CN113839826A - Method and device for detecting windows terminal and computer readable storage medium - Google Patents
Method and device for detecting windows terminal and computer readable storage medium Download PDFInfo
- Publication number
- CN113839826A CN113839826A CN202010580489.XA CN202010580489A CN113839826A CN 113839826 A CN113839826 A CN 113839826A CN 202010580489 A CN202010580489 A CN 202010580489A CN 113839826 A CN113839826 A CN 113839826A
- Authority
- CN
- China
- Prior art keywords
- data stream
- message
- windows
- matching
- messages
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 230000014509 gene expression Effects 0.000 claims abstract description 22
- 238000001514 detection method Methods 0.000 claims description 12
- 238000004891 communication Methods 0.000 claims description 8
- 238000012216 screening Methods 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 5
- 238000012545 processing Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 4
- 230000006870 function Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 7
- 230000006399 behavior Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 2
- 241000065695 Teredo Species 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/02—Capturing of monitoring data
- H04L43/026—Capturing of monitoring data using flow identification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/08—Testing, supervising or monitoring using real traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
According to the method, the device and the computer storage medium for detecting the Windows terminal, provided by the embodiment of the invention, the target data stream message is screened from the data stream messages by acquiring the data stream messages communicated in the shared network, wherein the target data stream message is the data stream message unique to the Windows system; decoding a target data stream message to obtain a corresponding target domain name field; matching the target domain name field with a preset regular expression; if the matching is successful, the windows terminal exists and marking is carried out; if the matching fails, the windows terminal does not exist; in some implementation processes, the purpose of detecting whether the windows terminal exists in the shared network of the mobile network can be achieved, so that the message prompt is sent to the user of the shared network in time, the network behavior of the user is limited appropriately, excessive pressure of the user behavior on the operating network is avoided, and the use experience of other users is reduced.
Description
Technical Field
The embodiments of the present invention relate to, but are not limited to, the field of mobile network communications, and in particular, but not limited to, a method, an apparatus, and a computer-readable storage medium for detecting a windows terminal.
Background
The existing mobile phone generally has a network hotspot function, the function can share the mobile network of the mobile phone with other terminals, and the network access function is provided under the condition that other terminals cannot use the network, and the hotspot function of the mobile phone is a common network sharing function.
Nowadays, mobile network operators provide a large amount of large-flow internet surfing packages and unlimited-flow internet surfing packages, if users who use the packages open mobile phone terminal hotspots to share flow to other terminals to surf the internet, particularly, if the terminal users share the flow to Windows system devices (such as desktop computers and notebook computers) to surf the internet, and the data flow generated by the computers accessing the internet is far more than the flow generated by the mobile phone terminals, a large amount of concurrent data flow can cause the shortage of bandwidth resources of the operators, thereby causing the increase of the operation cost of the operators, bringing loss to the operators and reducing the use experience of other users around.
Disclosure of Invention
The embodiment of the invention provides a method and a device for detecting a windows terminal, which mainly solve the technical problem that in the current mobile network, no method for detecting whether the windows terminal exists in the current mobile network under the condition of sharing the network exists.
To solve the foregoing technical problem, an embodiment of the present invention provides a method for detecting a windows terminal, which is applied to a shared network under a mobile network, and includes: acquiring data stream messages communicated in a shared network, and screening out target data stream messages from the data stream messages, wherein the target data stream messages are unique data stream messages of a Windows system; decoding the target data stream message to obtain a corresponding target domain name field; matching the target domain name field with a preset regular expression; if the matching is successful, the windows terminal exists and marking is carried out; and if the matching fails, the windows terminal does not exist.
The embodiment of the invention also provides a device for detecting the Windows terminal, which is applied to the shared network under the mobile network and comprises a receiving module, a judging module and a judging module, wherein the receiving module is used for acquiring the data stream messages communicated in the shared network and screening out the target data stream messages from the data stream messages, and the target data stream messages are the data stream messages unique to the Windows system; the decoding module is used for decoding the target data stream message to obtain a corresponding target domain name field; the matching module is used for matching the target domain name field with a preset regular expression; and when the matching is successful, marking the detection result.
Embodiments of the present invention also provide a computer storage medium, which stores one or more programs, where the one or more programs are executable by one or more processors to implement the steps of the method for detecting a windows terminal as described above.
According to the method, the device and the computer storage medium for detecting the Windows terminal, provided by the embodiment of the invention, the target data stream message is screened from the data stream messages by acquiring the data stream messages communicated in the shared network, wherein the target data stream message is the data stream message unique to the Windows system; decoding a target data stream message to obtain a corresponding target domain name field; matching the target domain name field with a preset regular expression; if the matching is successful, the windows terminal exists and marking is carried out; if the matching fails, the windows terminal does not exist; in some implementation processes, the purpose of detecting whether the windows terminal exists in the shared network of the mobile network can be achieved, so that the message prompt is sent to the user of the shared network in time, the network behavior of the user is limited appropriately, excessive pressure of the user behavior on the operating network is avoided, and the use experience of other users is reduced.
Additional features and corresponding advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
Fig. 1 is a schematic diagram of a method for detecting a windows terminal according to a first embodiment of the present invention;
fig. 2 is a schematic diagram of a detection method of a windows terminal in a shared network according to a third embodiment of the present invention;
fig. 3 is a schematic diagram of a detection method when a target data flow message is an SSL encryption message according to a third embodiment of the present invention;
fig. 4 is a schematic diagram of a detection method when a target data flow packet is a DNS packet according to a third embodiment of the present invention;
fig. 5 is a schematic diagram of an apparatus for detecting a windows terminal according to a fourth embodiment of the present invention;
fig. 6 is a schematic diagram of another apparatus for detecting a windows terminal according to a fourth embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention are described in detail below with reference to the accompanying drawings. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The first embodiment is as follows:
the existing detection method for the traditional terminal equipment to share the network under the mobile network to surf the internet is to detect the terminal sharing behavior through the Timestamps field of the TCP message option, but the detection method has better detection effect on the Android and IOS systems of the mainstream intelligent terminal system, and the Windows system does not carry the Timestamps field by default, so the Timestamps field of the general TCP message option cannot be used for detecting the Windows system equipment. Therefore, it is necessary to provide a method capable of identifying a windows system to detect a terminal hosting the windows system in a shared network.
Referring to fig. 1, fig. 1 is a schematic diagram of a method for detecting a windows terminal according to this embodiment, where the method includes:
step S1, obtaining data flow messages communicated in the shared network, and screening out target data flow messages from the data flow messages.
Whether a network sharing function (network hotspot function) is currently started by a user terminal can be detected through a certain method, and after the network sharing function is determined to be started by a user, a data stream message generated in the communication passing process of the user can be acquired. In the step, the target data stream message screened from the data stream messages is the data stream message unique to the Windows system, the target data stream message can be determined according to the mass user message data of the external field and the actual packet capturing data of the laboratory, and the message content in the data stream message is screened in a targeted manner, so that the detection efficiency can be improved.
And S2, decoding the target data stream message to obtain a corresponding target domain name field.
After the target data stream message is obtained, the target data stream message is decoded, a domain name field in the target data stream message is extracted, and whether the target data stream message is an effective data stream message sent by a windows terminal or not can be judged through the domain name field.
Step S3, matching the target domain name field with a preset regular expression; if the matching is successful, the windows terminal exists and marking is carried out; and if the matching fails, the windows terminal does not exist.
Matching the target domain name field with a preset regular expression, and when the matching is successful, indicating that the target data stream message is effectively reported, wherein a terminal carrying a windows system exists in the shared network.
In some embodiments, the target data stream message is configured via an xml file. The target data flow message is configured through the xml file, so that corresponding expansion and modification are conveniently carried out when a new target data flow message is selected.
The determination of the target data flow message can be obtained through external field mass user message data and laboratory actual packet capturing data, while the SSL encryption message and the DNS message are message forms that are necessary to be commonly used in a windows system, and a part of embodiments of decoding and matching are given below by taking the SSL encryption message and the DNS message as examples for reference.
In some embodiments, when the target data flow message is an SSL encrypted message; decoding an uplink ClientHello packet of the SSL encrypted message to obtain a corresponding server _ name domain name field; matching the server _ name domain name field with a preset regular expression; and if the matching is successful, carrying out Windows encrypted stream marking on the currently acquired data stream message.
In some embodiments, when the target data flow message is an SSL encrypted message, the preset regular expression used for matching includes, but is not limited to.
In some embodiments, when the target data flow message is a DNS message: decoding a request domain name field of an uplink query of a DNS message to obtain a corresponding DNS domain name field; matching the domain name field of the DNS with a preset regular expression; and if the matching is successful, carrying out Windows DNS stream marking on the currently acquired data stream message.
In some embodiments, when the target data flow packet is a DNS packet, the preset regular expressions used for matching include, but are not limited to, DNS.
In some embodiments, the method for determining whether the Windows terminal exists further includes: and respectively counting and judging the number of the SSL encrypted messages and the number of the DNS messages, and determining that the Windows terminal exists in the shared network only when the Windows encrypted stream counting number is greater than a preset threshold value S1 and the Windows DNS stream number is greater than a preset threshold value S2, otherwise, determining that the Windows terminal cannot be determined.
The embodiment provides a method for detecting a Windows terminal, which comprises the steps of screening out a target data stream message from data stream messages by acquiring the data stream messages communicated in a shared network, wherein the target data stream message is a data stream message unique to a Windows system; decoding a target data stream message to obtain a corresponding target domain name field; matching the target domain name field with a preset regular expression; if the matching is successful, the windows terminal exists and marking is carried out; if the matching fails, the windows terminal does not exist; in some implementation processes, the purpose of detecting whether the windows terminal exists in the shared network of the mobile network can be achieved, so that the message prompt is sent to the user of the shared network in time, the network behavior of the user is limited appropriately, excessive pressure of the user behavior on the operating network is avoided, and the use experience of other users is reduced.
Example two:
after the detection of the terminal carrying the windows system in the shared network is realized, certain help can be provided for subsequent network control through the detection result.
The embodiment provides another embodiment of a method for detecting a windows terminal, where after the successful matching determines that a windows terminal exists in a shared network, the method further includes: storing the successfully matched data stream messages, counting the data stream messages and acquiring a timestamp value; and when the data flow message of the communication of the same shared network is acquired and the counted numerical value is greater than the preset counting value, reporting the information of the corresponding shared network.
In some embodiments, before reporting the information of the corresponding shared network, the method further includes: and acquiring the timestamp value of the last data stream message, comparing the timestamp value with the previously acquired timestamp value, and deleting the data stream messages with the time interval larger than the preset time interval.
1. Each time a terminal connected in the shared network communicates with the outside through the shared network, a corresponding data stream message is generated, multiple devices may be connected in the same shared network, and each device may be offline at any time. 2. There may be multiple users sharing the network simultaneously in a certain area.
Aiming at the two situations, after the fact that the windows terminal exists in the shared network is detected for the first time, the shared network and the corresponding message are marked and stored, meanwhile, the timestamp value in the message is obtained and counted to be 1, when the number of the data flow messages counted under the same shared network reaches a preset counting value, the fact that the windows terminal uses the network in the shared network for a long time is indicated, and information pieces of the shared network are reported to be convenient for intervening the shared network.
Before reporting, the data stream messages need to be cleaned up to a certain extent, and the data stream messages with longer time intervals acquired in the data stream messages are deleted, so that the timeliness of data can be improved.
In some embodiments, the rule for determining whether to report further includes: and respectively counting and judging the number of the SSL encrypted messages and the number of the DNS messages, and reporting the SSL encrypted messages and the DNS messages only when the counted number of the SSL encrypted messages and the counted number of the DNS messages reach preset counting values.
In another embodiment of the method for detecting a windows terminal, a successfully matched data stream message is stored, and the data stream message is counted and a timestamp value is obtained; and when the data flow message of the communication of the same shared network is acquired and the counted numerical value is greater than the preset counting value, reporting the information of the corresponding shared network. The method and the device realize the automatic reporting of the data stream message so as to perform necessary intervention and avoid the increase of network pressure by the windows terminal.
Example three:
the embodiment provides a method for detecting a Windows terminal in a shared network, as shown in fig. 2, the method includes:
s101, receiving an SSL encrypted message and a DNS message of a terminal user, decoding the message, and matching the decoded character string with a preset regular expression;
s102, after matching is successful, setting the marking bit corresponding to the Windows encryption stream and the marking bit corresponding to the Windows DNS stream in the user table;
s103, traversing the marks of the Windows encryption stream and the DNS stream in the user table, and counting the Windows terminal shared internet access behavior of the current user if the Windows encryption stream and the DNS stream exist and are effective data streams.
Specifically, as shown in fig. 3, the specific steps of matching the SSL encryption message are as follows:
step 1, receiving a user message, and decoding the user message;
step 2, judging whether the current message is a TCP message or not, judging whether the current message is an SSL encrypted message or not, if not, skipping to the step 1, and if the current message meets the conditions, decoding and extracting a server _ name field of the SSL encrypted message ClientHello;
and 3, matching the server _ name character string with a preset regular expression of the times of the Windows.
As shown in fig. 4, the specific steps of matching DNS messages are as follows:
step 1, receiving a user message, and decoding the user message;
step 2, judging whether the current message is a UDP message or a DNS message, if not, skipping to the step 1, and if the current message meets the condition, decoding and extracting the query domain name field of the DNS request message;
and 3, matching the domain name character strings with preset DNS domain name regular expressions (DNS. msftncsi. com) and teredo. microsoft. com after successful extraction, updating the Windows DNS stream marking bits, the number and the time stamps in the user table if any expression can be matched, and skipping to the step 1 if the matching fails.
Example four:
referring to fig. 5, a receiving module is configured to obtain data stream packets communicated in a shared network, and screen out a target data stream packet from the data stream packets, where the target data stream packet is a data stream packet unique to a Windows system;
the decoding module is used for decoding the target data stream message to obtain a corresponding target domain name field;
the matching module is used for matching the target domain name field with a preset regular expression; and when the matching is successful, marking the detection result.
This embodiment further provides another apparatus for detecting a windows terminal, as shown in fig. 6, and based on fig. 5, the apparatus further includes: the reporting module is used for storing the successfully matched data stream messages, counting the data stream messages and acquiring a timestamp value; when data flow messages of communication of the same shared network are acquired and the counted numerical value is larger than a preset counting value, reporting the information of the corresponding shared network;
and the updating module is used for acquiring the timestamp value of the last data stream message, comparing the timestamp value with the previously acquired timestamp value and deleting the data stream message of which the time interval is greater than the preset time interval.
The present embodiments also provide a computer-readable storage medium including volatile or non-volatile, removable or non-removable media implemented in any method or technology for storage of information such as computer-readable instructions, data structures, computer program modules or other data. Computer-readable storage media include, but are not limited to, RAM (Random Access Memory), ROM (Read-Only Memory), EEPROM (Electrically Erasable Programmable Read-Only Memory), flash Memory or other Memory technology, CD-ROM (Compact disk Read-Only Memory), Digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer.
It will be apparent to those skilled in the art that all or some of the steps of the methods, systems, functional modules/units in the devices disclosed above may be implemented as software (which may be implemented in computer program code executable by a computing device), firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed by several physical components in cooperation. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit.
In addition, communication media typically embodies computer readable instructions, data structures, computer program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as known to one of ordinary skill in the art. Thus, the present invention is not limited to any specific combination of hardware and software.
The foregoing is a more detailed description of embodiments of the present invention, and the present invention is not to be considered limited to such descriptions. For those skilled in the art to which the invention pertains, several simple deductions or substitutions can be made without departing from the spirit of the invention, and all shall be considered as belonging to the protection scope of the invention.
Claims (11)
1. A method for detecting windows terminal is applied to a shared network under a mobile network, and is characterized by comprising the following steps:
acquiring data stream messages communicated in a shared network, and screening out target data stream messages from the data stream messages, wherein the target data stream messages are unique data stream messages of a Windows system;
decoding the target data stream message to obtain a corresponding target domain name field;
matching the target domain name field with a preset regular expression; if the matching is successful, the windows terminal exists and marking is carried out; and if the matching fails, the windows terminal does not exist.
2. The method of detecting a windows terminal of claim 1, wherein the target data stream packet is configured via an xml file.
3. The method of detecting a windows terminal of claim 1 wherein when the target data flow packet is an SSL encrypted packet;
decoding the uplink ClientHello packet of the SSL encrypted message to obtain a corresponding server _ name domain name field;
matching the server _ name domain name field with a preset regular expression; and if the matching is successful, carrying out Windows encrypted stream marking on the currently acquired data stream message.
4. The method of detecting a windows terminal of claim 3 wherein the predetermined regular expression is.
5. The method of detecting a windows terminal as claimed in claim 1, wherein when the target data flow packet is a DNS packet:
decoding a request domain name field of an uplink query of the DNS message to obtain a corresponding DNS domain name field;
matching the DNS domain name field with a preset regular expression; and if the matching is successful, carrying out Windows DNS stream marking on the currently acquired data stream message.
6. The method of detecting windows terminals as claimed in claim 5, wherein the preset regular expressions are dns.
7. The method of detecting a windows terminal of any of claims 1 to 6 further comprising, after a successful match:
storing the successfully matched data stream messages, counting the data stream messages and acquiring a timestamp value;
and when the data flow message of the communication of the same shared network is acquired and the counted numerical value is greater than the preset counting value, reporting the information of the corresponding shared network.
8. The method of detecting a windows terminal of claim 7, wherein prior to reporting the information of the corresponding shared network further comprises:
and acquiring the timestamp value of the last data stream message, comparing the timestamp value with the previously acquired timestamp value, and deleting the data stream messages with the time interval larger than the preset time interval.
9. An apparatus for detecting a windows terminal, which is applied to a shared network under a mobile network, is characterized in that the apparatus comprises:
the system comprises a receiving module, a processing module and a sending module, wherein the receiving module is used for acquiring data stream messages communicated in a shared network and screening target data stream messages from the data stream messages, and the target data stream messages are unique data stream messages of a Windows system;
the decoding module is used for decoding the target data stream message to obtain a corresponding target domain name field;
the matching module is used for matching the target domain name field with a preset regular expression; and when the matching is successful, marking the detection result.
10. The apparatus for detecting a windows terminal of claim 8 further comprising:
the reporting module is used for storing the successfully matched data stream messages, counting the data stream messages and acquiring a timestamp value; when data flow messages of communication of the same shared network are acquired and the counted numerical value is larger than a preset counting value, reporting the information of the corresponding shared network;
and the updating module is used for acquiring the timestamp value of the last data stream message, comparing the timestamp value with the previously acquired timestamp value and deleting the data stream message of which the time interval is greater than the preset time interval.
11. A computer readable storage medium, having one or more computer programs stored thereon, the one or more computer programs being executable by one or more processors to perform the steps of the method for detecting a windows terminal as claimed in any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010580489.XA CN113839826B (en) | 2020-06-23 | 2020-06-23 | Method and device for detecting windows terminal and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010580489.XA CN113839826B (en) | 2020-06-23 | 2020-06-23 | Method and device for detecting windows terminal and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113839826A true CN113839826A (en) | 2021-12-24 |
| CN113839826B CN113839826B (en) | 2024-04-30 |
Family
ID=78963981
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010580489.XA Active CN113839826B (en) | 2020-06-23 | 2020-06-23 | Method and device for detecting windows terminal and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113839826B (en) |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020163502A1 (en) * | 1998-12-03 | 2002-11-07 | Robert Julian Kamper | Method and apparatus for enabling the adaptation of the input parameters for a computer system pointing device |
| US20120084430A1 (en) * | 2010-09-30 | 2012-04-05 | Shi Lu | Methods and apparatus to measure mobile broadband market share |
| US20120157040A1 (en) * | 2010-12-21 | 2012-06-21 | Sony Corporation | Information processing device, communication system, and billing method for wireless terminal device |
| US8832780B1 (en) * | 2012-06-26 | 2014-09-09 | Symantec Corporation | Data loss prevention of a shared network file system |
| CN104753931A (en) * | 2015-03-18 | 2015-07-01 | 中国人民解放军信息工程大学 | DPI (deep packet inspection) method based on regular expression |
| CN105591836A (en) * | 2015-09-09 | 2016-05-18 | 杭州华三通信技术有限公司 | Data flow detection method and device |
| CN106067879A (en) * | 2016-06-07 | 2016-11-02 | 腾讯科技(深圳)有限公司 | The detection method of information and device |
| CN106411644A (en) * | 2016-09-30 | 2017-02-15 | 苏州迈科网络安全技术股份有限公司 | Network sharing device detection method and system based on DPI technology |
| CN107682162A (en) * | 2017-10-13 | 2018-02-09 | 广州视源电子科技股份有限公司 | Electronic equipment, network share method and device |
| WO2018049940A1 (en) * | 2016-09-14 | 2018-03-22 | 广东欧珀移动通信有限公司 | Network access method, related device and system |
| CN108024291A (en) * | 2016-11-01 | 2018-05-11 | 中兴通讯股份有限公司 | The method and device that shared verification detects in a kind of mobile network |
| CN109429262A (en) * | 2017-09-04 | 2019-03-05 | ***通信有限公司研究院 | A kind of detection method of hot spot, the network equipment and computer readable storage medium |
| US20190215888A1 (en) * | 2018-01-09 | 2019-07-11 | Comcast Cable Communications, Llc | Beam Selection in Beam Failure Recovery Request Retransmission |
-
2020
- 2020-06-23 CN CN202010580489.XA patent/CN113839826B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020163502A1 (en) * | 1998-12-03 | 2002-11-07 | Robert Julian Kamper | Method and apparatus for enabling the adaptation of the input parameters for a computer system pointing device |
| US20120084430A1 (en) * | 2010-09-30 | 2012-04-05 | Shi Lu | Methods and apparatus to measure mobile broadband market share |
| US20120157040A1 (en) * | 2010-12-21 | 2012-06-21 | Sony Corporation | Information processing device, communication system, and billing method for wireless terminal device |
| US8832780B1 (en) * | 2012-06-26 | 2014-09-09 | Symantec Corporation | Data loss prevention of a shared network file system |
| CN104753931A (en) * | 2015-03-18 | 2015-07-01 | 中国人民解放军信息工程大学 | DPI (deep packet inspection) method based on regular expression |
| CN105591836A (en) * | 2015-09-09 | 2016-05-18 | 杭州华三通信技术有限公司 | Data flow detection method and device |
| CN106067879A (en) * | 2016-06-07 | 2016-11-02 | 腾讯科技(深圳)有限公司 | The detection method of information and device |
| WO2018049940A1 (en) * | 2016-09-14 | 2018-03-22 | 广东欧珀移动通信有限公司 | Network access method, related device and system |
| CN106411644A (en) * | 2016-09-30 | 2017-02-15 | 苏州迈科网络安全技术股份有限公司 | Network sharing device detection method and system based on DPI technology |
| CN108024291A (en) * | 2016-11-01 | 2018-05-11 | 中兴通讯股份有限公司 | The method and device that shared verification detects in a kind of mobile network |
| CN109429262A (en) * | 2017-09-04 | 2019-03-05 | ***通信有限公司研究院 | A kind of detection method of hot spot, the network equipment and computer readable storage medium |
| CN107682162A (en) * | 2017-10-13 | 2018-02-09 | 广州视源电子科技股份有限公司 | Electronic equipment, network share method and device |
| US20190215888A1 (en) * | 2018-01-09 | 2019-07-11 | Comcast Cable Communications, Llc | Beam Selection in Beam Failure Recovery Request Retransmission |
Non-Patent Citations (3)
| Title |
|---|
| YUFENG WANG ET.AL: "Survey on mobile social networking in proximity (MSNP): approaches, challenges and architecture", WIRELESS NETWORKS, vol. 20, 11 December 2013 (2013-12-11), pages 1295 - 1311, XP055518291, DOI: 10.1007/s11276-013-0677-7 * |
| 周唯: "不同接入链路中带宽公平共享拥塞控制机制研究", 中国优秀硕士学位论文全文数据库, 15 February 2014 (2014-02-15) * |
| 谭超;: "现代NAT检测技术的原理与应用", 仪器仪表用户, no. 05, 8 October 2006 (2006-10-08) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113839826B (en) | 2024-04-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109889547B (en) | Abnormal network equipment detection method and device | |
| US9369435B2 (en) | Method for providing authoritative application-based routing and an improved application firewall | |
| CN109194680B (en) | Network attack identification method, device and equipment | |
| CN110708215B (en) | Deep packet inspection rule base generation method, device, network equipment and storage medium | |
| CN106936791B (en) | Method and device for intercepting malicious website access | |
| CN110417778B (en) | Access request processing method and device | |
| CN110519265B (en) | Method and device for defending attack | |
| CN110808879B (en) | Protocol identification method, device, equipment and readable storage medium | |
| US9973513B2 (en) | Method and apparatus for communication number update | |
| US20120221590A1 (en) | Method, apparatus and system for protocol identification | |
| CN109150741B (en) | Message sending method and device, electronic equipment and storage medium | |
| CN113873057B (en) | Data processing method and device | |
| CN110798451A (en) | Security authentication method and device | |
| CN113114524B (en) | Spark streaming based DNS tunnel detection method and device and electronic equipment | |
| CN110768950A (en) | Permeation instruction sending method and device, storage medium and electronic device | |
| CN113839826A (en) | Method and device for detecting windows terminal and computer readable storage medium | |
| CN113992364B (en) | Network data packet blocking optimization method and system | |
| CN114285769B (en) | Shared internet surfing detection method, device, equipment and storage medium | |
| CN115955333A (en) | C2 server identification method and device, electronic equipment and readable storage medium | |
| TW201928746A (en) | Method and apparatus for detecting malware | |
| CN113904843A (en) | Method and device for analyzing abnormal DNS (Domain name Server) behaviors of terminal | |
| CN108768987B (en) | Data interaction method, device and system | |
| CN110784469A (en) | Method and system for identifying abnormal login by identifying forged MAC address | |
| CN113158184B (en) | Attack script generation method and related device based on finite state automaton | |
| EP4391483A2 (en) | System and method for traffic flow classification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |