WO2014026519A1 - Procédé et système pour analyser le comportement d'un utilisateur sur un réseau via la passerelle domestique - Google Patents

Procédé et système pour analyser le comportement d'un utilisateur sur un réseau via la passerelle domestique Download PDF

Info

Publication number
WO2014026519A1
WO2014026519A1 PCT/CN2013/079169 CN2013079169W WO2014026519A1 WO 2014026519 A1 WO2014026519 A1 WO 2014026519A1 CN 2013079169 W CN2013079169 W CN 2013079169W WO 2014026519 A1 WO2014026519 A1 WO 2014026519A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
home gateway
user
server
user behavior
Prior art date
Application number
PCT/CN2013/079169
Other languages
English (en)
Chinese (zh)
Inventor
方文杰
陈辉
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2014026519A1 publication Critical patent/WO2014026519A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/535Tracking the activity of the user

Definitions

  • the present invention relates to network behavior analysis techniques in the Internet, and in particular to a method and system for analyzing user network behavior through a home gateway. Background technique
  • the main purpose of the embodiments of the present invention is to provide a method and system for analyzing user network behavior through a home gateway, and using the home gateway to collect required user behavior information, so that each website operator does not need to set up a separate device. Save a lot of cost.
  • the embodiment of the invention provides a method for analyzing user network behavior through a home gateway, and the method includes:
  • the statistical analysis server periodically reads the information, analyzes and counts the read information, and obtains user behavior information.
  • the method before the statistical analysis server periodically reads the information, the method further includes:
  • the saved information is encrypted and compressed, and periodically uploaded to the information collection server.
  • the statistical analysis server periodically reads the information as:
  • the statistical analysis server periodically reads information from the information collection server. .
  • the information obtained by filtering the information is extracted to obtain the required information
  • the method further includes: recording the MAC address of the network device to which the message belongs, and recording the time when the message is generated.
  • the method before the filtering is performed on the sending and receiving, the method further includes: setting, by the ITMS server, a collection policy of the user behavior and a collection of the user behavior.
  • the setting policy for setting user behavior includes: setting whether to open the user behavior collection function; setting a period for uploading the user behavior analysis collection file; and setting a user name, a password, and a compression password for uploading the file server.
  • the setting of the set user behavior includes: setting a message filter Filtered site name and app name, record keyword name entered by search engine, and access time.
  • the embodiment of the invention further provides a system for analyzing user network behavior through a home gateway, the system comprising: a home gateway and a statistical analysis server; wherein:
  • the home gateway is configured to filter the packets sent and received by the user side and the network side, and extract information from the filtered packets to obtain the required information and save the information.
  • the statistical analysis server is configured to periodically read information, analyze and collect the read information, and obtain user behavior information.
  • the home gateway includes a message filter, a feature analysis library, and a temporary storage area; wherein:
  • the packet filter is configured to filter the packets sent and received by the user side and the network side of the home gateway to obtain the required packets.
  • the feature analysis library is configured to extract information from the filtered message to obtain required information
  • the temporary storage area is configured to store the extracted required information.
  • the system further includes an information gathering server configured to periodically read the stored information
  • the home gateway further includes an information uploading module configured to encrypt and compress the information stored in the temporary storage area, and periodically upload the information to the information collection server.
  • the feature analysis library is further configured to record a network device to which the message belongs.
  • the system includes an ITMS server configured to set a collection of user behavior and a collection of user behavior.
  • the method and system for analyzing the behavior of the user network through the home gateway provided by the embodiment of the present invention, respectively, setting a packet filter on the user side and the network side of the home gateway, and performing the packet transmission and reception Filtering; sending the filtered message to the feature analysis library to obtain the required information and saving; the statistical analysis server periodically reads the information, and analyzes and counts the read information to obtain user behavior information.
  • the embodiment of the present invention sets a message filter in the home gateway, so that the user behavior information can be collected through the home gateway, so that the website operator does not need to set up a separate device to collect data information, thereby saving a lot of cost;
  • the invention uses a relatively independent feature analysis library. When it is required to increase the user behavior content of the analysis, the feature analysis library can be updated at any time by upgrading the feature analysis library, which also reduces the risk of operation and maintenance for the website operator. And cost.
  • FIG. 1 is a schematic flowchart of a method for analyzing a user network behavior by using a home gateway according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram of a system composition framework for analyzing user network behavior through a home gateway according to an embodiment of the present invention
  • FIG. 3 is a schematic flowchart of a method for analyzing user network behavior through a home gateway according to an embodiment of the present invention. detailed description
  • FIG. 1 is a schematic flowchart of a method for analyzing user behavior by using a home gateway according to an embodiment of the present invention. As shown in FIG. 1, the method includes the following steps:
  • Step 101 Filtering the packets sent and received by the user side and the network side of the home gateway.
  • the method may further include:: an integrated terminal management system (ITMS) The server remotely sets the collection of user behaviors and user behaviors;
  • IMS integrated terminal management system
  • the set policy for setting user behavior includes: setting whether to open user behavior ⁇ Set function; set the period for uploading user behavior analysis files; and set the user name, password and compression password of the upload file server;
  • the set content of the set user behavior includes: setting a website name and an application name to be filtered by the message filter, recording a keyword name and an access time input by the search engine, and the like.
  • a message filter is set on the user side and the network side of the home gateway to filter the received and received messages, and at the same time, part of the message is omitted due to network address translation (NAT);
  • the message filtering can perform fuzzy matching by using a regular expression, and filtering the information on the matching and the generated time.
  • Step 102 Perform information extraction on the filtered packet, and obtain the required information and save the information.
  • the information obtained by the filtering may be extracted by using a feature analysis library set in the home gateway; Save in temporary storage.
  • the feature analysis library includes a plurality of functional units for analyzing and extracting different types of message data as required information for extraction, and an example is as follows:
  • Example 1 If the message is related to the user's online behavior, extract the data information such as the website information, the network path, and the port number used by the user;
  • Example 2 If the message is an application used by the user, information such as the user login exit process, the usage time, and the port number used are extracted, and different applications are different in information, such as an application for watching the video online. Can extract which videos such as videos have been viewed;
  • Example 3 If the message is related to the user logging in to the search engine and inputting the keyword's online behavior, the regular expression can be used to fuzzyly match the input content, and extract the input content and time, and the like.
  • the feature analysis library records the time when the message is generated when extracting the required message information, and records the media access control of the network device to which the message belongs (Media Access Control, MAC) address to distinguish between different users.
  • Media Access Control Media Access Control
  • Step 103 The statistical analysis server periodically reads the information, analyzes and statistics the read information, and obtains user behavior information.
  • the method further includes: encrypting and compressing the information stored in the temporary storage area, and periodically uploading the information to the information collection server, and the statistical analysis server periodically extracts the information.
  • the information is read in the set server; wherein the temporary storage area deletes the already uploaded information.
  • the embodiment of the present invention further provides a system for analyzing user network behavior through a home gateway. As shown in FIG. 2, the home gateway 21 and the statistical analysis server 22 are included;
  • the home gateway 21 is configured to filter the packets sent and received by the user side and the network side, and extract the information of the filtered packets to obtain the required information and save the information.
  • the statistical analysis server 22 is configured to periodically read information, analyze and collect the read information, and obtain user behavior information.
  • system further comprises: an information collection server 23 and an ITMS server 24; wherein:
  • the information collection server 23 is configured to periodically read the stored information
  • the ITMS server 24 is configured to set a collection of user behavior and a collection of user behavior.
  • the ITMS server 24 includes: a configuration processing module, which can remotely set a collection policy of user behavior in the home gateway and a collection of user behavior;
  • the setting policy for setting the user behavior includes: setting whether to open the user behavior collection function; setting a period for uploading the user behavior analysis collection file; setting a user name, a password, and a compression password of the upload file server;
  • the set content of the setting user behavior includes: setting a packet filter to be filtered Site name, application name, record keyword name entered by the search engine, access time, and more.
  • the home gateway 21 includes: a message filter 211, a feature analysis library 212, a temporary storage area 213, and an information uploading module 214; wherein:
  • the packet filter 211 is configured to filter the packets sent and received by the user side and the network side of the home gateway to obtain the required packets.
  • the feature analysis library 212 is configured to perform information extraction on the filtered message to obtain required information.
  • the feature analysis library 212 extracts the required information according to the type of the message, and also records the MAC address of the network device to which the message belongs, and records the time when the message is generated.
  • the temporary storage area 213 is configured to store the extracted required information.
  • the information uploading module 214 is configured to encrypt and compress the information stored in the temporary storage area 213, and periodically upload the information to the information collecting server 23.
  • the ITMS server 24 pre-sets the user behavior content that needs to be collected, such as the website name, the search engine name, and the application name filtered by the home gateway 21; and also sets the period for uploading the user behavior analysis file and the user name of the upload file server. , passwords and compressed passwords, etc., and finally set to open the user behavior collection function;
  • the packet filter 211 of the home gateway 21 and the network side filters the received and sent packets, sends the filtered packets to the feature analysis library 212 for information extraction, obtains the required information, and saves the obtained information.
  • the information uploading module 214 compresses and encrypts the information, and periodically uploads it to the information collection server 23, and the statistical analysis server 22 periodically reads the information from the information collection server 23, and analyzes and counts the information. , get user behavior information.
  • FIG. 3 is a schematic flowchart of a method for analyzing user network behavior through a home gateway according to an embodiment of the present invention. As shown in FIG. 3, the method includes the following steps: Step 301: The configuration processing module of the ITMS server sets a collection of user behavior and a collection of user behaviors;
  • the set policy for setting user behavior includes: setting whether to open the user behavior collection function; setting a period for uploading the user behavior analysis collection file; and setting a user name, a password, and a compression password for uploading the file server;
  • the home gateway starts to filter, analyze, and collect the sent and received packets
  • the home gateway uploads the collected user behavior information to the information collection server according to the period;
  • the home gateway compresses the encrypted user behavior information according to the compressed password, and uploads the information to the information collection server according to the user name and password of the information collection server.
  • the set content of setting the user behavior includes: setting a website name and an application name to be filtered by the message filter, recording a keyword name and an access time input by the search engine, and the like.
  • Steps 302 to 304 The packet filter in the home gateway filters the received and sent packets according to the set contents, sends the filtered packets to the feature analysis database for processing, and saves the processed information to the Temporary storage area; the website visited by the user, the keyword entered in the search engine, and the application used are fuzzy matching, and the matching information and usage time are extracted;
  • the feature analysis library records the time when the message is generated, and records the MAC address of the network device to which the message belongs to distinguish different users.
  • Steps 305 ⁇ 306 The home gateway compresses and encrypts the information to be uploaded, and uploads the information to the information collection server;
  • the home gateway compresses and encrypts the user behavior information to be uploaded according to the compressed password, and
  • the user name and password of the information collection server are uploaded to the information collection server; wherein, the home gateway uploads the information to the information collection server through the CPE WAN management protocol (TR069) management channel; meanwhile, the temporary storage area deletes the uploaded information. .
  • Step 307 The statistical analysis server periodically extracts information from the information collection server, analyzes and counts the information, and obtains user behavior information.
  • the packet sent and received by the user side and the network side of the home gateway is filtered, and the information obtained by the filtering is extracted, and the required information is obtained and saved.
  • the statistical analysis server periodically reads the information. And analyzing and counting the read information to obtain user behavior information. Therefore, the user behavior information can be collected through the home gateway, and the website operator does not need to set up a separate device to collect data information, thereby saving a lot of cost; at the same time, the feature analysis library can be updated at any time, thereby reducing the risk and cost of operation and maintenance.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

La présente invention se rapporte à un procédé adapté pour analyser le comportement d'un utilisateur sur un réseau via la passerelle domestique. Le procédé selon l'invention consiste : à filtrer le paquet de retransmission et de réception sur le côté utilisateur et le côté réseau de la passerelle domestique, et à acquérir le paquet qui est requis ; à extraire les informations, du paquet filtré, et à obtenir les informations qui sont requises et à les enregistrer ; à lire périodiquement les informations par le serveur de statistiques et d'analyse, à analyser les informations lues et à exécuter le traitement statistique, et à obtenir enfin les informations relatives au comportement d'un utilisateur. La présente invention se rapporte d'autre part à un système adapté pour analyser le comportement d'un utilisateur sur un réseau via la passerelle domestique. L'utilisation du procédé et du système selon la présente invention permet de mettre en œuvre la collecte d'informations relatives à un comportement de l'utilisateur par la passerelle domestique. De cette manière, des opérateurs de sites Web n'ont pas besoin de configurer un équipement séparé pour collecter des données, ce qui permet d'économiser significativement les coûts.
PCT/CN2013/079169 2012-08-13 2013-07-10 Procédé et système pour analyser le comportement d'un utilisateur sur un réseau via la passerelle domestique WO2014026519A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210286510.0 2012-08-13
CN201210286510.0A CN103595692B (zh) 2012-08-13 2012-08-13 一种通过家庭网关分析用户网络行为的方法和系统

Publications (1)

Publication Number Publication Date
WO2014026519A1 true WO2014026519A1 (fr) 2014-02-20

Family

ID=50085675

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/079169 WO2014026519A1 (fr) 2012-08-13 2013-07-10 Procédé et système pour analyser le comportement d'un utilisateur sur un réseau via la passerelle domestique

Country Status (2)

Country Link
CN (1) CN103595692B (fr)
WO (1) WO2014026519A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105591765A (zh) * 2014-10-20 2016-05-18 中国电信股份有限公司 一种流量定位方法、装置及系统
CN104468411A (zh) * 2014-11-28 2015-03-25 东莞宇龙通信科技有限公司 一种带宽分配方法、装置及路由器
CN104618491B (zh) * 2015-02-11 2017-11-21 四川银海天怡信息技术有限公司 一种代理服务器及数据转发方法
CN105187446B (zh) * 2015-09-29 2018-03-20 烽火通信科技股份有限公司 一种家庭网关检测及屏蔽用户上网业务的系统和方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101146047A (zh) * 2007-11-06 2008-03-19 中国电信股份有限公司 一种路由模式下控制上网终端数量的方法、系统和网关
US20100138534A1 (en) * 2008-11-25 2010-06-03 Rishi Mutnuru Systems and methods for monitor an access gateway
CN102420784A (zh) * 2011-10-13 2012-04-18 中国电力科学研究院 一种家庭网关、智能系统及其能源控制方法
CN102571397A (zh) * 2010-12-28 2012-07-11 中兴通讯股份有限公司 个人网业务管理装置及方法

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101655868B (zh) * 2009-09-03 2012-08-22 中国人民解放军信息工程大学 网络数据挖掘方法、网络数据推送方法及设备
CN101751458A (zh) * 2009-12-31 2010-06-23 暨南大学 一种网络舆情监控系统及方法
CN102111453A (zh) * 2011-03-04 2011-06-29 创博亚太科技(山东)有限公司 一种提取互联网用户网络行为的方法和系统
CN102364468A (zh) * 2011-09-29 2012-02-29 北京亿赞普网络技术有限公司 一种用户网络行为分析方法、装置和系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101146047A (zh) * 2007-11-06 2008-03-19 中国电信股份有限公司 一种路由模式下控制上网终端数量的方法、系统和网关
US20100138534A1 (en) * 2008-11-25 2010-06-03 Rishi Mutnuru Systems and methods for monitor an access gateway
CN102571397A (zh) * 2010-12-28 2012-07-11 中兴通讯股份有限公司 个人网业务管理装置及方法
CN102420784A (zh) * 2011-10-13 2012-04-18 中国电力科学研究院 一种家庭网关、智能系统及其能源控制方法

Also Published As

Publication number Publication date
CN103595692A (zh) 2014-02-19
CN103595692B (zh) 2018-01-02

Similar Documents

Publication Publication Date Title
EP3496338B1 (fr) Procédé et appareil pour identifier des informations d'application dans un trafic de réseau
US8972612B2 (en) Collecting asymmetric data and proxy data on a communication network
CN101924757B (zh) 追溯僵尸网络的方法和系统
US8938534B2 (en) Automatic provisioning of new users of interest for capture on a communication network
CN105103496A (zh) 用于提取和保存用于分析网络通信的元数据的系统和方法
US20060155866A1 (en) Method of data gathering of user network
CN109922073A (zh) 网络安全监控装置、方法和系统
KR20100095475A (ko) 행동 시그너처에 기초해서 p2p 애플리케이션을 식별하기 위한 시스템 및 방법
CN103888305A (zh) 一种基于家庭网关的监测方法和系统
WO2014026519A1 (fr) Procédé et système pour analyser le comportement d'un utilisateur sur un réseau via la passerelle domestique
KR101503701B1 (ko) 빅데이터 기반 정보 보호 방법 및 장치
CN103124226A (zh) 一种家庭宽带上网监控系统及方法
CN104639391A (zh) 一种生成网络流量记录的方法及相应的流量检测设备
CN102857388A (zh) 云探安全管理审计系统
WO2014023212A1 (fr) Système et procédé de fourniture d'un service de réseau personnalisé à un utilisateur d'une passerelle résidentielle
CN109275045B (zh) 基于dfi的移动端加密视频广告流量识别方法
CN113269531A (zh) 基于云-端架构的多租户上网行为审计管控方法及相关设备
Wang et al. Benchmark data for mobile app traffic research
CN105827522A (zh) 处理日志文件的网关设备
Hasselquist et al. Lightweight fingerprint attack and encrypted traffic analysis on news articles
CN111030893A (zh) 云通讯应用场景下分析用户行为的方法和装置
CN111182069A (zh) 云通信应用场景下通信方法和装置
CN103546305A (zh) 网络质量信息的统计方法及系统
KR20110010244A (ko) 운영체제를 이용하는 사용자 행위 추적 시스템 및 사용자 행위 추적 방법
CN114338600A (zh) 一种设备指纹的推选方法、装置、电子设备和介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13829692

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13829692

Country of ref document: EP

Kind code of ref document: A1