CN111030999A - Method for extracting files based on network data packet - Google Patents
Method for extracting files based on network data packet Download PDFInfo
- Publication number
- CN111030999A CN111030999A CN201911117069.1A CN201911117069A CN111030999A CN 111030999 A CN111030999 A CN 111030999A CN 201911117069 A CN201911117069 A CN 201911117069A CN 111030999 A CN111030999 A CN 111030999A
- Authority
- CN
- China
- Prior art keywords
- tcp
- http
- session
- packet
- data packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/163—In-band adaptation of TCP data exchange; In-band control procedures
Abstract
The invention discloses a method for extracting files based on network data packets, which converts response data of remote resource services into request data of a virtual HTTP client by simulating the HTTP client, establishes relevance between a remote resource service TCP session and a virtual HTTP client TCP session, namely establishes a mapping relation between SEQ and ACK among 2 TCP sessions. The invention provides a method for extracting files based on a network data packet, which directly analyzes the network data packet, simulates request response of an HTTP client after session data of TCP and HTTP are extracted, directly forwards the network data packet to an HTTP server, and stores data by the HTTP server; the content of the network data packet can be extracted in real time by simulating the HTTP session without a large amount of extra storage or bandwidth, so that the real-time property is realized, and the storage and bandwidth resources are saved.
Description
Technical Field
The invention relates to the technical field of network communication, in particular to a method for extracting files based on a network data packet.
Background
In recent years, with the development of the internet, the number of internet users, the types of internet applications, the network bandwidth, and the like all show explosive growth. Guidelines for broadband operator network construction have shifted from traditional infrastructure-oriented construction to application-oriented requirements. By collecting and merging network data, the method not only can help operators to strengthen the safety management of the Internet, but also can improve the service quality and enhance the experience of users through data analysis and processing, and can construct a faster and better network.
At present, the extraction of network data usually adopts the steps of firstly extracting a resource path and then accessing and obtaining the resource path again according to needs, so that not only is bandwidth resources additionally consumed, but also real-time performance is not available; some data cannot be acquired secondarily; the extraction of the network data can also adopt a data mirroring mode to dump the data to a storage device, and analyze the session to restore and extract the data, so that the method has no real-time property, and the processing speed is slow or even the extraction fails due to a complex network environment.
Disclosure of Invention
The invention provides a method for extracting files based on a network data packet, which aims to solve the problem that the existing network data extraction is not real-time.
In order to realize the purpose, the technical scheme is as follows:
a method for extracting files based on network data packets comprises the following steps:
s1: analyzing the received network data packet, extracting the TCP quadruple of the data packet, and if the same TCP session already exists in the session table HTS, directly proceeding to step S6, and if the same TCP session does not exist in the session table HTS, proceeding to step S2;
s2: reading a network data packet from a session table HTS to perform HTTP header analysis, and if the network data packet is an HTTP request and the method is GET, temporarily storing the data packet into a temporary session table HTL; if the TCP session is an HTTP response and the same TCP session already exists in the temporary session table HTL, temporarily storing the data packet into the temporary session table HTL;
s3: simulating a TCP session between the virtual HTTP client and the receiving HTTP server through the handshake request and the handshake response to obtain a session table HTT;
s4: extracting an HTTP request packet and an HTTP response packet from a temporary session table HTL, storing a TCP quadruple, SEQ and ACK of the HTTP response packet into a session table HTS, and establishing a mapping rule with the TCP quadruple, SEQ and ACK in the session table HTT;
s5: converting the HTTP response packet into an HTTP request packet, wherein the request method is PUT, and the URL is the URL in the HTTP request packet;
s6: according to the mapping rule, replacing the data of the TCP message in the HTTP request packet, converting the data into a virtual HTTP client session, sending the reconstructed data packet to an HTTP server, and updating a session table HTT;
s7: and receiving a TCP message of the HTTP server, ending the session according to the network protocol specification when ending the termination message, and clearing the HTT and HTS records of the session table.
The TCP quadruplets in step S1 are the source IP address, the source port, the destination IP address and the destination port, respectively.
The response code of the HTTP response is 200 or 206.
Step S3 simulates a TCP session between the virtual HTTP client and the HTTP server:
s31: constructing a handshake request message of the TCP, wherein a target address is an IP address of the HTTP server, and a target port is a monitoring port of the HTTP server;
s32: sending a handshake request message of the TCP to an HTTP server;
s33: receiving a TCP handshake response of an HTTP server;
s34: constructing a handshake request message of the TCP and sending the handshake request message to the HTTP server;
s35: and storing the TCP quadruple, the SEQ and the ACK into a session table HTT to obtain the session table HTT.
The TCP flag of step S31 is SYN.
The TCP flag of step S33 is SYN + ACK.
The TCP flag of step S34 is ACK.
The TCP quadruple of the HTTP response packet in step S4 is different from the TCP quadruple of the session table HTT, and it is necessary to convert the SEQ in the remote resource service TCP session into the SEQ of the virtual HTTP client TCP session.
The mapping rule in step S6 is:
seqa2-seqa1=seqr2-seqr1
Seqa3-seqa2=seqr3-seqr2
seqa1, Seqa2, Seqa3 are in turn SEQ of a network packet TCP session
Seqr1, Seqr2, Seqr3 are in turn SEQ of a virtual HTTP client TCP session.
In step S6, according to the mapping rule, the session table HTT correspondence is used to replace the IP address, the port number, SEQ, and ACK in the TCP packet of the network packet with the virtual HTTP client TCP packet, thereby converting the TCP packet into an HTTP client session, sending the reconstructed packet to the HTTP server, and updating SEQ and ACK in the mapping table HTT.
By simulating the HTTP client, response data of the remote resource service is converted into request data of the virtual HTTP client, and the correlation is established between the TCP session of the remote resource service and the TCP session of the virtual HTTP client, namely the mapping relation between the SEQ and the ACK among 2 TCP sessions is established.
Compared with the prior art, the invention has the beneficial effects that:
the invention provides a method for extracting files based on a network data packet, which directly analyzes the network data packet, simulates request response of an HTTP client after session data of TCP and HTTP are extracted, directly forwards the network data packet to an HTTP server, and stores data by the HTTP server; the content of the network data packet can be extracted in real time by simulating the HTTP session without a large amount of extra storage or bandwidth, so that the real-time property is realized, and the storage and bandwidth resources are saved.
Drawings
FIG. 1 is a flow chart of the method of the present invention;
fig. 2 is a flow chart of packet parsing according to the present invention.
Detailed Description
The drawings are for illustrative purposes only and are not to be construed as limiting the patent;
the invention is further illustrated below with reference to the figures and examples.
Example 1
A method for extracting files based on network data packets comprises the following steps:
s1: analyzing the received network data packet, extracting the TCP quadruple of the data packet, and if the same TCP session already exists in the session table HTS, directly proceeding to step S6, and if the same TCP session does not exist in the session table HTS, proceeding to step S2;
s2: reading a network data packet from a session table HTS to perform HTTP header analysis, and if the network data packet is an HTTP request and the method is GET, temporarily storing the data packet into a temporary session table HTL; if the TCP session is an HTTP response and the same TCP session already exists in the temporary session table HTL, temporarily storing the data packet into the temporary session table HTL;
s3: simulating a TCP session between the virtual HTTP client and the receiving HTTP server through the handshake request and the handshake response to obtain a session table HTT;
s4: extracting an HTTP request packet and an HTTP response packet from a temporary session table HTL, storing a TCP quadruple, SEQ and ACK of the HTTP response packet into a session table HTS, and establishing a mapping rule with the TCP quadruple, SEQ and ACK in the session table HTT;
s5: converting the HTTP response packet into an HTTP request packet, wherein the request method is PUT, and the URL is the URL in the HTTP request packet;
s6: according to the mapping rule, replacing the data of the TCP message in the HTTP request packet, converting the data into a virtual HTTP client session, sending the reconstructed data packet to an HTTP server, and updating a session table HTT;
s7: and receiving a TCP message of the HTTP server, ending the session according to the network protocol specification when ending the termination message, and clearing the HTT and HTS records of the session table.
The TCP quadruplets in step S1 are the source IP address, the source port, the destination IP address and the destination port, respectively.
The response code of the HTTP response is 200 or 206.
Step S3 simulates a TCP session between the virtual HTTP client and the HTTP server:
s31: constructing a handshake request message of the TCP, wherein a target address is an IP address of the HTTP server, and a target port is a monitoring port of the HTTP server;
s32: sending a handshake request message of the TCP to an HTTP server;
s33: receiving a TCP handshake response of an HTTP server;
s34: constructing a handshake request message of the TCP and sending the handshake request message to the HTTP server;
s35: and storing the TCP quadruple, the SEQ and the ACK into a session table HTT to obtain the session table HTT.
The TCP flag of step S31 is SYN.
The TCP flag of step S33 is SYN + ACK.
The TCP flag of step S34 is ACK.
The TCP quadruple of the HTTP response packet in step S4 is different from the TCP quadruple of the session table HTT, and it is necessary to convert the SEQ in the remote resource service TCP session into the SEQ of the virtual HTTP client TCP session.
The mapping rule in step S6 is:
seqa2-seqa1=seqr2-seqr1
Seqa3-seqa2=seqr3-seqr2
seqa1, Seqa2, Seqa3 are in turn SEQ of a network packet TCP session
Seqr1, Seqr2, Seqr3 are in turn SEQ of a virtual HTTP client TCP session.
In step S6, according to the mapping rule, the session table HTT correspondence is used to replace the IP address, the port number, SEQ, and ACK in the TCP packet of the network packet with the virtual HTTP client TCP packet, thereby converting the TCP packet into an HTTP client session, sending the reconstructed packet to the HTTP server, and updating SEQ and ACK in the mapping table HTT.
By simulating the HTTP client, response data of the remote resource service is converted into request data of the virtual HTTP client, and the correlation is established between the TCP session of the remote resource service and the TCP session of the virtual HTTP client, namely the mapping relation between the SEQ and the ACK among 2 TCP sessions is established.
Example 2
In this embodiment, a method for extracting a file based on a network data packet is implemented in a kernel module manner on a kernel protocol stack of a FreeBSD operating system, a newly constructed data packet extraction module is hooked to an IP layer in a hook manner, and simulated TCP/HTTP session processing and the like are completed by a protocol stack processing module of the operating system itself and an HTTP server of an application layer.
Step 101, a data packet analysis module receives collected flow data packets of a client and a server, separates out a TCP data packet, and analyzes TCP four-tuple information;
step 102, the data packet analysis module searches the session table HTS, and if the session is currently processed, the data packet is transferred to the TCP conversion module;
step 103, the data packet analysis module continues to analyze the data packet, and if the data packet is not the HTTP request and response packet, the data packet is discarded;
step 104, if the HTTP request header exists, storing the data packet to a temporary session list HTL, and ending the processing;
step 105, if the HTTP response head is found, searching a temporary session table HTL, and if the HTTP response head is not found, finishing the processing; if the HTTP response header is found, saving the HTTP response header to a temporary session table HTL;
106, the virtual HTTP client module establishes TCP connection with the HTTP server and records the TCP session into a session table HTT;
step 107, the virtual HTTP client module extracts an HTTP request and a response header from the temporal session table HTL, changes the HTTP response header to a request header, and uses the PUT as a request method and the URL as a URL in the original HTTP request header;
step 108, the virtual HTTP client module calls a TCP conversion module and sends the data packet to an HTTP server;
the virtual HTTP client module handles interactions with the HTTP server.
Example 3
Original request header example:
GET/a.tar HTTP/1.1
Host:example.com
Accept:*/*。
example 4
Original reply header example:
HTTP/1.1 200 OK
Content-Length:3563520
[ data.
Example 5
Example of a translation request packet:
PUT/a.tar HTTP/1.1
Content-Length:3563520
[ data.
It should be understood that the above-described embodiments of the present invention are merely examples for clearly illustrating the present invention, and are not intended to limit the embodiments of the present invention. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. And are neither required nor exhaustive of all embodiments. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the claims of the present invention.
Claims (10)
1. A method for extracting files based on network data packets is characterized by comprising the following steps:
s1: analyzing the received network data packet, extracting the TCP quadruple of the data packet, and if the same TCP session already exists in the session table HTS, directly proceeding to step S6, and if the same TCP session does not exist in the session table HTS, proceeding to step S2;
s2: reading a network data packet from a session table HTS to perform HTTP header analysis, and if the network data packet is an HTTP request and the method is GET, temporarily storing the data packet into a temporary session table HTL; if the TCP session is an HTTP response and the same TCP session already exists in the temporary session table HTL, temporarily storing the data packet into the temporary session table HTL;
s3: simulating a TCP session between the virtual HTTP client and the receiving HTTP server through the handshake request and the handshake response to obtain a session table HTT;
s4: extracting an HTTP request packet and an HTTP response packet from a temporary session table HTL, storing a TCP quadruple, SEQ and ACK of the HTTP response packet into a session table HTS, and establishing a mapping rule with the TCP quadruple, SEQ and ACK in the session table HTT;
s5: converting the HTTP response packet into an HTTP request packet, wherein the request method is PUT, and the URL is the URL in the HTTP request packet;
s6: according to the mapping rule, replacing the data of the TCP message in the HTTP request packet, converting the data into a virtual HTTP client session, sending the reconstructed data packet to an HTTP server, and updating a session table HTT;
s7: and receiving a TCP message of the HTTP server, ending the session according to the network protocol specification when ending the termination message, and clearing the HTT and HTS records of the session table.
2. The method of claim 1, wherein the TCP quadruple in step S1 is a source IP address, a source port, a destination IP address and a destination port respectively.
3. The method of claim 2, wherein the response code of the HTTP response is 200 or 206.
4. The method for extracting files based on network data packets as claimed in claim 3, wherein the step of simulating the TCP session between the virtual HTTP client and the receiving HTTP server in step S3 comprises the steps of:
s31: constructing a handshake request message of the TCP, wherein a target address is an IP address of the HTTP server, and a target port is a monitoring port of the HTTP server;
s32: sending a handshake request message of the TCP to an HTTP server;
s33: receiving a TCP handshake response of an HTTP server;
s34: constructing a handshake request message of the TCP and sending the handshake request message to the HTTP server;
s35: and storing the TCP quadruple, the SEQ and the ACK into a session table HTT to obtain the session table HTT.
5. The method of claim 4, wherein the TCP flag in step S31 is SYN.
6. The method of claim 5, wherein the TCP flag in step S33 is SYN + ACK.
7. The method for extracting file based on network data packet as claimed in claim 6, wherein the TCP flag of step S34 is ACK.
8. The method for extracting file based on network data packet as claimed in claim 7, wherein the TCP quadruple of the HTTP response packet in step S4 is different from the TCP quadruple of the session table HTT, and it is required to convert SEQ in the remote resource service TCP session into SEQ in the virtual HTTP client TCP session.
9. The method for extracting files based on network data packets as claimed in claim 8, wherein the mapping rule in step S6 is:
seqa2-seqa1=seqr2-seqr1
Seqa3-seqa2=seqr3-seqr2
seqa1, Seqa2, Seqa3 are in turn SEQ of a network packet TCP session
Seqr1, Seqr2, Seqr3 are in turn SEQ of a virtual HTTP client TCP session.
10. The method according to claim 9, wherein in step S6, according to the mapping rule, the session table HTT mapping relationship is used to replace the IP address, the port number, SEQ, and ACK in the TCP packet of the network packet with the virtual HTTP client TCP packet, so as to convert the TCP packet into the HTTP client session, send the reconstructed packet to the HTTP server, and update SEQ and ACK in the mapping table HTT.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911117069.1A CN111030999B (en) | 2019-11-15 | 2019-11-15 | Method for extracting files based on network data packet |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911117069.1A CN111030999B (en) | 2019-11-15 | 2019-11-15 | Method for extracting files based on network data packet |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111030999A true CN111030999A (en) | 2020-04-17 |
| CN111030999B CN111030999B (en) | 2021-09-24 |
Family
ID=70200279
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911117069.1A Active CN111030999B (en) | 2019-11-15 | 2019-11-15 | Method for extracting files based on network data packet |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111030999B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111740996A (en) * | 2020-06-22 | 2020-10-02 | 四川长虹电器股份有限公司 | Method for rapidly splitting HTTP request and response in flow analysis scene |
| CN112039904A (en) * | 2020-09-03 | 2020-12-04 | 福州林科斯拉信息技术有限公司 | Network traffic analysis and file extraction system and method |
| CN113922984A (en) * | 2021-09-02 | 2022-01-11 | 成都安恒信息技术有限公司 | Network access identification and management and control method for client application |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6895510B1 (en) * | 1997-11-24 | 2005-05-17 | International Business Machines Corporation | Mutual internet authentication between a client and server utilizing a dummy IOP request |
| CN101072233A (en) * | 2007-03-30 | 2007-11-14 | 腾讯科技(深圳)有限公司 | Method and system for stimulating stateful connection based on stateless network protocol |
| CN101425938A (en) * | 2008-12-17 | 2009-05-06 | 福建星网锐捷网络有限公司 | Method and apparatus for network apparatus test |
| CN102291320A (en) * | 2011-09-29 | 2011-12-21 | 杭州华三通信技术有限公司 | MAC (media access control) address learning method and edge device |
| CN103607356A (en) * | 2013-11-14 | 2014-02-26 | 北京奇虎科技有限公司 | Load balancing method, load balancer and system thereof |
| CN103885877A (en) * | 2014-03-10 | 2014-06-25 | 烟台中科网络技术研究所 | Method and device for generating simulation browser testing script of HTTP |
| CN104468151A (en) * | 2013-09-13 | 2015-03-25 | 华耀(中国)科技有限公司 | System and method for keeping TCP (Transmission Control Protocol) session during cluster switching |
| CN109743357A (en) * | 2018-12-13 | 2019-05-10 | 杭州迪普科技股份有限公司 | A kind of successional implementation method of business access and device |
-
2019
- 2019-11-15 CN CN201911117069.1A patent/CN111030999B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6895510B1 (en) * | 1997-11-24 | 2005-05-17 | International Business Machines Corporation | Mutual internet authentication between a client and server utilizing a dummy IOP request |
| CN101072233A (en) * | 2007-03-30 | 2007-11-14 | 腾讯科技(深圳)有限公司 | Method and system for stimulating stateful connection based on stateless network protocol |
| CN101425938A (en) * | 2008-12-17 | 2009-05-06 | 福建星网锐捷网络有限公司 | Method and apparatus for network apparatus test |
| CN102291320A (en) * | 2011-09-29 | 2011-12-21 | 杭州华三通信技术有限公司 | MAC (media access control) address learning method and edge device |
| CN104468151A (en) * | 2013-09-13 | 2015-03-25 | 华耀(中国)科技有限公司 | System and method for keeping TCP (Transmission Control Protocol) session during cluster switching |
| CN103607356A (en) * | 2013-11-14 | 2014-02-26 | 北京奇虎科技有限公司 | Load balancing method, load balancer and system thereof |
| CN103885877A (en) * | 2014-03-10 | 2014-06-25 | 烟台中科网络技术研究所 | Method and device for generating simulation browser testing script of HTTP |
| CN109743357A (en) * | 2018-12-13 | 2019-05-10 | 杭州迪普科技股份有限公司 | A kind of successional implementation method of business access and device |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111740996A (en) * | 2020-06-22 | 2020-10-02 | 四川长虹电器股份有限公司 | Method for rapidly splitting HTTP request and response in flow analysis scene |
| CN111740996B (en) * | 2020-06-22 | 2021-06-22 | 四川长虹电器股份有限公司 | Method for rapidly splitting HTTP request and response in flow analysis scene |
| CN112039904A (en) * | 2020-09-03 | 2020-12-04 | 福州林科斯拉信息技术有限公司 | Network traffic analysis and file extraction system and method |
| CN113922984A (en) * | 2021-09-02 | 2022-01-11 | 成都安恒信息技术有限公司 | Network access identification and management and control method for client application |
| CN113922984B (en) * | 2021-09-02 | 2024-02-02 | 成都安恒信息技术有限公司 | Network access identification and control method for client application |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111030999B (en) | 2021-09-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111030999B (en) | Method for extracting files based on network data packet | |
| US9906630B2 (en) | Processing data packets in performance enhancing proxy (PEP) environment | |
| CN106815112B (en) | Massive data monitoring system and method based on deep packet inspection | |
| JP3953109B2 (en) | Client / server communication system | |
| US7664067B2 (en) | Preserving socket connections over a wireless network | |
| CN103780610A (en) | Network data recovery method based on protocol characteristics | |
| US20060248195A1 (en) | Computer system with a packet transfer device using a hash value for transferring a content request | |
| US20150304459A1 (en) | Method and system of transmitting data over a network using a communication protocol | |
| US9893931B2 (en) | Connection recovery method, apparatus, and system | |
| JP2020113924A (en) | Monitoring program, programmable device, and monitoring method | |
| CN101132420A (en) | Link overwriting method and device based on SSL VPN | |
| CN105024971A (en) | Communication protocol conversion method and communication protocol conversion device | |
| CN107465690A (en) | A kind of passive type abnormal real-time detection method and system based on flow analysis | |
| WO2016086755A1 (en) | Packet processing method and transparent proxy server | |
| CN106657206A (en) | Virtual desktop infrastructure web video redirection method | |
| CN103944992B (en) | Method for accelerating HTTP on IOS | |
| CN110661807A (en) | Automatic acquisition method and device for IPv6 address | |
| CN114401097A (en) | Method for identifying HTTPS service traffic based on SSL certificate fingerprint | |
| CN103916489B (en) | The many IP of a kind of single domain name domain name analytic method and system | |
| CN113810349B (en) | Data transmission method, device, computer equipment and storage medium | |
| CN104615597A (en) | Method, device and system for clearing cache file in browser | |
| CN102420830A (en) | Peer-to-peer (P2P) protocol type identification method | |
| US9674052B2 (en) | Data packet stream fingerprint | |
| CN114389792B (en) | WEB log NAT (network Address translation) front-back association method and system | |
| CN105072057A (en) | Intermediate switch equipment for network data transmission, and network communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |