVATION |