CN114666072B - Illegal switching point detection method, server, platform, system and storage medium - Google Patents
Illegal switching point detection method, server, platform, system and storage medium Download PDFInfo
- Publication number
- CN114666072B CN114666072B CN202011406849.0A CN202011406849A CN114666072B CN 114666072 B CN114666072 B CN 114666072B CN 202011406849 A CN202011406849 A CN 202011406849A CN 114666072 B CN114666072 B CN 114666072B
- Authority
- CN
- China
- Prior art keywords
- client terminal
- message data
- address
- source
- test server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention provides an illegal transfer point detection method, a server, a platform, a system and a storage medium, wherein the method comprises the steps of receiving message data sent by a client terminal; the method comprises the steps that whether a sender of message data is a client terminal connected to a different network or not is determined according to the identification verification code, if the sender of the message data is the client terminal connected to the different network, a detection instruction is generated according to the source IP address and the client terminal information and is sent to a management platform, the detection instruction is used for the management platform to determine whether the source IP address is an illegal transfer point or not, and the method uses the client terminal with the identification verification code to dial and measure, only needs to acquire the message data, does not need to acquire routing data and service flow, and can effectively and accurately determine the illegal transfer point.
Description
Technical Field
The embodiment of the invention relates to the technical field of internet communication, in particular to an illegal transfer point detection method, a server, a platform, a system and a storage medium.
Background
Network access between different operators is required to be accomplished through preset direct connection points, wherein the direct connection points are physical connections between telecommunication networks, so that users of one telecommunication operator can communicate with users of another telecommunication operator and settle fees according to an agreement.
In order to realize that the cost can be saved while the network quality of the user is ensured, the heterogeneous network operator can acquire the network private line account number of the main stream operator in a certain way, and the account number is used as an illegal switching point to directly access the resources of the main stream operator, so that economic loss can be caused to the main stream operator, and meanwhile, the network of the main stream operator is unstable. In the prior art, the detection of the illegal transfer point is mainly realized by deploying a soft probe in a heterogeneous network environment, obtaining route data by the soft probe through a route tracking protocol, and analyzing the route data to detect the illegal transfer point.
However, the different network operators may shut down the route tracking protocol, so that the soft probe cannot acquire the route data, and the method has the defect that an illegal transfer point cannot be effectively and accurately determined.
Disclosure of Invention
The embodiment of the invention provides an illegal switching point detection method, a server, a platform, a system and a storage medium, so as to improve the effectiveness and accuracy of illegal switching point detection.
In a first aspect, an embodiment of the present invention provides an illegal switching point detection method, which is applied to a test server, including:
receiving message data sent by a client terminal; the message data comprises a source IP address, client terminal information and an identification verification code; the identification verification code is data issued by the management platform according to the client terminal information;
determining whether the sender of the message data is a client terminal connected to a different network according to the identification verification code;
if the sender of the message data is a client terminal connected to a different network, generating a detection instruction according to the source IP address and the client terminal information, and sending the detection instruction to the management platform, wherein the detection instruction is used for the management platform to determine whether the source IP address is an illegal transfer point.
Optionally, determining whether the sender of the message data is a client terminal connected to a different network according to the identification verification code includes:
analyzing the message data to obtain an identification verification code in the message data;
calculating the identification verification code and the first verification information according to a preset verification rule to obtain a verification result;
Judging whether the verification result is consistent with the second verification information, if so, determining that the sender of the message data is a client terminal connected to a different network;
the first check information and the second check information are data which are generated by the management platform according to a preset check rule and sent to the test server.
Optionally, the test server is a local side acquisition and analysis device set at an exit of the local metropolitan area network, the message data includes a destination IP address or a destination port, and the receiving the message data sent by the client terminal includes:
collecting message data of an outlet of the provincial metropolitan area network;
and screening the message data containing the preset destination IP address or destination port from the collected message data.
Optionally, the test server is a test server corresponding to a destination IP address or a destination port, the message data includes the destination IP address or the destination port, and the receiving the message data sent by the client terminal includes:
and receiving message data containing the destination IP address or the destination port.
In a second aspect, an embodiment of the present invention provides an illegal switching point detection method, which is applied to a management platform, and includes:
Sending an identification verification code to a client terminal so that the client terminal obtains message data according to a source IP address, client terminal information and the identification verification code, and sending the obtained message data to a test server;
receiving a detection instruction sent by the test server, wherein the detection instruction comprises a source IP address and client terminal information; the detection instruction is generated after the test server receives message data sent by the client terminal and determines that the sender of the message data is the client terminal connected to the different network and sends the message data to the management platform;
and determining whether the source IP address is an illegal transfer point according to the detection instruction.
Optionally, determining whether the source IP address is an illegal transfer point according to the detection instruction includes:
determining a source IP address corresponding to the client terminal according to the client terminal information;
judging whether the source IP address corresponding to the client terminal is consistent with the source IP address in the message data;
if not, determining the source IP address in the message data as an illegal transfer point.
Optionally, the test server is a local side acquisition and analysis device set at an exit of the local metropolitan area network, the message data includes a destination IP address or a destination port, and the receiving the detection instruction sent by the test server includes:
Receiving a detection instruction sent by the local side acquisition and analysis equipment; the detection instruction is generated after the local side acquisition and analysis equipment determines that the sender of the message data is a client terminal connected to a different network.
Optionally, the test server is a test server corresponding to a destination IP address or a destination port, the packet data includes the destination IP address or the destination port, and the receiving a detection instruction sent by the test server includes:
receiving a detection instruction sent by the test server; the detection instruction is generated after the test server determines that the sender of the message data is a client terminal connected to a different network.
Optionally, the sending the identification verification code to the client terminal includes:
receiving a client terminal ID sent by the client terminal;
verifying the ID of the client terminal, and if the ID passes the verification, sending a test task and an identification verification code to the client terminal so that the client terminal obtains packaged message data according to the test task and the identification verification code; wherein the test task includes a destination IP or destination port.
In a third aspect, an embodiment of the present invention provides a test server, including: at least one processor and memory;
The memory stores computer-executable instructions;
the at least one processor executing computer-executable instructions stored in the memory causes the at least one processor to perform the method of illegitimate transfer point detection as described in any of the first aspects.
In a fourth aspect, an embodiment of the present invention provides a management platform, including: at least one processor and memory;
the memory stores computer-executable instructions;
the at least one processor executing computer-executable instructions stored in the memory causes the at least one processor to perform the method of illegitimate transfer point detection as described in any of the second aspects.
In a fifth aspect, an embodiment of the present invention provides an illegal transit point detection system, including the test server in the third aspect and the management platform in the fourth aspect.
In a sixth aspect, an embodiment of the present invention provides a computer-readable storage medium, where computer-executable instructions are stored, and when executed by a processor, implement the method for detecting an illegal transit point according to any one of the first aspect and the second aspect.
The method comprises the steps of setting a client terminal with an identification verification code in a heterogeneous network environment, sending message data through the client terminal, receiving the message data through a test server, judging the message data, determining whether the sending of the message data is the message data sent by the client terminal connected to the heterogeneous network, if so, sending a source IP address and client terminal information to a management platform, judging the source IP address through the client terminal information by the management platform, and determining whether the source IP address in the message data is an illegal transfer point.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the description below are only some embodiments of the invention, and that other drawings can be obtained according to these drawings without inventive faculty for a person skilled in the art.
Fig. 1 is a schematic diagram of an application scenario of an illegal switching point detection method according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of an illegal switching point detection method according to an embodiment of the present invention;
fig. 3 is a schematic flow chart of a method for detecting an illegal switching point in this province according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a client terminal simulation application when detecting an illegal transit point in this province according to an embodiment of the present invention;
fig. 5 is a schematic diagram of data processing during illegal switching point detection in this province according to an embodiment of the present invention;
fig. 6 is a schematic flow chart of a method for detecting an illegal switching point in talent according to an embodiment of the present invention;
fig. 7 is a schematic diagram of a client terminal simulation application when detecting an illegal switching point in talent according to an embodiment of the present invention;
Fig. 8 is a schematic diagram of data processing during detecting an illegal switching point in talent according to an embodiment of the present invention;
fig. 9 is a flow chart of another illegal switching point detection method according to an embodiment of the present invention;
FIG. 10 is a flowchart illustrating another method for detecting an illegal switching point in this province according to the present invention;
FIG. 11 is a flowchart of another method for detecting an illegal switching point in Taprovince according to an embodiment of the present invention;
fig. 12 is a schematic structural diagram of an illegal switching point detecting device according to an embodiment of the present invention;
fig. 13 is a schematic structural diagram of another illegal switching point detecting device according to an embodiment of the present invention;
fig. 14 is a schematic hardware structure of a test server according to an embodiment of the present invention;
fig. 15 is a schematic hardware structure of a management platform according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The terms "first," "second," "third," "fourth" and the like in the description and in the claims and in the above drawings, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented, for example, in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Fig. 1 is a schematic application scenario of an illegal switching point detection method provided by an embodiment of the present invention, where, as shown in fig. 1, the application scenario includes an operator a subnet, an operator a network, a direct connection point, an operator B network, and an operator B subnet. The network of the operator A is a network of a certain operator, and the network of the operator B is a network of any operator except the network of the operator A. The operator a subnetwork refers to one of several small networks of the address division of the operator a network, and the operator B subnetwork refers to one of several small networks of the address division of the operator B network. Wherein the operator A network and the operator B network are different networks, namely, belong to different networks.
Under normal conditions, when the sub-network of the operator A communicates with the sub-network of the operator B, connection needs to be established between the sub-network of the operator A, the direct connection point and the sub-network of the operator B, but if the sub-network of the operator A directly accesses the content of the sub-network of the operator B by establishing an illegal switching point in the sub-network of the operator B, the illegal switching is caused. The illegal transfer point may be an IP address of the present province or an IP address of an external province. As shown in fig. 1, line 1 in the figure represents the legal data flow from the operator a subnet to the operator B subnet; line 2 represents the illegal data flow from the operator a subnet to the operator B subnet; triangles represent illegal transfer points.
In some technologies, a software probe is generally arranged in a heterogeneous network environment for determining an illegal transfer point, after a target route is acquired through the software probe, the target route is sent to an reporting point, and whether the illegal transfer point exists or not is determined according to the target route. However, in this method, the target route needs to be acquired by the route tracing protocol when acquiring the route data. For the different network group, the protocol can be closed, so that the local network group cannot acquire the target route, and further whether the different network group sets an illegal transfer point in the local network cannot be determined.
In other techniques, the illegal transfer point is determined by a method of collecting IDC (Internet Data Center ) traffic, which is to count and analyze the obtained traffic from multiple dimensions, and analyze the traffic flow direction and the protocol duty cycle to determine the suspected IP. However, on the one hand, the method can only analyze the flow, and the determined illegal transfer point is not accurate enough; on the other hand, the illegal switching group can access the switched traffic through different switching points through different protocols and interfaces, so that the illegal switching points cannot be effectively determined.
When the heterogeneous network group sets an illegal transfer point, the source IP address of the message data is changed when the message data passes through the illegal transfer point, so that the client terminal can be connected in the heterogeneous network environment and the received message data is judged, if the message data is sent by the client terminal connected in the heterogeneous network environment, and meanwhile, the source IP address of the message data is not the source IP address of the local network, the source IP address corresponding to the message data is the illegal transfer point. Specifically, an identification verification code can be inserted into the message data sent by the client terminal to judge whether the received message data is sent by the client terminal connected in the heterogeneous network environment, the process does not need to acquire target route data, whether the source IP address of the message data is an illegal transfer point can be effectively determined, the method does not depend on service flow, and the defect brought by determining the illegal transfer point by the method for acquiring IDC service flow can be overcome.
The technical scheme of the invention is described in detail below by specific examples. The following embodiments may be combined with each other, and some embodiments may not be repeated for the same or similar concepts or processes.
Fig. 2 is a flow chart of an illegal switching point detection method according to an embodiment of the present invention, where the method of the present embodiment may be executed by a test server. As shown in fig. 2, the method of the present embodiment may include:
s201, receiving message data sent by a client terminal; the message data comprises a source IP address, client terminal information and an identification verification code; the identification verification code is data issued by the management platform according to the client terminal information.
In this embodiment, the client terminal includes a client terminal that sends message data to the test server through the normal network, and further includes a client terminal that is connected in a heterogeneous network environment and is provided with an identification verification code in the sent message data, where the client terminal connected in the heterogeneous network environment is referred to as a soft probe client. The test server is matched with the client terminal in the heterogeneous network environment, and the test server receives the message data sent by the client terminal through the simulation of the Internet service by the client terminal. The number of the client terminals can be multiple, and the client terminals are connected to different positions of the different networks, so that the situation that detection failure occurs due to shielding caused by analysis of the other party is avoided.
The message data sent by the client terminal comprises a source IP address, client terminal information and an identification verification code, wherein the source IP address refers to the IP address of the client terminal when the client terminal sends the message; the client information refers to an ID of the client or a name of the client, a number of execution tasks, and the like; the identification verification code is a verification code randomly generated by the management platform through a preset rule, for example, the identification verification code can be a 64-bit random verification code.
The message data is request data initiated by the client terminal when surfing the internet. The request data may include different kinds of real services according to tasks issued by the management platform, for example, a service simulating a client terminal to access a website, a service simulating a client terminal to view a video resource, a service simulating a client terminal to download a resource, and the like.
The test server can receive data by copying the uplink flow and acquiring message data from the uplink flow, or can directly receive the message data sent by the client terminal.
S202, determining whether the sender of the message data is a client terminal connected to a different network according to the identification verification code.
The foreign network refers to a network of other operators, and the home network refers to an operator network of a party to which a tester belongs, for example: the home network is a network of a communication operator, and the foreign network is any network of a non-communication operator. When the test server receives the message data, the source of the message data may be a client terminal connected in a different network environment, or may be a client terminal connected in a local network environment. Therefore, when determining the illegal transfer point, it is necessary to determine that the sender of the message data is the client terminal connected in the heterogeneous network environment, and then determine whether the message data of the client terminal passes through the illegal transfer point according to the message data of the client terminal in the heterogeneous network environment.
Specifically, the identification verification code can be determined, the test server can acquire the identification verification code in the message data and process the identification verification code, and if the processed result meets the preset condition, the sender of the message data is a client terminal connected to the different network.
And S203, if the sender of the message data is a client terminal connected to a different network, generating a detection instruction according to the source IP address and the client terminal information, and sending the detection instruction to the management platform, wherein the detection instruction is used for the management platform to determine whether the source IP address is an illegal transfer point.
In this embodiment, after determining that the client terminal is a client terminal connected to a different network, it is necessary to continuously determine whether the source IP address in the message data is an illegal transfer point according to the message data of the client terminal. Wherein the determining process may be performed at the management platform. Specifically, after determining that the client terminal is connected to the client terminal in the heterogeneous network environment, the test server may decapsulate the message data to obtain client terminal information and a source IP address, combine the decapsulated client terminal information and the source IP address to generate a detection instruction, and send the detection instruction to the management platform.
The management platform can determine whether the source IP address is an illegal transfer point according to the detection instruction, wherein the basis for the management platform to judge is that the source IP address in the message data is changed when the message data sent by the client terminal passes through the illegal transfer point; when the message data sent by the client terminal is transmitted through a legal channel, the source IP address in the message is not changed. The management can determine whether the source IP address is an illegal transfer point by judging the source IP address in the message data.
The method for determining whether the source IP address is the illegal transfer point can accurately determine whether the sender of the message data is a client terminal in a heterogeneous network environment by inserting the identification verification code into the message data, and further judge the source IP address of the client terminal, so that the illegal transfer point can be accurately determined.
Fig. 3 is a schematic flow chart of a method for detecting an illegal switching point in this province according to an embodiment of the present invention, and fig. 4 is a schematic diagram of a client terminal simulation application for detecting an illegal switching point in this province according to an embodiment of the present invention; fig. 5 is a schematic diagram of data processing during illegal switching point detection in this province according to an embodiment of the present invention; based on the above embodiments, the embodiment of the present invention can detect the illegal switching point of the present province, so as to effectively determine the effect of the illegal switching point of the present province. This embodiment will be described in detail with reference to fig. 3, 4 and 5. As shown in fig. 3, the method of the present embodiment includes:
Step S301, collecting message data of a metropolitan area network outlet.
The test server is local side acquisition and analysis equipment arranged at an outlet of the local metropolitan area network, and the message data comprises a destination IP address or a destination port.
In this embodiment, the province refers to the province where the tester is located, and the home network refers to the network of the operator to which the tester belongs, which can be understood that when the operator of the foreign network in the province sets an illegal switching point in the province, and steals the traffic of the foreign network to the home network through the illegal switching point, the illegal switching point can be detected.
When detecting the illegal switching point in this province, the test server is a local side collecting and analyzing device, and the device is a server with data collecting and analyzing functions. As shown in fig. 4, the client terminal is disposed in the environment of the local area network, and the local side collecting and analyzing device is disposed at the exit of the local area network, that is, at the exit of the local area network, and the collected data is the message data flowing through the local area network. The illegal transfer point can provide NAT or Proxy service, the NAT refers to IP conversion network function equipment, the Proxy refers to a protocol network Proxy server, and the heterogeneous network traffic can be transited to the local network through the NAT or Proxy.
The method for collecting data can be a port mirror image or passive light splitting mode, and the access request data of broadband user off-line is copied to the local side collecting and analyzing equipment. The port mirror image is to set up port mirror image on the exchanger of the core layer or convergence layer of the network to copy the outbound data of the upper connection port of the exchanger to the local side collecting and analyzing equipment. Passive optical splitting means that an optical splitter is provided at an optical line terminal, and access request data of a user is acquired by performing optical copying on a physical layer. Wherein the access request data is message data.
As shown in fig. 5, the state of the message data sent by the client terminal is the original state of the message data, and when the message data enters the home network through the illegal switching point, that is, the state of the message data acquired by the local side acquisition and analysis device is the state when the message enters the home network. The source IP address in the message data sent by the client terminal is local_ip, the source IP address in the received message data is global_ip, the local_ip represents a network IP address used in a heterogeneous network environment, and the global_ip represents a network IP address used in a Local network environment. When passing through the illegal transfer point, the source IP address is changed, namely, the local_ip is not equal to the global_ip; when no illegal transfer point is passed, the source IP address is not changed, i.e. local_ip is equal to global_ip.
Step S302, message data containing a preset destination IP address or destination port is screened out from the collected message data.
After the local side acquisition and analysis equipment acquires the message data, the acquired message data can be screened, specifically, the message data sent by the client terminal comprises a destination IP or a destination port, and the local side acquisition and analysis equipment can screen the message data through the destination IP or the destination port. Specifically, the message data corresponding to the destination IP or the destination port to be screened can be determined by receiving the instruction sent by the management platform.
The client terminal sends out the message data according to the destination IP address or destination port of the Internet resource A issued by the management platform to access the Internet resource A, as shown in the data flow 1 of FIG. 4; the client terminal sends out the message data according to the destination IP address or destination port where the internet resource B is located, which is issued by the management platform, so as to access the internet resource B, as shown in fig. 4, which is data flow 2. The local side acquisition and analysis equipment can obtain message data corresponding to the data stream 1 and the data stream 2 through the destination IP or the destination port corresponding to the Internet resource A and the Internet resource B. The target addresses and protocols of the test data streams are different, and may form different IP addresses of the local network of the province, such as global_ip1 and global_ip2.
The number of message data processed by the local side acquisition and analysis equipment can be reduced by screening data containing the destination IP or the destination port.
And step S303, analyzing the message data to obtain the identification verification code in the message data.
When judging whether the sender of the message data is a client terminal connected to a different network according to the identification verification code, firstly analyzing the acquired message data to obtain the identification verification code in the message data, wherein a deep message inspection (Deep Packet Inspection, DPI) technology can be adopted to unlock three-layer and four-layer message heads of an open system interconnection communication reference model, and the numerical value of a formulated position is analyzed to obtain the identification verification code.
And step S304, calculating the identification verification code and the first verification information according to a preset verification rule to obtain a verification result.
In this embodiment, after the identifier verification code is obtained, the identifier verification code may be verified. The local side collects first check information and second check information issued by a management platform in the storage of the analysis equipment, wherein the second check information is obtained through operation of a preset check rule according to the identification verification code and the first check information. The first and second verification information and the identification verification code are binary data.
Therefore, after the identification verification code is obtained, the identification verification code and the first verification information can be operated according to a preset verification rule, so that a verification result is obtained. For example: and the data issued by the management platform is obtained through a checking rule of AND operation, and then the identification verification code and the first checking information are subjected to AND operation to obtain a checking result of AND operation.
Step S305, judging whether the verification result is consistent with the second verification information, if so, determining that the sender of the message data is a client terminal connected to a different network.
The first check information and the second check information are data which are generated by the management platform according to a preset check rule and sent to the test server.
After the verification result is obtained, the verification result and the second verification information can be compared to judge whether the verification result is consistent with the second verification information, if so, the identification verification code is data issued by the management platform, and the sender of the message data corresponding to the identification verification code is a client terminal connected to the different network. If the identification verification codes are inconsistent, the identification verification codes are not data issued by the management platform, and the sender of the message data corresponding to the identification verification codes is not a client terminal connected to the different network.
Step S306, if the sender of the message data is a client terminal connected to a heterogeneous network, a detection instruction is generated according to the source IP address and the client terminal information, and the detection instruction is sent to the management platform, wherein the detection instruction is used for the management platform to determine whether the source IP address is an illegal transfer point.
Step S306 is similar to step S203 in the above embodiment, and the description of this embodiment is omitted here.
In the above embodiment, by setting a local side acquisition and analysis device, message data of all destination IP addresses or destination ports can be obtained, without setting a plurality of test servers, the management platform uniformly generates the identifier verification code, the first verification information and the second verification information, and makes the test server verify the identifier verification code according to the two verification information. In addition, the identification verification code is randomly generated, and the verification rule can be changed at any time, so that the different network groups cannot track.
Fig. 6 is a schematic flow chart of a method for detecting an illegal switching point in talent, and fig. 7 is a schematic diagram of a client terminal simulation application for detecting an illegal switching point in talent, according to an embodiment of the present invention; fig. 8 is a schematic diagram of data processing during illegal switching point detection in talent province according to an embodiment of the present invention. Based on the embodiment, the embodiment of the invention can detect the illegal switching point of Taprovince and can achieve the effect of detecting the illegal switching point of Taprovince. As shown in fig. 6, the method of the present embodiment includes:
Step S601, receiving message data including the destination IP address or destination port.
The test server is a test server corresponding to a destination IP address or a destination port, and the message data comprises the destination IP address or the destination port.
In this embodiment, he province refers to the province where the non-tester is located, the test server is a port node, the port node is a program running on the server, the server may be set in any network, the number of port nodes may be multiple, so as to obtain more message data, and one port node may only test the message data of one destination IP or destination port. The program of the information port node supports the general server of the X86 architecture, the CenOS7.0 and the operating systems above.
The list of message data monitored by the information port node is determined by the management platform, can support definition according to a target protocol TCP/UDP, a target IP address and a target port, and can cover various real internet service.
The message data acquired by the information port node is the message data flowing through the province, for example, the information port node is a test server arranged in the province A (not in the province), and the received message data is the message data flowing through the province A.
The message data acquired by the information port node is directly the data containing the destination IP address or the destination port, and the process of data screening is not needed. In addition, the information port node has the characteristics of flexible deployment, application expandability and the like, and can be matched with a client terminal to acquire useful information.
When detecting an illegal switching point of the other province, if a local side acquisition and analysis device is arranged at an outlet of a metropolitan area network of the other province, all uplink access data of the other province can be acquired, and hidden danger is caused to the data security of the other province, so that the positioning of the illegal switching point of the other province cannot be realized by adopting the method.
By setting the information port node in the tested place, the message data of the destination IP address or the destination port can be directly obtained without collecting all data of the metropolitan area network outlet, so that the analysis of the message data can be realized, and whether an illegal transfer point exists or not can be determined according to the message data.
As shown in fig. 7, information port nodes may be set in different networks, CDN networks, cloud resources, local networks in other provinces, and the like, and a management platform may be set in the local network in other provinces, for receiving a detection instruction sent by the information port nodes.
The method for detecting the illegal transfer point in the other province is the same as that in the other province, and as shown in fig. 8, if the message data passes through the illegal transfer point in the other province, the source IP address is changed.
It should be noted that, the method can also detect an illegal transit point in this province, that is, the information port node is set at the position of the local network in this province.
Step S602, analyzing the message data to obtain the identification verification code in the message data.
And step 603, calculating the identification verification code and the first verification information according to a preset verification rule to obtain a verification result.
Step S604, judging whether the verification result is consistent with the second verification information, if so, determining that the sender of the message data is a client terminal connected to a different network.
The first check information and the second check information are data which are generated by the management platform according to a preset check rule and sent to the test server.
Step S605, if the sender of the message data is a client terminal connected to a heterogeneous network, generating a detection instruction according to the source IP address and the client terminal information, and sending the detection instruction to the management platform, where the detection instruction is used for the management platform to determine whether the source IP address is an illegal transfer point.
Step S602 to step S605 are similar to step S303 to step S306 in the above embodiment, and are not described here.
According to the embodiment, by setting the information port node, the illegal transfer point in other provinces can be detected, so that the test target of the client terminal is more flexible, more effective message data can be obtained, and the efficiency of screening the illegal transfer point can be improved. The information port nodes can be flexibly deployed, and are prevented from being monitored by different network groups.
Fig. 9 is a flowchart of another illegal switching point detection method according to an embodiment of the present invention, where the method of the present embodiment may be executed by a management platform. As shown in fig. 9, the method of the present embodiment may include:
step S901, sending an identification verification code to a client terminal, so that the client terminal obtains message data according to a source IP address, client terminal information and the identification verification code, and sending the obtained message data to a test server.
In this embodiment, in the process of detecting the illegal transfer point, the management platform needs to first send an identification verification code to the client terminal, where the identification verification code is randomly generated by the management platform through a preset verification rule. After receiving the identification verification code, the client terminal can obtain message data according to the identification verification code, the source IP address and the client terminal information. Specifically, the client terminal may encapsulate the data according to a preset rule to obtain the message data.
Step S902, receiving a detection instruction sent by the test server, where the detection instruction includes a source IP address and client terminal information.
The detection instruction is generated after the test server receives message data sent by the client terminal and determines that the sender of the message data is the client terminal connected to the different network and sends the message data to the management platform.
In this embodiment, after determining that the sender of the message data is a client terminal connected to a different network, the test server may generate a detection instruction, and the management platform may receive the detection instruction.
Step S903, determining whether the source IP address is an illegal transfer point according to the detection instruction.
When the management platform determines whether an illegal transfer point exists according to the detection instruction, specifically, whether the source IP address is the illegal transfer point can be determined according to the client terminal information in the detection instruction.
When the message data passes through the illegal transfer point, the source IP address will change, so based on the fact, the management platform can determine whether the source IP address is the illegal transfer point.
According to the method, after the message data is determined to be the message data sent by the client terminal of the different network, the source IP address in the message data can be judged, and when the message data sent by the client terminal of the different network is met at the same time and the source IP address of the message data is changed, the source IP address is an illegal transfer point, so that the illegal transfer point can be effectively and accurately determined without secondary judgment.
Fig. 10 is a schematic flow chart of another method for detecting an illegal switching point in this province according to the embodiment of the present invention, where on the basis of the foregoing embodiment, the embodiment of the present invention can detect an illegal switching point in this province, so as to achieve the effect of detecting an illegal switching point in this province. As shown in fig. 10, the method of the present embodiment includes:
s1001, sending an identification verification code to a client terminal, so that the client terminal obtains message data according to a source IP address, client terminal information and the identification verification code, and sending the obtained message data to a test server.
Optionally, the process of sending the identification verification code to the client terminal may be: receiving a client terminal ID sent by the client terminal; verifying the ID of the client terminal, and if the ID passes the verification, sending a test task and an identification verification code to the client terminal so that the client terminal obtains packaged message data according to the test task and the identification verification code; wherein the test task includes a destination IP or destination port.
Before the identification verification code is sent to the client terminal, the client terminal needs to be verified, after the verification is passed, the client terminal is legal, specifically, the client terminal can firstly send the client terminal ID to the management platform, and the management platform judges whether the client terminal ID is the stored client terminal ID, if so, the verification is passed. After the client terminal passes the verification, the management platform can generate an identification verification code and a test task, and the test task can cover various real services, such as a service of accessing a website, a service of watching video resources, a service of downloading resources and the like.
After the client terminal obtains the identification verification code and the test task, the obtained data can be packaged to obtain the message data. The encapsulated message data may be referred to as the message data shown in fig. 5 and 8.
By verifying the client terminal, the information security of the data verification process can be ensured, and the monitoring by a heterogeneous network group is avoided.
S1002, receiving a detection instruction sent by the local side acquisition and analysis equipment; the detection instruction is generated after the local side acquisition and analysis equipment determines that the sender of the message data is a client terminal connected to a different network.
The test server is local side acquisition and analysis equipment arranged at the outlet of the local metropolitan area network, and the message data comprises a destination IP address or a destination port.
The process of receiving the detection instruction sent by the local side acquisition and analysis device by the management platform corresponds to the process of sending the detection instruction to the management platform by the local side acquisition and analysis device, and the implementation principle and the technical effect are similar, and are not repeated here.
S1003, determining a source IP address corresponding to the client terminal according to the client terminal information.
S1004, judging whether the source IP address corresponding to the client terminal is consistent with the source IP address in the message data.
S1005, if the source IP addresses are inconsistent, determining that the source IP addresses in the message data are illegal transfer points.
When determining whether the source IP address is an illegal transfer point, it may be determined based on the client terminal information. The client terminal information may be a client terminal ID, or may be a client terminal name.
The management platform stores the source IP address of each client terminal, and the source IP address is the source IP address when the client terminal sends the message data, namely the source IP address of the initial state of the message data.
After the source IP address corresponding to the client terminal is obtained, the source IP address corresponding to the client terminal and the source IP address in the message data can be compared, if the source IP address is inconsistent with the source IP address, the message data passes through an illegal transfer point, and the source IP address is changed; if the paths are consistent, the message data is a legal path.
The method can detect the illegal transfer point of the province, and the client terminal needs to be verified before the identification verification code is sent to the client terminal, so that the safety of the client terminal can be ensured, and whether the illegal transfer point exists in the province can be accurately determined by judging whether the source IP address is changed or not.
Fig. 11 is a schematic flow chart of another method for detecting an illegal switching point in talent, which is provided by the embodiment of the present invention, and on the basis of the foregoing embodiment, the embodiment of the present invention can detect the illegal switching point in talent, so as to achieve the effect of detecting the illegal switching point in talent. As shown in fig. 10, the method of the present embodiment includes:
S1101, sending an identification verification code to the client terminal, so that the client terminal obtains message data according to the source IP address, the client terminal information and the identification verification code, and sending the obtained message data to the test server.
Step S1101 is similar to step S1001 in the above embodiment, and the description of this embodiment is omitted here.
S1102, receiving a detection instruction sent by the test server; the detection instruction is generated after the test server determines that the sender of the message data is a client terminal connected to a different network.
The test server is a test server corresponding to a destination IP address or a destination port, and the message data comprises the destination IP address or the destination port.
The process of receiving the detection instruction sent by the test server by the management platform corresponds to the process of sending the detection instruction to the management platform by the test server, and the implementation principle and the technical effect are similar, and are not repeated here.
And S1103, determining a source IP address corresponding to the client terminal according to the client terminal information.
S1104, judging whether the source IP address corresponding to the client terminal is consistent with the source IP address in the message data.
S1105, if the source IP addresses are inconsistent, determining that the source IP addresses in the message data are illegal transfer points.
Step S1103 to step S1105 are similar to step S1003 to step S1005 in the above embodiment, and are not described here.
The method can detect illegal transfer points of other provinces, the client terminal needs to be verified before the identification verification code is sent to the client terminal, the safety of the client terminal can be ensured, and whether the illegal transfer points exist in other provinces can be accurately determined by judging whether the source IP address is changed or not. In addition, the method can also determine illegal switching points of the province.
Fig. 12 is a schematic structural diagram of an illegal switching point detection device according to an embodiment of the present invention, and as shown in fig. 12, the illegal switching point detection device 120 according to the present embodiment may include: a first receiving module 1201, a first determining module 1202 and a first transmitting module 1203.
A first receiving module 1201, configured to receive packet data sent by a client terminal; the message data comprises a source IP address, client terminal information and an identification verification code; the identification verification code is data issued by the management platform according to the client terminal information.
A first determining module 1202, configured to determine whether the sender of the packet data is a client terminal connected to a different network according to the identifier verification code.
The first sending module 1203 is configured to generate a detection instruction according to the source IP address and the client terminal information if the sender of the packet data is a client terminal connected to a heterogeneous network, and send the detection instruction to the management platform, where the detection instruction is used for the management platform to determine whether the source IP address is an illegal transfer point.
Optionally, the first determining module 1202 is specifically configured to:
analyzing the message data to obtain an identification verification code in the message data;
calculating the identification verification code and the first verification information according to a preset verification rule to obtain a verification result;
judging whether the verification result is consistent with the second verification information, if so, determining that the sender of the message data is a client terminal connected to a different network;
the first check information and the second check information are data which are generated by the management platform according to a preset check rule and sent to the test server.
Optionally, the first receiving module 1201 is specifically configured to:
Collecting message data of an outlet of the provincial metropolitan area network;
screening message data containing a preset destination IP address or destination port from the collected message data;
the test server is local side acquisition and analysis equipment arranged at an outlet of the local metropolitan area network, and the message data comprises a destination IP address or a destination port.
Optionally, the first receiving module 1201 is specifically configured to:
and receiving message data containing the destination IP address or the destination port, wherein the test server is a test server corresponding to the destination IP address or the destination port, and the message data comprises the destination IP address or the destination port.
The detection device for the illegal switching point provided by the embodiment of the present invention can implement the detection method for the illegal switching point in the embodiments shown in fig. 2, 3 and 6, and its implementation principle and technical effects are similar, and are not repeated here.
Fig. 13 is a schematic structural diagram of another illegal switching point detection device according to an embodiment of the present invention, and as shown in fig. 13, the illegal switching point detection device 130 according to this embodiment may include: a second transmitting module 1301, a second receiving module 1302 and a second determining module 1303.
And the second sending module 1301 is configured to send an identification verification code to the client terminal, so that the client terminal obtains message data according to the source IP address, the client terminal information and the identification verification code, and sends the message data to the test server.
A second receiving module 1302, configured to receive a detection instruction sent by the test server, where the detection instruction includes a source IP address and client terminal information; the detection instruction is generated after the test server receives message data sent by the client terminal and determines that the sender of the message data is the client terminal connected to the different network and sends the message data to the management platform.
The second determining module 1303 is configured to determine whether the source IP address is an illegal transfer point according to the client information in the detection instruction and the source IP address.
Optionally, the second determining module 1303 is specifically configured to:
determining a source IP address corresponding to the client terminal according to the client terminal information;
judging whether the source IP address corresponding to the client terminal is consistent with the source IP address in the message data;
if not, determining the source IP address in the message data as an illegal transfer point.
Optionally, the second receiving module 1302 is specifically configured to:
Receiving a detection instruction sent by the local side acquisition and analysis equipment; the detection instruction is generated after the local side acquisition and analysis equipment determines that the sender of the message data is a client terminal connected to a different network;
the test server is local side acquisition and analysis equipment arranged at the outlet of the local metropolitan area network, and the message data comprises a destination IP address or a destination port.
Optionally, the second receiving module 1302 is specifically configured to:
receiving a detection instruction sent by the test server; the detection instruction is generated after the test server determines that the sender of the message data is a client terminal connected to a different network;
the test server is a test server corresponding to a destination IP address or a destination port, and the message data comprises the destination IP address or the destination port.
Optionally, the second sending module 1301 is specifically configured to:
receiving a client terminal ID sent by the client terminal;
verifying the ID of the client terminal, and if the ID passes the verification, sending a test task and an identification verification code to the client terminal so that the client terminal obtains packaged message data according to the test task and the identification verification code; wherein the test task includes a destination IP or destination port.
The detection device for the illegal switching point provided by the embodiment of the present invention can implement the detection method for the illegal switching point in the embodiments shown in fig. 9, 10 and 11, and its implementation principle and technical effects are similar and will not be repeated here.
Fig. 14 is a schematic hardware structure of a test server according to an embodiment of the present invention. As shown in fig. 14, the test server 140 provided in this embodiment includes: at least one processor 1401, and memory 1402. The processor 1401 and the memory 1402 are connected through a bus 1403.
In a specific implementation process, the at least one processor 1401 executes the computer-executable instructions stored in the memory 1402, so that the at least one processor 1401 executes the illegal transit point detection method in the above method embodiment.
The specific implementation process of the processor 1401 may refer to the above-mentioned method embodiment, and its implementation principle and technical effects are similar, and this embodiment will not be described herein again.
Fig. 15 is a schematic hardware structure of a management platform according to an embodiment of the present invention. As shown in fig. 15, the management platform 150 provided in this embodiment includes: at least one processor 1501 and a memory 1502. The processor 1501 and the memory 1502 are connected by a bus 1503.
In a specific implementation process, the at least one processor 1501 executes computer-executable instructions stored in the memory 1502, so that the at least one processor 1501 executes the illegal transit point detection method in the above method embodiment.
The specific implementation process of the processor 1501 can be referred to the above method embodiment, and its implementation principle and technical effects are similar, and this embodiment will not be described herein again.
In the embodiments shown in fig. 14 and 15, it should be understood that the processor may be a central processing unit (in english: central Processing Unit, abbreviated as CPU), or may be other general purpose processors, digital signal processors (in english: digital Signal Processor, abbreviated as DSP), application specific integrated circuits (in english: application Specific Integrated Circuit, abbreviated as ASIC), or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor for execution, or in a combination of hardware and software modules in a processor for execution.
The memory may comprise high speed RAM memory or may further comprise non-volatile storage NVM, such as at least one disk memory.
The bus may be an industry standard architecture (Industry Standard Architecture, ISA) bus, an external device interconnect (Peripheral Component, PCI) bus, or an extended industry standard architecture (Extended Industry Standard Architecture, EISA) bus, among others. The buses may be divided into address buses, data buses, control buses, etc. For ease of illustration, the buses in the drawings of the present application are not limited to only one bus or one type of bus.
The embodiment of the invention also provides an illegal transfer point detection system which comprises the test server and the management platform.
The embodiment of the invention also provides a computer readable storage medium, wherein the computer readable storage medium stores computer execution instructions, and when a processor executes the computer execution instructions, the illegal switching point detection method of the embodiment of the method is realized.
The computer readable storage medium described above may be implemented by any type of volatile or non-volatile memory device or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk, or optical disk. A readable storage medium can be any available medium that can be accessed by a general purpose or special purpose computer.
An exemplary readable storage medium is coupled to the processor such the processor can read information from, and write information to, the readable storage medium. In the alternative, the readable storage medium may be integral to the processor. The processor and the readable storage medium may reside in an application specific integrated circuit (Application Specific Integrated Circuits, ASIC for short). The processor and the readable storage medium may reside as discrete components in a device.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the method embodiments described above may be performed by hardware associated with program instructions. The foregoing program may be stored in a computer readable storage medium. The program, when executed, performs steps including the method embodiments described above; and the aforementioned storage medium includes: various media that can store program code, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the invention.
Claims (13)
1. The illegal transfer point detection method is applied to a test server and is characterized by comprising the following steps:
receiving message data sent by a client terminal; the message data comprises a source IP address, client terminal information and an identification verification code; the identification verification code is data issued by the management platform according to the client terminal information;
determining whether the sender of the message data is a client terminal connected to a different network according to the identification verification code;
if the sender of the message data is a client terminal connected to a different network, generating a detection instruction according to the source IP address and the client terminal information, and sending the detection instruction to the management platform, wherein the detection instruction is used for the management platform to determine whether the source IP address is an illegal transfer point.
2. The method of claim 1, wherein determining whether the sender of the message data is a client terminal connected to a foreign network based on the identification verification code comprises:
analyzing the message data to obtain an identification verification code in the message data;
calculating the identification verification code and the first verification information according to a preset verification rule to obtain a verification result;
Judging whether the verification result is consistent with the second verification information, if so, determining that the sender of the message data is a client terminal connected to a different network;
the first check information and the second check information are data which are generated by the management platform according to a preset check rule and sent to the test server.
3. The method according to claim 1 or 2, wherein the test server is a local side collection and analysis device disposed at an exit of the local metropolitan area network, the message data includes a destination IP address or a destination port, and the receiving the message data sent by the client terminal includes:
collecting message data of an outlet of the provincial metropolitan area network;
and screening the message data containing the preset destination IP address or destination port from the collected message data.
4. The method according to claim 1 or 2, wherein the test server is a test server corresponding to a destination IP address or a destination port, the message data includes the destination IP address or the destination port, and the receiving the message data sent by the client terminal includes:
and receiving message data containing the destination IP address or the destination port.
5. The illegal transfer point detection method is applied to a management platform and is characterized by comprising the following steps of:
sending an identification verification code to a client terminal so that the client terminal obtains message data according to a source IP address, client terminal information and the identification verification code, and sending the obtained message data to a test server;
receiving a detection instruction sent by the test server, wherein the detection instruction comprises a source IP address and client terminal information; the detection instruction is generated after the test server receives message data sent by the client terminal and determines that the sender of the message data is the client terminal connected to the different network and sends the message data to the management platform;
and determining whether the source IP address is an illegal transfer point according to the client information in the detection instruction and the source IP address.
6. The method of claim 5, wherein determining whether the source IP address is an illegitimate transfer point based on the client information in the detection instruction and the source IP address comprises:
determining a source IP address corresponding to the client terminal according to the client terminal information;
judging whether the source IP address corresponding to the client terminal is consistent with the source IP address in the message data;
If not, determining the source IP address in the message data as an illegal transfer point.
7. The method according to claim 5 or 6, wherein the test server is a local side collection and analysis device disposed at an exit of the local metropolitan area network, the message data includes a destination IP address or a destination port, and the receiving a detection instruction sent by the test server includes:
receiving a detection instruction sent by the local side acquisition and analysis equipment; the detection instruction is generated after the local side acquisition and analysis equipment determines that the sender of the message data is a client terminal connected to a different network.
8. The method according to claim 5 or 6, wherein the test server is a test server corresponding to a destination IP address or a destination port, the message data includes the destination IP address or the destination port, and the receiving the detection instruction sent by the test server includes:
receiving a detection instruction sent by the test server; the detection instruction is generated after the test server determines that the sender of the message data is a client terminal connected to a different network.
9. The method of claim 5, wherein the sending the identification verification code to the client terminal comprises:
Receiving a client terminal ID sent by the client terminal;
verifying the ID of the client terminal, and if the ID passes the verification, sending a test task and an identification verification code to the client terminal so that the client terminal obtains packaged message data according to the test task and the identification verification code; wherein the test task includes a destination IP or destination port.
10. A test server, comprising: at least one processor and memory;
the memory stores computer-executable instructions;
the at least one processor executing computer-executable instructions stored in the memory causes the at least one processor to perform the method of illegal transit point detection as claimed in any of claims 1 to 4.
11. A management platform, comprising: at least one processor and memory;
the memory stores computer-executable instructions;
the at least one processor executing computer-executable instructions stored in the memory causes the at least one processor to perform the method of illegitimate tap detection as claimed in any of claims 5 to 9.
12. An illegal switching point detection system, characterized by comprising the test server according to claim 10 and the management platform according to claim 11.
13. A computer-readable storage medium having stored therein computer-executable instructions that, when executed by a processor, implement the method of detecting an illegal transit point according to any of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011406849.0A CN114666072B (en) | 2020-12-04 | 2020-12-04 | Illegal switching point detection method, server, platform, system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011406849.0A CN114666072B (en) | 2020-12-04 | 2020-12-04 | Illegal switching point detection method, server, platform, system and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114666072A CN114666072A (en) | 2022-06-24 |
| CN114666072B true CN114666072B (en) | 2023-06-02 |
Family
ID=82025180
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011406849.0A Active CN114666072B (en) | 2020-12-04 | 2020-12-04 | Illegal switching point detection method, server, platform, system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114666072B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007033363A2 (en) * | 2005-09-13 | 2007-03-22 | Ist International, Inc. | System and method for providing packet connectivity between heterogeneous networks |
| CN101764833A (en) * | 2008-12-24 | 2010-06-30 | 中国移动通信集团公司 | Resource node information notification method and network entity device |
| CN103532789A (en) * | 2013-10-25 | 2014-01-22 | 北京直真科技股份有限公司 | Inter-network transparent transmission detecting system |
| CN106878135A (en) * | 2016-12-21 | 2017-06-20 | 新华三技术有限公司 | A kind of connection method and device |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7984160B2 (en) * | 2009-03-05 | 2011-07-19 | Riverbed Technology, Inc. | Establishing a split-terminated communication connection through a stateful firewall, with network transparency |
| US10158998B2 (en) * | 2016-06-21 | 2018-12-18 | Qualcomm Incorporated | Network path probing using available network connections |
-
2020
- 2020-12-04 CN CN202011406849.0A patent/CN114666072B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007033363A2 (en) * | 2005-09-13 | 2007-03-22 | Ist International, Inc. | System and method for providing packet connectivity between heterogeneous networks |
| CN101764833A (en) * | 2008-12-24 | 2010-06-30 | 中国移动通信集团公司 | Resource node information notification method and network entity device |
| CN103532789A (en) * | 2013-10-25 | 2014-01-22 | 北京直真科技股份有限公司 | Inter-network transparent transmission detecting system |
| CN106878135A (en) * | 2016-12-21 | 2017-06-20 | 新华三技术有限公司 | A kind of connection method and device |
Non-Patent Citations (1)
| Title |
|---|
| 彭英 .《电信运营管理 第2版》.人民邮电出版社,2017,全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114666072A (en) | 2022-06-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108353004B (en) | Method, system, and computer readable medium for testing Network Function Virtualization (NFV) | |
| US7454523B2 (en) | Geographic location determination including inspection of network address | |
| CN111262879B (en) | Firewall security policy opening method and device based on simulation path analysis | |
| CN109491889B (en) | Method and device for automatic test in NFV | |
| CN111030873A (en) | Fault diagnosis method and device | |
| CN112671860A (en) | Service access method, system, electronic device and medium for kubernets cluster | |
| CN107864058B (en) | Fault judgment method and device | |
| CN115086208A (en) | Network card detection method and device, electronic equipment and storage medium | |
| CN114826969A (en) | Network connectivity checking method, device, equipment and storage medium | |
| CN114666072B (en) | Illegal switching point detection method, server, platform, system and storage medium | |
| CN108667913A (en) | Method, apparatus, computer equipment and the storage medium of shared terminal access-in management | |
| CN113206850A (en) | Malicious sample message information acquisition method, device, equipment and storage medium | |
| US20060130146A1 (en) | Network packet generation apparatus and method having attack test packet generation function for information security system test | |
| CN106921533B (en) | Method, device and system for measuring network performance | |
| CN114221808B (en) | Security policy deployment method and device, computer equipment and readable storage medium | |
| CN115580563B (en) | Mirror image data processing method and device of cloud network and electronic equipment | |
| Voznak et al. | Advanced concept of voice communication server on embedded platform | |
| Jia et al. | VoteGeo: An IoT-based voting approach to verify the geographic location of cloud hosts | |
| CN116170361B (en) | Method, device, equipment and medium for analyzing running state of intranet bypass mirror image system | |
| CN113452537B (en) | Fault positioning method and device based on model | |
| CN115426245B (en) | Cloud platform network fault automatic detection method, equipment and computer readable medium | |
| CN115426301B (en) | Device detection method, device, equipment and storage medium based on self-generated message | |
| CN115733768B (en) | Network node performance test method, device, equipment and medium | |
| CN117098164A (en) | Fault detection method and device | |
| CN115459936A (en) | Network path blocking point positioning method and device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |