CN112788013A - WEB side online multi-layer protocol data packet decoding method and device - Google Patents

WEB side online multi-layer protocol data packet decoding method and device Download PDF

Info

Publication number
CN112788013A
CN112788013A CN202011619208.3A CN202011619208A CN112788013A CN 112788013 A CN112788013 A CN 112788013A CN 202011619208 A CN202011619208 A CN 202011619208A CN 112788013 A CN112788013 A CN 112788013A
Authority
CN
China
Prior art keywords
data
network
data packet
decoding
protocol
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011619208.3A
Other languages
Chinese (zh)
Inventor
张凯
马霖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Kelai Network Technology Co Ltd
Original Assignee
Chengdu Kelai Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Kelai Network Technology Co Ltd filed Critical Chengdu Kelai Network Technology Co Ltd
Priority to CN202011619208.3A priority Critical patent/CN112788013A/en
Publication of CN112788013A publication Critical patent/CN112788013A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/18Multiprotocol handlers, e.g. single devices capable of handling multiple protocols

Abstract

The invention discloses a method and a device for decoding a multilayer protocol data packet, which can decode different protocols in the current data packet in batch by selecting a plurality of sessions with different protocols in a session list, greatly simplifies the complicated process of decoding the data packet, is convenient for users to use and improves the user experience of products, and simultaneously adopts a cloud server to decode network topology data on line, thereby greatly reducing the hardware requirement on a computer, rapidly displaying the data packet decoding on a WEB end of the computer, and reducing the complicated operation of network maintenance personnel on the decoding work and the requirement of rapid decoding.

Description

WEB side online multi-layer protocol data packet decoding method and device
Technical Field
The invention belongs to the field of TCP/UDP/ARP/ICMP network protocols, and particularly relates to a server system for analyzing data based on a TCP/UDP/ARP/ICMP protocol and a display method.
Background
The cloud server calculates a certain link (acquisition point) and analyzes a data packet in a specified time period to analyze, analyzes and analyzes a session (TCP/UDP/ARP/ICMP) object in the data packet, and can analyze a single-point single protocol and a plurality of multi-point protocols with different requirements and analyze a plurality of different multi-point protocols simultaneously, so that the analysis of the data packet and the result display after the analysis at a WEB end are rapidly realized.
The data packet decoding is a network analysis function with high use frequency of network managers, the previous data packet decoding requires the network managers to know network topology structure data very clearly, and in the decoding process:
1: the currently decoded link needs to be known to enable layer-by-layer analysis down.
2: it is necessary to know the protocol to be decoded clearly, for example, after the current parsing protocol belongs to the TCP or UDP protocol, different data packets can be parsed according to the protocol.
3: if the data packets of other protocols need to be decoded in the current network topology data, the data packets need to be returned and re-operated, so that the workload and the fussy operation are increased.
4: data packets of only one protocol can be decoded at a time, and the multilayer session and the multiple protocols cannot be analyzed, so that differences among the multiple data packets cannot be compared, and inaccurate decoded data is brought.
5: the local decoding depending on the network topological structure data increases the hardware requirement on the computer, directly causes the problem of low decoding efficiency, and also causes the direct downtime effect if the hardware performance does not reach the standard.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a method and a device for decoding a multilayer protocol data packet, wherein a plurality of sessions with different protocols are selected from a session list, so that different protocols in the current data packet can be decoded in batches, the complicated process of decoding the data packet is greatly simplified, the use by a user is facilitated, the user experience of a product is improved, meanwhile, a cloud server is adopted to decode network topology data on line, the hardware requirement on a computer is greatly reduced, the data packet decoding is rapidly displayed on a WEB end of the computer, and the complicated operation of decoding work and the requirement of network maintenance personnel on rapid decoding are reduced.
The purpose of the invention is realized by the following technical scheme:
on one hand, the invention discloses a WEB side online multilayer protocol data packet decoding method, which comprises the following steps: s1: the server side network structure analysis module collects network structure data through a network probe, establishes a network topology structure database after data analysis and arrangement, and carries out induction and analysis on different protocols in a data packet of a network structure; s2: the client determines planning parameters according to actual requirements and initiates a link query request; s3: and after receiving the query request, the server-side planning analysis module analyzes the decoding of the data packet from the query condition and returns a group of available decoding data meeting the expectation of the query request from the network topology structure data.
According to a preferred embodiment, the collecting network structure data by the network probe in step S1 specifically includes: the data are collected through a network probe deployed in an integrated environment, TCP/UDP/ARP/ICMP network data are obtained at least by using a TCP/UDP/ARP/ICMP protocol, and a data network topological structure data model of a multi-layer protocol is formed.
According to a preferred embodiment, the step S1 of summarizing and parsing different protocols in the data packet of the network structure specifically includes: the server side decodes data according to a protocol layer appointed in a link to be analyzed based on a network topological structure data model, and analyzes a multi-layer protocol by combining a processing strategy of cloud computing of a server cluster.
According to a preferred embodiment, the parameters of the query request in step S2 include link, time period and transmission protocol.
According to a preferred embodiment, the WEB-side online multi-layer protocol packet decoding method is configured to be implemented in the environment of IPv4 and IPv6 protocols.
On the other hand, the invention also discloses a WEB-side online multilayer protocol data packet decoding device, which comprises a cloud server and a client, wherein a planning analysis module and a network structure analysis module are arranged in the cloud server, and the decoding device is configured to operate according to the WEB-side online multilayer protocol data packet decoding method.
The aforementioned main aspects of the invention and their respective further alternatives can be freely combined to form a plurality of aspects, all of which are aspects that can be adopted and claimed by the present invention. The skilled person in the art can understand that there are many combinations, which are all the technical solutions to be protected by the present invention, according to the prior art and the common general knowledge after understanding the scheme of the present invention, and the technical solutions are not exhaustive herein.
Compared with the prior art, the method and the device of the invention have the following advantages:
1. based on detection of actual network topology data and large-scale calculation of the cloud server, the method has the advantages of faster data analysis capability and more comprehensive and accurate data analysis compared with the existing method.
2. And by integrating various data packet protocols, the analysis of the data packets under different requirements can be adapted.
3. The cloud computing-based data packet analysis method has the advantages that analysis delay is greatly reduced, analysis efficiency is improved, analysis accuracy of data is improved, the possibility of long-time waiting and wrong and missed solution of network maintenance personnel in the data packet analysis process is greatly reduced, and maintenance difficulty is reduced.
4. The analysis of the system multi-layer protocol provides a more comprehensive data analysis structure chart and more comprehensive data display for network maintenance personnel, the previous complicated work of ordinary data analysis and the influence caused by incompleteness of data are avoided, the efficiency of the whole analysis work is improved, and the work difficulty is reduced.
Drawings
Fig. 1 is a schematic system structure diagram of a WEB-side online multi-layer protocol packet decoding device.
Detailed Description
The embodiments of the present invention are described below with reference to specific embodiments, and other advantages and effects of the present invention will be easily understood by those skilled in the art from the disclosure of the present specification. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict.
It should be noted that, in order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention are clearly and completely described below, and it is obvious that the described embodiments are some embodiments of the present invention, but not all embodiments.
Thus, the following detailed description of the embodiments of the present invention is not intended to limit the scope of the invention as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1:
the invention discloses a WEB terminal online multilayer protocol data packet decoding method, which comprises the following steps:
step S1: the server side network structure analysis module collects network structure data through a network probe, establishes a network topology structure database after data analysis and arrangement, and carries out induction and analysis on different protocols in a data packet of a network structure;
preferably, the step S1 of collecting network structure data through a network probe specifically includes: the data are collected through a network probe deployed in an integrated environment, TCP/UDP/ARP/ICMP network data are obtained at least by using a TCP/UDP/ARP/ICMP protocol, and a data network topological structure data model of a multi-layer protocol is formed.
Preferably, the step S1 of summarizing and analyzing different protocols in the data packet of the network structure specifically includes: the server side is based on a network topological structure data model, data can be decoded according to a protocol layer appointed in a link needing to be analyzed, multiple strategies such as processing of cloud computing of a server cluster are combined, multi-layer protocols can be analyzed rapidly and used by planning and network personnel, and complicated decoding work is simplified scientifically and reasonably.
Step S2: the client determines planning parameters according to actual requirements and initiates a link query request;
preferably, the parameters of the query request in step S2 include a link, a time period and a transmission protocol.
Step S3: and after receiving the query request, the server-side planning analysis module analyzes the decoding of the data packet from the query condition and returns a group of available decoding data meeting the expectation of the query request from the network topology structure data.
Preferably, the WEB-side online multi-layer protocol packet decoding method is configured to be implemented in IPv4 and IPv6 protocol environments.
Example 2
As shown in fig. 1, on the basis of embodiment 1, the present invention further discloses a WEB-side online multi-layer protocol packet decoding apparatus. The decoding device comprises a cloud server and a client. The cloud server comprises a service processing center and a data processing center. And a network structure analysis module is arranged in the data processing center. And a planning analysis module is arranged in the service processing center. The decoding apparatus is configured to operate in accordance with the method as described in the foregoing embodiment 1.
Preferably, the device of the invention integrates the display of a timing chart, a data packet and a data stream and performs switching display according to requirements. The main area can select a single or a plurality of sessions and can select different decoding protocols, and correspondingly, decoding display is carried out in a time sequence diagram or a data packet and a data stream, so that the operation difficulty is greatly reduced.
According to the WEB side online multi-layer protocol data packet decoding method and device, a plurality of sessions of different protocols are selected from the session list, the different protocols in the current data packet can be decoded in batches, the complex process of data packet decoding is greatly simplified, the use by a user is facilitated, the user experience of a product is improved, meanwhile, the cloud server is adopted to decode network topology data online, the hardware requirement on a computer is greatly reduced, the data packet decoding is rapidly displayed on the WEB side of the computer, and the complex operation of network maintenance personnel on the decoding work and the requirement of rapid decoding are reduced.
Compared with the prior art, the method and the device of the invention have the following advantages: 1. based on detection of actual network topology data and large-scale calculation of the cloud server, the method has the advantages of faster data analysis capability and more comprehensive and accurate data analysis compared with the existing method. 2. And by integrating various data packet protocols, the analysis of the data packets under different requirements can be adapted. 3. The cloud computing-based data packet analysis method has the advantages that analysis delay is greatly reduced, analysis efficiency is improved, analysis accuracy of data is improved, the possibility of long-time waiting and wrong and missed solution of network maintenance personnel in the data packet analysis process is greatly reduced, and maintenance difficulty is reduced. 4. The analysis of the system multi-layer protocol provides a more comprehensive data analysis structure chart and more comprehensive data display for network maintenance personnel, the previous complicated work of ordinary data analysis and the influence caused by incompleteness of data are avoided, the efficiency of the whole analysis work is improved, and the work difficulty is reduced.
The foregoing basic embodiments of the invention and their various further alternatives can be freely combined to form multiple embodiments, all of which are contemplated and claimed herein. In the scheme of the invention, each selection example can be combined with any other basic example and selection example at will. Numerous combinations will be known to those skilled in the art.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (6)

1. A WEB side online multilayer protocol data packet decoding method is characterized by comprising the following steps:
s1: the server side network structure analysis module collects network structure data through a network probe, establishes a network topology structure database after data analysis and arrangement, and carries out induction and analysis on different protocols in a data packet of a network structure;
s2: the client determines planning parameters according to actual requirements and initiates a link query request;
s3: and after receiving the query request, the server-side planning analysis module analyzes the decoding of the data packet from the query condition and returns a group of available decoding data meeting the expectation of the query request from the network topology structure data.
2. The WEB-side online multi-layer protocol packet decoding method according to claim 1, wherein the collecting of the network structure data through the network probe in step S1 specifically includes:
the data are collected through a network probe deployed in an integrated environment, TCP/UDP/ARP/ICMP network data are obtained at least by using a TCP/UDP/ARP/ICMP protocol, and a data network topological structure data model of a multi-layer protocol is formed.
3. The WEB-side online multi-layer protocol data packet decoding method according to claim 2, wherein the step S1 of summarizing and analyzing different protocols in a data packet of a network structure specifically includes:
the server side decodes data according to a protocol layer appointed in a link to be analyzed based on a network topological structure data model, and analyzes a multi-layer protocol by combining a processing strategy of cloud computing of a server cluster.
4. The WEB-side online multi-layer protocol packet decoding method according to claim 3, wherein the parameters of the query request in step S2 include link, time period, and transmission protocol.
5. The method for decoding WEB side online multilayer protocol data packets according to any one of claims 1 to 4, wherein the method for decoding WEB side online multilayer protocol data packets is configured to be implemented under the IPv4 and IPv6 protocol environments.
6. A WEB-side online multi-layer protocol data packet decoding device is characterized in that the decoding device comprises a cloud server and a client, a planning analysis module and a network structure analysis module are arranged in the cloud server,
the decoding device is configured to operate according to the WEB-side online multi-layer protocol data packet decoding method of any one of claims 1 to 5.
CN202011619208.3A 2020-12-30 2020-12-30 WEB side online multi-layer protocol data packet decoding method and device Pending CN112788013A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011619208.3A CN112788013A (en) 2020-12-30 2020-12-30 WEB side online multi-layer protocol data packet decoding method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011619208.3A CN112788013A (en) 2020-12-30 2020-12-30 WEB side online multi-layer protocol data packet decoding method and device

Publications (1)

Publication Number Publication Date
CN112788013A true CN112788013A (en) 2021-05-11

Family

ID=75754228

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011619208.3A Pending CN112788013A (en) 2020-12-30 2020-12-30 WEB side online multi-layer protocol data packet decoding method and device

Country Status (1)

Country Link
CN (1) CN112788013A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114285918A (en) * 2021-12-30 2022-04-05 湖北天融信网络安全技术有限公司 Shunting method and device based on protocol analysis, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242408A (en) * 2008-01-18 2008-08-13 南京邮电大学 A construction method for open multi-source data packet capturing
CN101729542A (en) * 2009-11-26 2010-06-09 上海大学 Multi-protocol information resolving system based on network packet
CN102123058A (en) * 2011-01-19 2011-07-13 北京神州绿盟信息安全科技股份有限公司 Test equipment and method for testing network protocol decoder
CN104378241A (en) * 2014-11-27 2015-02-25 四川中时代科技有限公司 Multi-protocol information decoding system on basis of IP (internet protocol) data packets
CN109257352A (en) * 2018-09-25 2019-01-22 广州虎牙信息科技有限公司 Resolve packet method, apparatus, electronic equipment and storage medium
CN110401642A (en) * 2019-07-10 2019-11-01 浙江中烟工业有限责任公司 A kind of acquisition of industry control flow and protocol analysis method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242408A (en) * 2008-01-18 2008-08-13 南京邮电大学 A construction method for open multi-source data packet capturing
CN101729542A (en) * 2009-11-26 2010-06-09 上海大学 Multi-protocol information resolving system based on network packet
CN102123058A (en) * 2011-01-19 2011-07-13 北京神州绿盟信息安全科技股份有限公司 Test equipment and method for testing network protocol decoder
CN104378241A (en) * 2014-11-27 2015-02-25 四川中时代科技有限公司 Multi-protocol information decoding system on basis of IP (internet protocol) data packets
CN109257352A (en) * 2018-09-25 2019-01-22 广州虎牙信息科技有限公司 Resolve packet method, apparatus, electronic equipment and storage medium
CN110401642A (en) * 2019-07-10 2019-11-01 浙江中烟工业有限责任公司 A kind of acquisition of industry control flow and protocol analysis method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
MOHAMED ABDELGHANI: "Simulating Recordings from Intrafascicular Electrodes to Facilitate Decoding Algorithm Development", 《2013 29TH SOUTHERN BIOMEDICAL ENGINEERING CONFERENCE》 *
彭彬等: "基于在线解码系统设计与分析", 《现代计算机(专业版)》 *
贾荣来等: "高性能网络协议还原平台的研究", 《计算机应用与软件》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114285918A (en) * 2021-12-30 2022-04-05 湖北天融信网络安全技术有限公司 Shunting method and device based on protocol analysis, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
US11121947B2 (en) Monitoring and analysis of interactions between network endpoints
US11481242B2 (en) System and method of flow source discovery
CN106130796B (en) SDN network topology traffic visualization monitoring method and control terminal
CN105376110B (en) The analysis method and system of network packet are realized with big data streaming technology
CN110086692A (en) A kind of automated testing method based on Internet of Things, device and computer equipment
US9641405B2 (en) System and method for sequencing per-hop data in performance-monitored network environments
GB2463952A (en) Analysing a service processing status in a network
CN110855493A (en) Application topological graph drawing device for mixed environment
CN109639534A (en) A kind of method, apparatus and computer storage medium of test network transmission performance
CN112788013A (en) WEB side online multi-layer protocol data packet decoding method and device
CN105119756A (en) Network monitoring system and method based on network management platform and data analysis
CN115277510B (en) Method for automatically identifying equipment, equipment interface and equipment path in network session
CN102098188A (en) Method and system for detecting IP (Internet Protocol) connection
EP2523394A1 (en) Method and Apparatus for Distinguishing and Sampling Bi-Directional Network Traffic at a Conversation Level
CN106648722B (en) Method and device for processing Flume receiving terminal data based on big data
CN110838950B (en) Method and device for determining network performance jitter value
CN113746654A (en) IPv6 address management and flow analysis method and device
JP2000209205A (en) Instrument for measuring in-network delay time
CN114095383B (en) Network flow sampling method and system and electronic equipment
Sperotto et al. Anomaly characterization in flow-based traffic time series
Lifu et al. Technique for network performance measurement based on RFC 2544
KR102072879B1 (en) Method for building green network
Aparcana-Tasayco et al. Open and Interactive NMS for Network Monitoring in Software Defined Networks
CN111800311A (en) Real-time sensing method for decentralized computing state
CN109889545A (en) Data communications method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 610041 12th, 13th and 14th floors, unit 1, building 4, No. 966, north section of Tianfu Avenue, Chengdu hi tech Zone, China (Sichuan) pilot Free Trade Zone, Chengdu, Sichuan

Applicant after: Kelai Network Technology Co.,Ltd.

Address before: 41401-41406, 14th floor, unit 1, building 4, No. 966, north section of Tianfu Avenue, Chengdu hi tech Zone, Chengdu Free Trade Zone, Sichuan 610041

Applicant before: Chengdu Kelai Network Technology Co.,Ltd.

CB02 Change of applicant information
RJ01 Rejection of invention patent application after publication

Application publication date: 20210511

RJ01 Rejection of invention patent application after publication