CN111565200B - NAT (network Address translation) association detection method based on multi-path message detection analysis - Google Patents

NAT (network Address translation) association detection method based on multi-path message detection analysis Download PDF

Info

Publication number
CN111565200B
CN111565200B CN202010674639.3A CN202010674639A CN111565200B CN 111565200 B CN111565200 B CN 111565200B CN 202010674639 A CN202010674639 A CN 202010674639A CN 111565200 B CN111565200 B CN 111565200B
Authority
CN
China
Prior art keywords
message
flow
flows
nat
timestamp
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010674639.3A
Other languages
Chinese (zh)
Other versions
CN111565200A (en
Inventor
李家驹
段永康
李利
杨帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Shuwei Communication Technology Co ltd
Original Assignee
Chengdu Shuwei Communication Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Shuwei Communication Technology Co ltd filed Critical Chengdu Shuwei Communication Technology Co ltd
Priority to CN202010674639.3A priority Critical patent/CN111565200B/en
Publication of CN111565200A publication Critical patent/CN111565200A/en
Application granted granted Critical
Publication of CN111565200B publication Critical patent/CN111565200B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • G06F16/24568Data stream processing; Continuous queries
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/163In-band adaptation of TCP data exchange; In-band control procedures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/164Adaptation or special uses of UDP protocol

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses an NAT (network Address translation) association detection method based on multi-path message detection and analysis, which mainly finds out NAT associated streams by analyzing statistical information such as protocol fields of all layers of a large number of messages, Payload data of Payload, timestamps, accumulated byte numbers and the like. The forwarding path of the associated flow, i.e. the network device through which the packet passes, can also be determined by analyzing the source MAC address and the destination MAC address of the associated flow. The invention can quickly extract a plurality of pairs of NAT associated flows from a large number of messages, can help operation and maintenance personnel to know the network operation condition and help the operation and maintenance personnel to locate problems when faults occur.

Description

NAT (network Address translation) association detection method based on multi-path message detection analysis
Technical Field
The invention relates to the field of computers, in particular to an NAT (network Address translation) association detection method based on multi-path message detection and analysis.
Background
NAT (Network Address Translator), which is a technology for translating an internal private Network IP Address into a public Network IP Address, has a main purpose of enabling addresses to be reused in the case of an increasingly deficient IPv4 Address. NAT solves well the problem of address scarcity, hiding and protecting computers inside the network, but also makes the network more complex and the problem of location more difficult when network services fail.
Because the NAT technology will convert IP addresses and transport layer ports, one flow sent by a terminal device (e.g., a server, a personal computer) will be converted into another new flow after being converted by the NAT device, the data of each layer protocol below the transport layer may be different between the new and old flows except that Payload data is the same, and message analysis software such as wireshark and the like will also consider the two different flows.
Disclosure of Invention
Aiming at the defects in the prior art, the NAT association detection method based on multi-path message detection and analysis provided by the invention solves the problem that the NAT association stream cannot be found out quickly.
In order to achieve the purpose of the invention, the invention adopts the technical scheme that:
a multi-path message detection and analysis based NAT association detection method is provided, which comprises the following steps:
s1, analyzing a network message file in a pcap format, and acquiring a source MAC address, a destination MAC address, an Ethernet type, a quintuple, TTL, a TCPsequence sequence number, a TCP ack sequence number, TCP Flag, Payload data length and a timestamp when the message is captured; setting the message ID of the message according to the timestamp when the message is captured;
s2, judging whether the stream to which the TCP protocol message and the UDP protocol message belong can be found in the memory message stream data structure according to the quintuple of the TCP protocol message and the UDP protocol message, if so, acquiring and entering the step S4, and if not, entering the step S3;
s3, adding quintuple basic data of the message into a memory, setting total bytes for receiving and sending of the flow to which the message belongs according to the length of the message, and setting the flow ID to which the message belongs and the initial timestamp of the flow according to the capturing time of the message; setting the sending order and the receiving order of the message in the stream, and entering step S5;
s4, adding the total bytes received or sent of the flow to which the message belongs to the length of the message, and setting the sending order and the receiving order of the message in the flow;
s5, storing data obtained by analyzing the TCP protocol message and the UDP protocol message, the belonged stream ID and the timestamp obtained when the TCP protocol message and the UDP protocol message are captured into a database, and enabling each record to correspond to one message, namely, a message record; adding data of each stream in a memory message stream data structure into a database, and enabling each record to correspond to one stream;
s6, sorting all the flows in the database according to the ascending order of the flow IDs, judging whether the difference value of the starting timestamps of every two adjacent flows is within a first time difference threshold, if so, entering a step S7, otherwise, judging that the two flows are not flows related to the NAT;
s7, judging whether the L4 layer protocols of the two flows are the same, if so, combining the two flows as associated flows and entering the step S8, otherwise, judging that the two flows are not NAT associated flows;
s8, acquiring non-retransmitted message records of which the stream sending sequence and the stream receiving sequence are smaller than a sequence threshold from the database, and sequencing the acquired message records in an ascending order according to the stream ID and the message ID;
s9, for the message record obtained in the step S8, comparing the flow ID of the first message with the flow ID in the associated flow combination, and taking out 2 groups of messages of which the flow IDs are equal to the flow ID of the associated flow combination in the message sequence;
s10, comparing whether the length of the 2 groups of messages taken out simultaneously in the step S9 is the same as the Payload fingerprint characteristic value of Payload, if so, entering the step S11, otherwise, judging that the two flows are not flows related to NAT;
s11, judging whether the timestamp difference value of the 2 groups of messages simultaneously taken out in the step S9 is within a second time difference threshold value, if so, judging that the two flows are flows related to NAT; otherwise, the two flows are judged not to be NAT related flows.
Further, step S11 is followed by step S12:
comparing the IP addresses of the 2 groups of messages with the TCP/UDP port, and if the source IP address and the source port are the same, determining that the two are associated with DNAT; and if the destination IP address is the same as the destination port, judging that the SNAT is related.
Further, the specific method for setting the message ID of the message according to the timestamp when the message is captured in step S1 is as follows:
multiplying the second number of the capturing timestamp of the message by 1000000000, and then adding the serial number of the message as the ID of the message, namely the ID of the message is 64-bit unsigned number; capture the time stamp in seconds, i.e., POSIX time; the sequence number of the message is incremented from 1.
Further, the specific method for setting the flow ID and the start timestamp of the flow according to the capturing time of the packet in step S3 includes:
multiplying the second number of the capture timestamp of the message by 1000000000, and then adding the serial number of the flow as the flow ID of the flow, namely the flow ID is 64-bit unsigned number; the number of seconds in which the timestamp was captured is the POSIX time; the sequence number of the flow is incremented from 1.
Further, the first time difference threshold value in step S6 is 10 ms.
Further, the order threshold in step S8 is 5.
Further, in step S10, the Payload fingerprint feature value of Payload is an MD5Hash value of the first 80 bytes of Payload data.
Further, the second time difference threshold is 10ms in step S11.
The invention has the beneficial effects that: the invention finds out the stream associated with the NAT by analyzing the protocol fields of all layers of a large amount of messages, Payload data of Payload, statistical information such as time stamps and accumulated byte numbers and the like. And the forwarding path of the associated flow, namely the network equipment through which the message passes, can be determined by analyzing the source MAC address and the destination MAC address of the associated flow, so that operation and maintenance personnel can know the network operation condition more intuitively and can troubleshoot network faults.
Detailed Description
The following description of the embodiments of the present invention is provided to facilitate the understanding of the present invention by those skilled in the art, but it should be understood that the present invention is not limited to the scope of the embodiments, and it will be apparent to those skilled in the art that various changes may be made without departing from the spirit and scope of the invention as defined and defined in the appended claims, and all matters produced by the invention using the inventive concept are protected.
The NAT association detection method based on multi-path message detection and analysis comprises the following steps:
s1, analyzing the network message file in pcap format, and acquiring protocol fields from 2 layers to 4 layers, including a source MAC address, a destination MAC address, an Ethernet type, a quintuple, TTL, a TCPsequence sequence number, a TCP ack sequence number, TCP Flag, Payload data length, and a timestamp when capturing the message; setting the message ID of the message according to the timestamp when the message is captured;
s2, judging whether the stream to which the TCP protocol message and the UDP protocol message belong can be found in the memory message stream data structure according to the quintuple of the TCP protocol message and the UDP protocol message, if so, acquiring and entering the step S4, and if not, entering the step S3;
s3, adding quintuple basic data of the message into a memory, setting total bytes for receiving and sending of the flow to which the message belongs according to the length of the message, and setting the flow ID to which the message belongs and the initial timestamp of the flow according to the capturing time of the message; setting the sending order and the receiving order of the message in the stream, and entering step S5;
s4, adding the total bytes received or sent of the flow to which the message belongs to the length of the message, and setting the sending order and the receiving order of the message in the flow;
s5, storing data obtained by analyzing the TCP protocol message and the UDP protocol message, the belonged stream ID and the timestamp obtained when the TCP protocol message and the UDP protocol message are captured into a database, and enabling each record to correspond to one message, namely, a message record; adding data of each stream in a memory message stream data structure into a database, and enabling each record to correspond to one stream;
s6, sorting all the flows in the database according to the ascending order of the flow IDs, judging whether the difference value of the starting timestamps of every two adjacent flows is within a first time difference threshold, if so, entering a step S7, otherwise, judging that the two flows are not flows related to the NAT;
s7, judging whether the L4 layer protocols of the two flows are the same, if so, combining the two flows as associated flows and entering the step S8, otherwise, judging that the two flows are not NAT associated flows;
s8, acquiring non-retransmitted message records of which the stream sending sequence and the stream receiving sequence are smaller than a sequence threshold from the database, and sequencing the acquired message records in an ascending order according to the stream ID and the message ID;
s9, for the message record obtained in the step S8, comparing the flow ID of the first message with the flow ID in the associated flow combination, and taking out 2 groups of messages of which the flow IDs are equal to the flow ID of the associated flow combination in the message sequence;
s10, comparing whether the length of the 2 groups of messages taken out simultaneously in the step S9 is the same as the Payload fingerprint characteristic value of Payload, if so, entering the step S11, otherwise, judging that the two flows are not flows related to NAT;
s11, judging whether the timestamp difference value of the 2 groups of messages simultaneously taken out in the step S9 is within a second time difference threshold value, if so, judging that the two flows are flows related to NAT; otherwise, judging that the two flows are not NAT related flows;
s12, comparing the IP address and the TCP/UDP port of the 2 groups of messages, and if the source IP address and the source port are the same, determining that the two are associated with each other; and if the destination IP address is the same as the destination port, judging that the SNAT is related.
The specific method for setting the message ID of the message according to the timestamp when the message is captured in step S1 is as follows: multiplying the second number of the capturing timestamp of the message by 1000000000, and then adding the serial number of the message as the ID of the message, namely the ID of the message is 64-bit unsigned number; capture the time stamp in seconds, i.e., POSIX time; the sequence number of the message is incremented from 1.
The specific method for setting the flow ID and the start timestamp of the flow according to the capturing time of the packet in step S3 is as follows: multiplying the second number of the capture timestamp of the message by 1000000000, and then adding the serial number of the flow as the flow ID of the flow, namely the flow ID is 64-bit unsigned number; the number of seconds in which the timestamp was captured is the POSIX time; the sequence number of the flow is incremented from 1.
In one embodiment of the present invention, the first time difference threshold in step S6 is 10 ms. The order threshold in step S8 is 5. In step S10, the fingerprint feature value of Payload is MD5Hash value of the first 80 bytes of Payload data. The second time difference threshold is 10ms in step S11. In the specific using process, the position of the message capturing point is determined according to the source MAC address of the 2 groups of messages, and then the forwarding path of the flow can be determined.
In summary, the present invention can rapidly extract a plurality of pairs of NAT-related flows from a large number of messages, and can help operation and maintenance personnel to know the network operation status and to locate problems when a fault occurs.

Claims (8)

1. A NAT (network Address translation) association detection method based on multi-path message detection and analysis is characterized by comprising the following steps of:
s1, analyzing a network message file in a pcap format, and acquiring a source MAC address, a destination MAC address, an Ethernet type, a quintuple, TTL, a TCPsequence sequence number, a TCP ack sequence number, TCP Flag, Payload data length and a timestamp when the message is captured; setting the message ID of the message according to the timestamp when the message is captured;
s2, judging whether the stream to which the TCP protocol message and the UDP protocol message belong can be found in the memory message stream data structure according to the quintuple of the TCP protocol message and the UDP protocol message, if so, acquiring and entering the step S4, and if not, entering the step S3;
s3, adding quintuple basic data of the message into a memory, setting total bytes for receiving and sending of the flow to which the message belongs according to the length of the message, and setting the flow ID to which the message belongs and the initial timestamp of the flow according to the capturing time of the message; setting the sending order and the receiving order of the message in the stream, and entering step S5;
s4, adding the total bytes received or sent of the flow to which the message belongs to the length of the message, and setting the sending order and the receiving order of the message in the flow;
s5, storing data obtained by analyzing the TCP protocol message and the UDP protocol message, the belonged stream ID and the timestamp obtained when the TCP protocol message and the UDP protocol message are captured into a database, and enabling each record to correspond to one message, namely, a message record; adding data of each stream in a memory message stream data structure into a database, and enabling each record to correspond to one stream;
s6, sorting all the flows in the database according to the ascending order of the flow IDs, judging whether the difference value of the starting timestamps of every two adjacent flows is within a first time difference threshold, if so, entering a step S7, otherwise, judging that the two flows are not flows related to the NAT;
s7, judging whether the L4 layer protocols of the two flows are the same, if so, combining the two flows as associated flows and entering the step S8, otherwise, judging that the two flows are not NAT associated flows;
s8, acquiring non-retransmitted message records of which the stream sending sequence and the stream receiving sequence are smaller than a sequence threshold from the database, and sequencing the acquired message records in an ascending order according to the stream ID and the message ID;
s9, for the message record obtained in the step S8, comparing the flow ID of the first message with the flow ID in the associated flow combination, and taking out 2 groups of messages of which the flow IDs are equal to the flow ID of the associated flow combination in the message sequence;
s10, comparing whether the length of the 2 groups of messages taken out simultaneously in the step S9 is the same as the Payload fingerprint characteristic value of Payload, if so, entering the step S11, otherwise, judging that the two flows are not flows related to NAT;
s11, judging whether the timestamp difference value of the 2 groups of messages simultaneously taken out in the step S9 is within a second time difference threshold value, if so, judging that the two flows are flows related to NAT; otherwise, the two flows are judged not to be NAT related flows.
2. The method for detecting NAT association based on multi-path message detection analysis according to claim 1, wherein said step S11 is followed by step S12:
comparing the IP addresses of the 2 groups of messages with the TCP/UDP port, and if the source IP address and the source port are the same, determining that the two are associated with DNAT; and if the destination IP address is the same as the destination port, judging that the SNAT is related.
3. The method for detecting NAT association based on multi-path packet detection analysis according to claim 1, wherein the specific method for setting the packet ID of the packet according to the timestamp of the packet capturing in step S1 is as follows:
multiplying the second number of the capturing timestamp of the message by 1000000000, and then adding the serial number of the message as the ID of the message, namely the ID of the message is 64-bit unsigned number; capture the time stamp in seconds, i.e., POSIX time; the sequence number of the message is incremented from 1.
4. The method for detecting NAT association based on multi-path packet detection analysis according to claim 1, wherein the specific method for setting the flow ID and the start timestamp of the flow to which the packet belongs according to the capturing time of the packet in step S3 is as follows:
multiplying the second number of the capture timestamp of the message by 1000000000, and then adding the serial number of the flow as the flow ID of the flow, namely the flow ID is 64-bit unsigned number; the number of seconds in which the timestamp was captured is the POSIX time; the sequence number of the flow is incremented from 1.
5. The method for detecting NAT association based on multi-path packet inspection analysis according to claim 1, wherein the first time difference threshold in step S6 is 10 ms.
6. The method for detecting NAT association based on multi-path packet inspection analysis according to claim 1, wherein the order threshold in step S8 is 5.
7. The method for detecting NAT association based on multi-path message detection and analysis of claim 1, wherein the fingerprint feature value of Payload in step S10 is MD5Hash value of the first 80 bytes of Payload data.
8. The method for detecting NAT association based on multi-path packet inspection analysis according to claim 1, wherein the second time difference threshold in step S11 is 10 ms.
CN202010674639.3A 2020-07-14 2020-07-14 NAT (network Address translation) association detection method based on multi-path message detection analysis Active CN111565200B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010674639.3A CN111565200B (en) 2020-07-14 2020-07-14 NAT (network Address translation) association detection method based on multi-path message detection analysis

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010674639.3A CN111565200B (en) 2020-07-14 2020-07-14 NAT (network Address translation) association detection method based on multi-path message detection analysis

Publications (2)

Publication Number Publication Date
CN111565200A CN111565200A (en) 2020-08-21
CN111565200B true CN111565200B (en) 2020-10-09

Family

ID=72073983

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010674639.3A Active CN111565200B (en) 2020-07-14 2020-07-14 NAT (network Address translation) association detection method based on multi-path message detection analysis

Country Status (1)

Country Link
CN (1) CN111565200B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112787883B (en) * 2020-12-26 2022-07-12 中国农业银行股份有限公司 Method, device and equipment for detecting NAT (network Address translation) fault of equipment
CN112822204A (en) * 2021-01-28 2021-05-18 深信服科技股份有限公司 NAT detection method, device, equipment and medium
CN113438125B (en) * 2021-06-08 2023-02-28 迈普通信技术股份有限公司 Test method and system
CN114389792B (en) * 2022-03-22 2022-06-10 合肥全息网御科技有限公司 WEB log NAT (network Address translation) front-back association method and system
CN115086183B (en) * 2022-07-05 2024-02-06 武汉思普崚技术有限公司 Message association method and device of application layer gateway

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101594263A (en) * 2009-01-09 2009-12-02 成都四方信息技术有限公司 System to monitoring network communication data packets
CN105610999A (en) * 2016-03-30 2016-05-25 上海斐讯数据通信技术有限公司 Method, device, server and system for implementing P2P communication by penetrating NAT (network address translator)
CN110572325A (en) * 2019-09-06 2019-12-13 成都深思科技有限公司 NAT router flow identification method

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8254286B2 (en) * 2006-07-24 2012-08-28 Forescout Technologies Inc. Method and system for detection of NAT devices in a network
US8219675B2 (en) * 2009-12-11 2012-07-10 Tektronix, Inc. System and method for correlating IP flows across network address translation firewalls
US8683573B2 (en) * 2011-06-27 2014-03-25 International Business Machines Corporation Detection of rogue client-agnostic nat device tunnels
CN105407096B (en) * 2015-11-26 2019-03-19 深圳市风云实业有限公司 Message data detection method based on flow management
CN110798461B (en) * 2019-10-23 2022-04-05 国家计算机网络与信息安全管理中心 VoIP (Voice over Internet protocol) association method and device under asymmetric routing network and readable storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101594263A (en) * 2009-01-09 2009-12-02 成都四方信息技术有限公司 System to monitoring network communication data packets
CN105610999A (en) * 2016-03-30 2016-05-25 上海斐讯数据通信技术有限公司 Method, device, server and system for implementing P2P communication by penetrating NAT (network address translator)
CN110572325A (en) * 2019-09-06 2019-12-13 成都深思科技有限公司 NAT router flow identification method

Also Published As

Publication number Publication date
CN111565200A (en) 2020-08-21

Similar Documents

Publication Publication Date Title
CN111565200B (en) NAT (network Address translation) association detection method based on multi-path message detection analysis
CN106034056B (en) Method and system for analyzing business safety
US8306063B2 (en) Real-time transport protocol stream detection system and method
CN103795709B (en) Network security detection method and system
CN102487339B (en) Attack preventing method for network equipment and device
US7729271B2 (en) Detection method for abnormal traffic and packet relay apparatus
US8477774B2 (en) Method and system for detecting accessing host contained in network, and statistic and analyzing server
US8254388B2 (en) Management device to investigate path states of network and network system
JP2006279930A (en) Method and device for detecting and blocking unauthorized access
US7420929B1 (en) Adaptive network flow analysis
EP1420548A2 (en) Expert system for protocols analysis
CN104994016B (en) Method and apparatus for packet classification
US8505098B2 (en) Method for recording, recovering, and replaying real traffic
EP3242240A1 (en) Malicious communication pattern extraction device, malicious communication pattern extraction system, malicious communication pattern extraction method and malicious communication pattern extraction program
Mongkolluksamee et al. Counting NATted hosts by observing TCP/IP field behaviors
EP3065343B1 (en) Network monitoring method and apparatus, and packet filtering method and apparatus
CN110677327A (en) Chip-based real-time detection method for RTP flow fault
CN110572325A (en) NAT router flow identification method
CN115664833B (en) Network hijacking detection method based on local area network safety equipment
US11770360B1 (en) Correlating protocol data units transiting networks with differing addressing schemes
US8037167B1 (en) Method for detecting hosts behind network address translators
US7869368B2 (en) Performance measuring in a packet transmission network
CN113014578A (en) Fragment message detection method based on convolutional neural network and storage medium
CN111614633A (en) Auditing method and system for L2TP protocol
JP2009049592A (en) Ip flow measuring circuit and ip flow measuring method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant