CN115333816A - Method for identifying internet traffic of ipv6 campus network - Google Patents
Method for identifying internet traffic of ipv6 campus network Download PDFInfo
- Publication number
- CN115333816A CN115333816A CN202210927974.9A CN202210927974A CN115333816A CN 115333816 A CN115333816 A CN 115333816A CN 202210927974 A CN202210927974 A CN 202210927974A CN 115333816 A CN115333816 A CN 115333816A
- Authority
- CN
- China
- Prior art keywords
- network
- access
- terminal
- safety
- real
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 238000012544 monitoring process Methods 0.000 claims abstract description 85
- 238000004891 communication Methods 0.000 claims abstract description 7
- 238000007667 floating Methods 0.000 claims description 21
- 238000001514 detection method Methods 0.000 claims description 6
- 238000000926 separation method Methods 0.000 claims description 4
- 230000002159 abnormal effect Effects 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 claims description 3
- 238000004140 cleaning Methods 0.000 claims description 3
- 238000012937 correction Methods 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 abstract description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000004576 sand Substances 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for identifying internet surfing flow of an ipv6 campus network, belongs to the field of network flow, relates to a flow identification monitoring technology, and solves the technical problems that a campus network cannot be analyzed safely and the safety of an access terminal and an accessed terminal in the campus network cannot be monitored in the prior art, so that the data security of a connection terminal in the campus network is ensured and the validity of internet surfing flow identification is ensured; the method comprises the steps of carrying out safety monitoring on real-time communication of a mobile access terminal connected with a campus area coverage network in real time, identifying internet traffic of the real-time access terminal, and ensuring the monitoring performance of the access terminal so as to ensure the internet security of the access terminal; the safety monitoring is carried out on the accessed terminal browsed in real time by the access terminal, so that the safety of the accessed terminal is improved, the safety of the access terminal is ensured, the access risk of the access terminal is prevented from increasing, the cheating risk of a user corresponding to the access terminal is effectively reduced, and the online safety of student users is improved.
Description
Technical Field
The invention belongs to the field of network traffic, relates to a traffic identification and monitoring technology, and particularly relates to a method for identifying internet traffic of an ipv6 campus network.
Background
The rapid development of the network technology leads the network application to be more and more extensive, the learning and entertainment of students can not be supported by the campus network, and the data flow at the outlet of the campus network is also increased. Students visit various websites through the campus network, wherein a plurality of bad websites are not lacked, a plurality of students are cheated on the network every year, and the bad websites are identified in the campus network, so that personal interests of the students can be effectively protected, and the network space is purified.
In the prior art, the network used in the campus cannot be analyzed safely, and the safety of an access terminal and an accessed terminal in the campus network cannot be monitored, so that the cheating risk of student users in the campus is increased;
therefore, a method for identifying internet traffic of an ipv6 campus network is provided.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a method for identifying internet surfing flow of an ipv6 campus network, which is used for carrying out safety monitoring on a coverage network in a campus area, accurately judging the safety of the current campus network, ensuring the data safety of a connection terminal in the campus network and ensuring the effectiveness of internet surfing flow identification; the method comprises the steps of carrying out safety monitoring on real-time communication of a mobile access terminal connected with a campus area coverage network in real time, identifying internet traffic of the real-time access terminal, and ensuring the monitoring performance of the access terminal so as to ensure the internet security of the access terminal; the safety monitoring is carried out on the accessed terminal browsed in real time by the access terminal, so that the safety of the accessed terminal is improved, the safety of the access terminal is ensured, the access risk of the access terminal is prevented from increasing, the cheating risk of a user corresponding to the access terminal is effectively reduced, and the online safety of student users is improved.
The technical problem to be solved by the invention is as follows:
how to effectively improve the security of the campus network and the security of the campus network access terminal and the access terminal.
The purpose of the invention can be realized by the following technical scheme:
a method for identifying internet traffic of an ipv6 campus network is disclosed, wherein the method for identifying the internet traffic specifically comprises the following steps:
the method comprises the steps of firstly, monitoring a campus network, carrying out safety monitoring on a coverage network in a campus area, accurately judging the safety of the current campus network, and ensuring the data safety of a connection terminal in the campus network;
step two, access terminal safety monitoring, namely, carrying out safety monitoring on real-time communication of a mobile access terminal connected with a campus area coverage network in real time, and identifying internet traffic of the real-time access terminal to ensure the monitoring performance of the access terminal;
and step three, the safety monitoring of the accessed terminal is carried out, and the safety monitoring of the accessed terminal browsed in real time by the accessed terminal is carried out.
As a further technical scheme of the invention, in the step one, the school network monitoring process is as follows:
acquiring the access frequency of the access terminal which logs in for the first time in the campus area overlay network and the increasing speed of the access terminal corresponding to the first time, and respectively marking the access frequency of the access terminal which logs in for the first time in the campus area overlay network and the increasing speed of the access terminal corresponding to the first time as JRP and ZJS; acquiring the average continuous access network time length of non-first login in the campus area coverage network, and marking the average continuous access network time length of non-first login in the campus area coverage network as WLS;
by the formula
And acquiring a safety monitoring coefficient X in the campus area coverage network.
As a further technical scheme of the invention, a1, a2 and a3 are all preset proportionality coefficients, a1 is more than a2 and more than a3 and more than 0, beta is an error correction factor, and the value is 0.996; and comparing the safety monitoring coefficient X in the campus area coverage network with a safety monitoring coefficient threshold value.
As a further technical solution of the present invention, the comparing process of the safety monitoring coefficient X and the safety monitoring coefficient threshold in the campus area coverage network is as follows:
if the safety monitoring coefficient X in the campus area coverage network exceeds a safety monitoring coefficient threshold value, judging that the safety monitoring of the current campus area coverage network is qualified, marking the corresponding campus area coverage network as a safety network, performing access end open connection on the corresponding safety network, and entering the second step;
if the safety monitoring coefficient X in the campus area coverage network does not exceed the safety monitoring coefficient threshold, judging that the safety monitoring of the current campus area coverage network is unqualified, marking the corresponding campus area coverage network as a risk network, sending an IP address corresponding to the risk network to a mobile phone terminal of a manager, after receiving the IP address of the risk network, the manager cleans up a connection terminal and existing data in the risk network, and closes the access terminal connection of the risk network after cleaning.
As a further technical scheme of the invention, the access terminal safety monitoring in the step two comprises the following specific processes:
after the access end corresponding to the safety network is connected in an open mode, the safety network and the access end are connected, the interval distance between the position of the flow using terminal in the safety network and the position of the real-time access end when the access end for establishing the connection generates flow consumption in the safety network and the floating frequency corresponding to the position of the real-time access end in the safety network are acquired, and the interval distance between the position of the flow using terminal in the safety network and the position of the real-time access end when the access end for establishing the connection generates flow consumption in the safety network and the floating frequency corresponding to the position of the real-time access end in the safety network are compared with the interval distance threshold and the position floating frequency threshold respectively.
As a further technical scheme of the present invention, if the interval distance between the position of the traffic using terminal in the secure network and the real-time access point in the secure network exceeds the interval distance threshold value when the access point establishing the connection generates traffic consumption in the secure network, or the floating frequency of the real-time access point in the corresponding secure network exceeds the position floating frequency threshold value, it is determined that the security detection of the corresponding access point in the current secure network is abnormal, the connection of the corresponding access point in the secure network is interrupted, and when the secure network accurately manages and controls the real-time traffic usage of the access point, that is, the position of the access point can be controlled in real time, and the access point is re-accessed into the secure network;
if the separation distance between the position of the traffic using terminal in the secure network and the position of the real-time access terminal does not exceed the separation distance threshold value when the access terminal establishing the connection generates traffic consumption in the secure network, and the floating frequency of the position of the real-time access terminal in the corresponding secure network does not exceed the position floating frequency threshold value, judging that the security detection of the corresponding access terminal in the current secure network is normal, and entering the third step.
As a further technical solution of the present invention, the security monitoring process of the visited end in step three is as follows:
the access end which passes through the safety monitoring in the safety network is marked as a safety access end, the number of the connection terminals which finish the real names and correspond to the safety access end and the access cycle duration time corresponding to the number of the connection terminals in the access terminal are acquired, and the number of the connection terminals which finish the real names and correspond to the safety access end and the access cycle duration time corresponding to the number of the connection terminals in the access terminal are respectively compared with the real-time terminal number threshold and the duration time threshold.
As a further technical scheme of the invention, if the number of the connection terminals of the security access terminal corresponding to the accessed terminal, which finish the real name, exceeds the real-time terminal number threshold value, and the access cycle duration corresponding to the number of the connection terminals in the accessed terminal exceeds the duration threshold value, the security monitoring of the accessed terminal is judged to be qualified, and the accessed terminal and the access terminal are protected by browsing data encryption;
if the number of the connection terminals of the security access terminal corresponding to the accessed terminal, which complete the real name, does not exceed the real-time terminal number threshold, or the duration of the access period corresponding to the number of the connection terminals in the accessed terminal does not exceed the duration threshold, the security monitoring of the accessed terminal is determined to be unqualified, and the data transmission between the accessed terminal and the access terminal is set to be one-way, that is, the data of the access terminal is not set with access authority in the accessed terminal.
Compared with the prior art, the invention has the beneficial effects that:
in the invention, the coverage network in the campus area is monitored safely, the safety of the current campus network is accurately judged, the data safety of a connection terminal in the campus network is ensured, and the effectiveness of internet traffic identification is ensured; the method comprises the steps of carrying out safety monitoring on real-time communication of a mobile access terminal connected with a campus area coverage network in real time, identifying internet traffic of the real-time access terminal, and ensuring the monitoring performance of the access terminal so as to ensure the internet security of the access terminal; the safety monitoring is carried out on the accessed terminal browsed in real time by the access terminal, so that the safety of the accessed terminal is improved, the safety of the access terminal is ensured, the access risk of the access terminal is prevented from increasing, the cheating risk of a user corresponding to the access terminal is effectively reduced, and the online safety of student users is improved.
Drawings
In order to facilitate understanding for those skilled in the art, the present invention will be further described with reference to the accompanying drawings.
FIG. 1 is a flow chart of the operation of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the following embodiments, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In an embodiment, please refer to fig. 1, a method for identifying internet traffic of ipv6 campus network is provided;
wherein, IPv6 is an abbreviation of "internet protocol version6" (internet protocol version 6), which is a next generation IP protocol designed by Internet Engineering Task Force (IETF) to replace IPv4, and the number of addresses can be called to code an address for each sand worldwide. The biggest problem of IPv4 lies in that network address resources are insufficient, which severely restricts the application and development of the Internet. The use of IPv6 not only solves the problem of the number of network address resources, but also solves the obstacle of connecting various access devices to the Internet. The design goal of IPv6 is to replace IPv4, however IPv4 has long been dominating in internet traffic and IPv6 usage has grown slowly. At present, the percentage of users using Google services through IPv6 is over 40% for the first time. Moreover, the internet digital distribution agency (IANA) has proposed proposals to the Internet Engineering Task Force (IETF) that newly established internet standards only support IPv6 and are no longer compatible with IPv4;
it should be specifically explained that, in this embodiment, the process of the method for identifying the school park network internet traffic is specifically as follows:
firstly, monitoring a campus network, carrying out safety monitoring on a coverage network in a campus area, accurately judging the safety of the current campus network, ensuring the data safety of a connection terminal in the campus network and ensuring the effectiveness of internet traffic identification;
secondly, carrying out safety monitoring on an access terminal, carrying out safety monitoring on real-time communication of a mobile access terminal connected with a campus area coverage network in real time, identifying the internet traffic of the real-time access terminal, and ensuring the monitoring performance of the access terminal so as to ensure the internet security of the access terminal;
step three, the safety monitoring of the accessed terminal is finally carried out, the accessed terminal browsed in real time by the access terminal is safely monitored, the safety of the accessed terminal is effectively improved, the safety of the access terminal can be further ensured, the access risk of the access terminal is effectively prevented from increasing, the cheating risk of a user corresponding to the access terminal is effectively reduced, and the internet surfing safety of student users is improved;
in this embodiment, the monitoring process of the school network in the first step is as follows:
acquiring the access frequency of the access terminal which logs in for the first time in the campus area overlay network and the increasing speed of the access terminal corresponding to the first time, and respectively marking the access frequency of the access terminal which logs in for the first time in the campus area overlay network and the increasing speed of the access terminal corresponding to the first time as JRP and ZJS; acquiring the average continuous access network time length of non-first login in the campus area coverage network, and marking the average continuous access network time length of non-first login in the campus area coverage network as WLS;
by the formula
Acquiring a safety monitoring coefficient X in a campus area coverage network, wherein a1, a2 and a3 are preset proportionality coefficients, a1 is larger than a2 and larger than a3 and larger than 0, beta is an error correction factor, and the value of beta is 0.996 as long as the values of a1, a2, a3 and beta do not influence the positive-negative ratio relation between parameters and a result value;
comparing a safety monitoring coefficient X in the campus area coverage network with a safety monitoring coefficient threshold value:
if the safety monitoring coefficient X in the campus area coverage network exceeds a safety monitoring coefficient threshold value, judging that the safety monitoring of the current campus area coverage network is qualified, marking the corresponding campus area coverage network as a safety network, performing access end open connection on the corresponding safety network, and entering the second step;
if the safety monitoring coefficient X in the campus area coverage network does not exceed the safety monitoring coefficient threshold, judging that the safety monitoring of the current campus area coverage network is unqualified, marking the corresponding campus area coverage network as a risk network, sending an IP address corresponding to the risk network to a mobile phone terminal of a manager, after receiving the IP address of the risk network, the manager cleans up a connection terminal in the risk network and the existing data, and closes the connection of an access terminal of the risk network after cleaning;
in this embodiment, the access terminal security monitoring in step two specifically includes the following processes:
after the access end corresponding to the safety network is in open connection, after the safety network is connected with the access end, acquiring the spacing distance between the position of the flow use terminal in the safety network and the position of the real-time access end when the access end establishing the connection generates flow consumption in the safety network and the floating frequency corresponding to the position of the real-time access end in the safety network, and comparing the spacing distance between the position of the flow use terminal in the safety network and the position of the real-time access end when the access end establishing the connection generates flow consumption in the safety network and the floating frequency corresponding to the position of the real-time access end in the safety network with the spacing distance threshold and the position floating frequency threshold respectively:
if the interval distance between the position of a flow using terminal in the secure network and the position of a real-time access terminal exceeds an interval distance threshold value when the access terminal establishing the connection generates flow consumption in the secure network, or the floating frequency of the position of the real-time access terminal in the corresponding secure network exceeds a position floating frequency threshold value, judging that the safety detection of the corresponding access terminal in the current secure network is abnormal, interrupting the connection of the corresponding access terminal of the secure network, and when the real-time flow use of the access terminal is accurately controlled by the secure network, namely the position of the access terminal can be controlled in real time, and the access terminal is accessed into the secure network again;
if the spacing distance between the position of the traffic using terminal in the secure network and the position of the real-time access terminal does not exceed the spacing distance threshold value when the access terminal establishing the connection generates traffic consumption in the secure network, and the floating frequency of the position of the real-time access terminal in the corresponding secure network does not exceed the position floating frequency threshold value, judging that the security detection of the corresponding access terminal in the current secure network is normal, and entering the third step;
it should be specifically noted that, in the present application, the access terminal may be a mobile phone terminal of a user, or may be a network connection device such as a computer, and is not specifically limited herein;
in this embodiment, the security monitoring process of the visited end in step three is as follows:
marking an access terminal which passes through safety monitoring in a safety network as a safety access terminal, acquiring the number of connection terminals which finish real names and correspond to the safety access terminal and the access cycle duration corresponding to the number of the connection terminals in the access terminal, and comparing the number of the connection terminals which finish real names and correspond to the safety access terminal and the access cycle duration corresponding to the number of the connection terminals in the access terminal with a real-time terminal number threshold and a duration threshold respectively;
if the number of the connection terminals of the security access terminal corresponding to the accessed terminal, which finish the real name, exceeds the real-time terminal number threshold value, and the duration of the access period corresponding to the number of the connection terminals in the accessed terminal exceeds the duration threshold value, judging that the security monitoring of the accessed terminal is qualified, and carrying out encryption protection on the accessed terminal and the access terminal for browsing data;
if the number of the connection terminals of the security access terminal corresponding to the accessed terminal, which finish the real name, does not exceed the real-time terminal number threshold value, or the duration of the access period corresponding to the number of the connection terminals in the accessed terminal does not exceed the duration threshold value, the security monitoring of the accessed terminal is determined to be unqualified, and the data transmission between the accessed terminal and the access terminal is set to be one-way, namely the data of the access terminal does not set access authority in the accessed terminal;
specifically, the accessed terminal in the present application is represented as a network access terminal such as a website, a network platform, and the like in the prior art; the access period is represented as a fixed access period of the access terminal to the accessed terminal.
Compared with the prior art, the invention has the beneficial effects that: the method and the system perform safety monitoring on the coverage network in the campus area, accurately judge the safety of the current campus network, ensure the data safety of the connection terminal in the campus network and simultaneously ensure the effectiveness of internet traffic identification; the method comprises the steps of carrying out safety monitoring on real-time communication of a mobile access terminal connected with a campus area coverage network in real time, identifying internet traffic of the real-time access terminal, and ensuring the monitoring performance of the access terminal so as to ensure the internet security of the access terminal; the safety monitoring is carried out on the accessed terminal browsed in real time by the access terminal, so that the safety of the accessed terminal is improved, the safety of the access terminal is ensured, the access risk of the access terminal is prevented from increasing, the cheating risk of a user corresponding to the access terminal is effectively reduced, and the internet-surfing safety of student users is improved.
The formulas are all calculated by removing dimensions and taking values of the dimensions, the formulas are one obtained by acquiring a large amount of data and performing software simulation to obtain the latest real situation, and the preset parameters in the formulas are set by the technical personnel in the field according to the actual situation;
such as the formula:
collecting multiple groups of sample data and setting a corresponding rating coefficient for each group of sample data by a person skilled in the art; substituting the set rating coefficient and the collected sample data into formulas, forming a linear equation set by any two formulas, screening the calculated coefficients and taking the mean value to obtain values of a1, a2 and a3 which are 1.2, 1.05 and 1.02 respectively;
the coefficient is a specific numerical value obtained by quantizing each parameter, so that the subsequent comparison is facilitated, and the coefficient is determined by the number of sample data and a corresponding humidity coefficient preliminarily set by a person skilled in the art for each group of sample data; as long as the proportional relationship between the parameters and the quantized values is not affected.
The preferred embodiments of the invention disclosed above are intended to be illustrative only. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise forms disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best utilize the invention. The invention is limited only by the claims and their full scope and equivalents.
Claims (8)
1. A method for identifying internet traffic of an ipv6 campus network is characterized in that the method for identifying internet traffic specifically comprises the following steps:
the method comprises the steps of firstly, monitoring a campus network, carrying out safety monitoring on a coverage network in a campus area, accurately judging the safety of the current campus network, and ensuring the data safety of a connection terminal in the campus network;
step two, access terminal safety monitoring, namely carrying out safety monitoring on real-time communication of a mobile access terminal connected with a campus area coverage network in real time, and identifying internet traffic of the real-time access terminal to ensure the monitoring performance of the access terminal;
and step three, the safety monitoring of the accessed terminal is carried out, and the safety monitoring of the accessed terminal browsed in real time by the accessed terminal is carried out.
2. The method for identifying the traffic flow of the ipv6 campus network on the internet according to claim 1, wherein in the first step, the campus network monitoring process is as follows:
acquiring the access frequency of the access terminal which logs in for the first time in the campus area overlay network and the increasing speed of the access terminal corresponding to the first time, and respectively marking the access frequency of the access terminal which logs in for the first time in the campus area overlay network and the increasing speed of the access terminal corresponding to the first time as JRP and ZJS; acquiring the average continuous access network time length of non-first login in the campus area coverage network, and marking the average continuous access network time length of non-first login in the campus area coverage network as WLS;
by the formula
And acquiring a safety monitoring coefficient X in the campus area coverage network.
3. The method for identifying the internet traffic of the ipv6 campus network according to claim 2, wherein a1, a2 and a3 are all preset proportionality coefficients, a1 > a2 > a3 > 0, and β is an error correction factor, and its value is 0.996; and comparing the safety monitoring coefficient X in the campus area coverage network with a safety monitoring coefficient threshold value.
4. The method for identifying the internet traffic of the ipv6 campus network according to claim 2, wherein a comparison process between the security monitoring coefficient X and the security monitoring coefficient threshold in the campus area coverage network is as follows:
if the safety monitoring coefficient X in the campus area coverage network exceeds a safety monitoring coefficient threshold value, judging that the safety monitoring of the current campus area coverage network is qualified, marking the corresponding campus area coverage network as a safety network, performing access end open connection on the corresponding safety network, and entering the second step;
if the safety monitoring coefficient X in the campus area coverage network does not exceed the safety monitoring coefficient threshold, judging that the safety monitoring of the current campus area coverage network is unqualified, marking the corresponding campus area coverage network as a risk network, sending an IP address corresponding to the risk network to a mobile phone terminal of a manager, after receiving the IP address of the risk network, the manager cleans up a connection terminal and existing data in the risk network, and closes the access terminal connection of the risk network after cleaning.
5. The method for identifying the traffic of the ipv6 campus network on the internet according to claim 1, wherein the specific process of the security monitoring of the access terminal in the second step is as follows:
after the access end corresponding to the safety network is opened and connected, the safety network and the access end are connected, the interval distance between the position of the flow using terminal in the safety network and the position of the real-time access end when the access end establishing the connection generates flow consumption in the safety network and the floating frequency corresponding to the position of the real-time access end in the safety network are acquired, and the interval distance between the position of the flow using terminal in the safety network and the position of the real-time access end when the access end establishing the connection generates flow consumption in the safety network and the floating frequency corresponding to the position of the real-time access end in the safety network are compared with the interval distance threshold and the position floating frequency threshold respectively.
6. The ipv6 campus network access flow identification method according to claim 5, wherein if an access end establishing connection generates flow consumption in a secure network, a distance between a location of a terminal for use of flow in the secure network and a location of a real-time access point exceeds a distance threshold, or a floating frequency of the location of the real-time access point in the corresponding secure network exceeds a location floating frequency threshold, it is determined that security detection of the corresponding access end in the current secure network is abnormal, connection of the access end corresponding to the secure network is interrupted, and when the secure network accurately manages and controls real-time flow use of the access end, the location of the access end can be controlled in real time, and the access end is re-accessed into the secure network;
if the separation distance between the position of the traffic using terminal in the secure network and the position of the real-time access terminal does not exceed the separation distance threshold value when the access terminal establishing the connection generates traffic consumption in the secure network, and the floating frequency of the position of the real-time access terminal in the corresponding secure network does not exceed the position floating frequency threshold value, judging that the security detection of the corresponding access terminal in the current secure network is normal, and entering the third step.
7. The method for identifying the traffic of the ipv6 campus network on the internet according to claim 1, wherein the security monitoring process of the visited end in the third step is as follows:
the access end which passes through the safety monitoring in the safety network is marked as a safety access end, the number of the connection terminals which finish the real names and correspond to the safety access end and the access cycle duration time corresponding to the number of the connection terminals in the access terminal are acquired, and the number of the connection terminals which finish the real names and correspond to the safety access end and the access cycle duration time corresponding to the number of the connection terminals in the access terminal are respectively compared with the real-time terminal number threshold and the duration time threshold.
8. The method for identifying the internet traffic of the ipv6 campus network according to claim 7, wherein if the number of connection terminals of which the real names are completed, corresponding to the accessed terminal, of the security access terminal exceeds a real-time terminal number threshold, and the duration of an access period corresponding to the number of connection terminals in the accessed terminal exceeds a duration threshold, it is determined that security monitoring of the accessed terminal is qualified, and the accessed terminal and the access terminal are protected from browsing data encryption;
if the number of the connection terminals of the security access terminal corresponding to the accessed terminal, which complete the real name, does not exceed the real-time terminal number threshold, or the duration of the access period corresponding to the number of the connection terminals in the accessed terminal does not exceed the duration threshold, the security monitoring of the accessed terminal is determined to be unqualified, and the data transmission between the accessed terminal and the access terminal is set to be one-way, that is, the data of the access terminal is not set with access authority in the accessed terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210927974.9A CN115333816B (en) | 2022-08-03 | 2022-08-03 | Method for identifying internet traffic of ipv6 campus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210927974.9A CN115333816B (en) | 2022-08-03 | 2022-08-03 | Method for identifying internet traffic of ipv6 campus |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115333816A true CN115333816A (en) | 2022-11-11 |
| CN115333816B CN115333816B (en) | 2024-05-31 |
Family
ID=83921236
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210927974.9A Active CN115333816B (en) | 2022-08-03 | 2022-08-03 | Method for identifying internet traffic of ipv6 campus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115333816B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1610439A (en) * | 2003-10-17 | 2005-04-27 | 松下电器产业株式会社 | Handover method and mobile communication system |
| CN102172063A (en) * | 2008-09-30 | 2011-08-31 | 日本电气株式会社 | Access control system, access control method, and communication terminal |
| GB201318796D0 (en) * | 2012-10-24 | 2013-12-11 | Seven Networks Inc | Optimized and selective management of policy deployment to mobile clients in a congested network to prevent further aggravation of network congestion |
| WO2015103984A1 (en) * | 2014-01-07 | 2015-07-16 | Tencent Technology (Shenzhen) Company Limited | Network access traffic control method and server |
| CN106416375A (en) * | 2014-01-31 | 2017-02-15 | 富士通株式会社 | Access method of wireless communication network |
| CN107950062A (en) * | 2016-06-30 | 2018-04-20 | 华为技术有限公司 | A kind of method for scanning wireless fidelity network and mobile equipment |
| CN111371784A (en) * | 2020-03-04 | 2020-07-03 | 贵州弈趣云创科技有限公司 | Method for automatically fusing attacked distributed point-to-point service |
| CN112702316A (en) * | 2020-12-10 | 2021-04-23 | 济南大学 | Campus network security protection system |
| CN112800098A (en) * | 2021-01-28 | 2021-05-14 | 温州大学 | Education management information maintenance system of education platform |
| CN113938317A (en) * | 2021-11-29 | 2022-01-14 | 福建瑞网科技有限公司 | Network security monitoring method and computer equipment |
| CN114022988A (en) * | 2021-11-05 | 2022-02-08 | 西南交通大学 | Visitor information management verification system and method based on artificial intelligence |
| CN114066171A (en) * | 2021-10-26 | 2022-02-18 | 浪潮软件科技有限公司 | Service platform activity degree analysis method and system |
-
2022
- 2022-08-03 CN CN202210927974.9A patent/CN115333816B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1610439A (en) * | 2003-10-17 | 2005-04-27 | 松下电器产业株式会社 | Handover method and mobile communication system |
| CN102172063A (en) * | 2008-09-30 | 2011-08-31 | 日本电气株式会社 | Access control system, access control method, and communication terminal |
| GB201318796D0 (en) * | 2012-10-24 | 2013-12-11 | Seven Networks Inc | Optimized and selective management of policy deployment to mobile clients in a congested network to prevent further aggravation of network congestion |
| WO2015103984A1 (en) * | 2014-01-07 | 2015-07-16 | Tencent Technology (Shenzhen) Company Limited | Network access traffic control method and server |
| CN106416375A (en) * | 2014-01-31 | 2017-02-15 | 富士通株式会社 | Access method of wireless communication network |
| CN107950062A (en) * | 2016-06-30 | 2018-04-20 | 华为技术有限公司 | A kind of method for scanning wireless fidelity network and mobile equipment |
| CN111371784A (en) * | 2020-03-04 | 2020-07-03 | 贵州弈趣云创科技有限公司 | Method for automatically fusing attacked distributed point-to-point service |
| CN112702316A (en) * | 2020-12-10 | 2021-04-23 | 济南大学 | Campus network security protection system |
| CN112800098A (en) * | 2021-01-28 | 2021-05-14 | 温州大学 | Education management information maintenance system of education platform |
| CN114066171A (en) * | 2021-10-26 | 2022-02-18 | 浪潮软件科技有限公司 | Service platform activity degree analysis method and system |
| CN114022988A (en) * | 2021-11-05 | 2022-02-08 | 西南交通大学 | Visitor information management verification system and method based on artificial intelligence |
| CN113938317A (en) * | 2021-11-29 | 2022-01-14 | 福建瑞网科技有限公司 | Network security monitoring method and computer equipment |
Non-Patent Citations (2)
| Title |
|---|
| 刘华春;王建华;段华琼;: "基于PKI/HIP协议的下一代互联网实名访问研究", 计算机工程与设计, no. 07, 16 April 2010 (2010-04-16) * |
| 李业谦;: "基于校园网的网络安全监测与控制系统的设计", 信息记录材料, no. 06, 1 June 2020 (2020-06-01) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115333816B (en) | 2024-05-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6741990B2 (en) | System and method for efficient and adaptive web accesses filtering | |
| CN104283918B (en) | A kind of WLAN terminal type acquisition methods and system | |
| CN105516165A (en) | Method, device and system for identifying illegal proxy for charging fraud | |
| CN106911523A (en) | The method and system that mobile interchange network users are positioned by LTE indulging in the internet | |
| CN108282450A (en) | The detection method and device of abnormal domain name | |
| CN114022988A (en) | Visitor information management verification system and method based on artificial intelligence | |
| CN111654486A (en) | Server equipment judgment and identification method | |
| Wang et al. | A smart automated signature extraction scheme for mobile phone number in human-centered smart home systems | |
| CN114968761A (en) | Software operating environment safety supervision system based on internet | |
| CN111147323A (en) | Speed measuring method and device | |
| CN112449371A (en) | Performance evaluation method of wireless router and electronic equipment | |
| CN115333816B (en) | Method for identifying internet traffic of ipv6 campus | |
| CN105528352A (en) | Method for establishing corresponding relation of mobile communication user and network account information thereof | |
| CN111565196B (en) | KNXnet/IP protocol intrusion detection method, device, equipment and medium | |
| CN105357335A (en) | DNS authority log information mining processing method | |
| CN109309665A (en) | A kind of access request processing method and processing device, a kind of calculating equipment and storage medium | |
| CN111490991B (en) | Multiple server connection request system and method based on communication equipment | |
| CN107222319B (en) | Communication operation analysis method and device | |
| CN106936832A (en) | The network admittance method and system of enterprise-level | |
| CN110992230A (en) | Full-scale demographic method, device and server based on terminal signaling data | |
| CN115865707A (en) | Internet data management system | |
| CN115865427A (en) | Data acquisition and monitoring method based on data routing gateway | |
| CN112560961B (en) | Target identification method and device based on graph clustering, electronic equipment and storage medium | |
| CN116963055A (en) | Authentication method, authentication device, authentication apparatus, authentication storage medium, and authentication program product | |
| CN111600904B (en) | Green internet access method and storage device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |