CN116528274B - Network quality regulation and control method and related equipment - Google Patents
Network quality regulation and control method and related equipment Download PDFInfo
- Publication number
- CN116528274B CN116528274B CN202310813966.6A CN202310813966A CN116528274B CN 116528274 B CN116528274 B CN 116528274B CN 202310813966 A CN202310813966 A CN 202310813966A CN 116528274 B CN116528274 B CN 116528274B
- Authority
- CN
- China
- Prior art keywords
- network
- data
- quality
- target
- real
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 87
- 230000033228 biological regulation Effects 0.000 title claims abstract description 67
- 230000002159 abnormal effect Effects 0.000 claims abstract description 118
- 238000003908 quality control method Methods 0.000 claims abstract description 69
- 238000007619 statistical method Methods 0.000 claims abstract description 67
- 230000005856 abnormality Effects 0.000 claims abstract description 25
- 238000011217 control strategy Methods 0.000 claims abstract description 17
- 238000001514 detection method Methods 0.000 claims description 77
- 230000006870 function Effects 0.000 claims description 75
- 238000004458 analytical method Methods 0.000 claims description 33
- 238000012545 processing Methods 0.000 claims description 33
- 230000008569 process Effects 0.000 claims description 25
- 238000003860 storage Methods 0.000 claims description 22
- 238000012795 verification Methods 0.000 claims description 20
- 230000007123 defense Effects 0.000 claims description 18
- 230000001276 controlling effect Effects 0.000 claims description 16
- 238000012549 training Methods 0.000 claims description 14
- 230000001105 regulatory effect Effects 0.000 claims description 13
- 238000001914 filtration Methods 0.000 claims description 9
- 230000009466 transformation Effects 0.000 claims description 6
- 238000006243 chemical reaction Methods 0.000 claims description 4
- 238000004891 communication Methods 0.000 abstract description 22
- 238000005516 engineering process Methods 0.000 description 73
- 230000007246 mechanism Effects 0.000 description 29
- 230000005540 biological transmission Effects 0.000 description 25
- 238000004364 calculation method Methods 0.000 description 25
- 238000007726 management method Methods 0.000 description 23
- 238000004422 calculation algorithm Methods 0.000 description 22
- 239000000306 component Substances 0.000 description 21
- 238000012360 testing method Methods 0.000 description 20
- 238000010586 diagram Methods 0.000 description 17
- 238000005457 optimization Methods 0.000 description 15
- 238000013473 artificial intelligence Methods 0.000 description 11
- 238000012937 correction Methods 0.000 description 10
- 238000004590 computer program Methods 0.000 description 9
- 238000011161 development Methods 0.000 description 9
- 230000018109 developmental process Effects 0.000 description 9
- 238000004519 manufacturing process Methods 0.000 description 8
- 230000000694 effects Effects 0.000 description 7
- 238000010801 machine learning Methods 0.000 description 7
- 238000011897 real-time detection Methods 0.000 description 7
- 230000004927 fusion Effects 0.000 description 6
- 230000011664 signaling Effects 0.000 description 6
- 238000012544 monitoring process Methods 0.000 description 5
- 238000013528 artificial neural network Methods 0.000 description 4
- 238000013461 design Methods 0.000 description 4
- 238000011156 evaluation Methods 0.000 description 4
- 230000001965 increasing effect Effects 0.000 description 4
- 238000010295 mobile communication Methods 0.000 description 4
- 238000012384 transportation and delivery Methods 0.000 description 4
- 206010033799 Paralysis Diseases 0.000 description 3
- 241000700605 Viruses Species 0.000 description 3
- 230000006399 behavior Effects 0.000 description 3
- 238000013527 convolutional neural network Methods 0.000 description 3
- 238000013135 deep learning Methods 0.000 description 3
- 238000010223 real-time analysis Methods 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 238000005728 strengthening Methods 0.000 description 3
- 238000011144 upstream manufacturing Methods 0.000 description 3
- 241000287828 Gallus gallus Species 0.000 description 2
- 238000013459 approach Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000002457 bidirectional effect Effects 0.000 description 2
- 230000003139 buffering effect Effects 0.000 description 2
- 230000000052 comparative effect Effects 0.000 description 2
- 238000013523 data management Methods 0.000 description 2
- 230000008260 defense mechanism Effects 0.000 description 2
- 230000001934 delay Effects 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 230000002708 enhancing effect Effects 0.000 description 2
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 238000003062 neural network model Methods 0.000 description 2
- 210000002569 neuron Anatomy 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000008447 perception Effects 0.000 description 2
- 230000002265 prevention Effects 0.000 description 2
- 230000002787 reinforcement Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000004904 shortening Methods 0.000 description 2
- 238000012706 support-vector machine Methods 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000012098 association analyses Methods 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000003190 augmentative effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 239000008358 core component Substances 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 238000013079 data visualisation Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 238000007599 discharging Methods 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000006698 induction Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 229920003087 methylethyl cellulose Polymers 0.000 description 1
- 238000013508 migration Methods 0.000 description 1
- 230000005012 migration Effects 0.000 description 1
- 238000003058 natural language processing Methods 0.000 description 1
- 238000000059 patterning Methods 0.000 description 1
- 238000013439 planning Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000000275 quality assurance Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000008844 regulatory mechanism Effects 0.000 description 1
- 238000013468 resource allocation Methods 0.000 description 1
- 230000033764 rhythmic process Effects 0.000 description 1
- 238000012954 risk control Methods 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000013526 transfer learning Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/02—Arrangements for optimising operational condition
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W16/00—Network planning, e.g. coverage or traffic planning tools; Network deployment, e.g. resource partitioning or cells structures
- H04W16/22—Traffic simulation tools or models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/06—Testing, supervising or monitoring using simulated traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/08—Testing, supervising or monitoring using real traffic
Abstract
The application discloses a network quality regulation and control method and related equipment, which can collect service flow data in a target network in real time; carrying out real-time statistical analysis on the network data packet to obtain network service quality data of a target network; determining predicted network service quality data of a target network in a future time period according to the network service quality data through a network quality prediction model; based on real network service quality data of a target network in a target prediction time period obtained by real-time statistical analysis, verifying the predicted network service quality data to obtain target network service quality data; when detecting that the target network has abnormal problems according to the service quality data of the target network, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problems. The application can timely find or predict the network abnormality problem which possibly occurs, and ensure the communication quality and the safety and reliability of the network.
Description
Technical Field
The application relates to the technical field of communication, in particular to a network quality regulation and control method and related equipment.
Background
With the development of mobile communication technology, user services gradually change from traditional voice call services to multimedia data services such as live video broadcast, network games, vehicle-road cooperation and the like. In addition, the network security situation becomes more and more complex, and the network security threatened events such as malicious activities, abnormal attacks and the like occur, so that the network is easy to cause the problems of network data leakage, server paralysis and the like after being attacked, and great loss is brought to users. In order to meet the increasingly abundant service demands of users and ensure the normal service and data security of the users, higher requirements are put forward on the network quality.
In the prior art, for detecting network quality safety problems, generally, captured data packets are analyzed to obtain network quality data, and then, based on the network quality data obtained by analysis, abnormal detection is performed on a network.
Disclosure of Invention
The embodiment of the application provides a network quality regulation method and related equipment, wherein the related equipment can comprise a network quality regulation device, electronic equipment, a computer readable storage medium and a computer program product, so that network anomaly problems which possibly occur can be found or predicted in time, and the communication quality and the safety and the reliability of a network are ensured.
The embodiment of the application provides a network quality regulation and control method, which comprises the following steps:
collecting service flow data in a target network in real time, wherein the service flow data comprises at least one network data packet;
carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension;
determining predicted network quality of service data of the target network in a future time period according to the network quality of service data through a network quality prediction model;
verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to a prediction process of the network quality prediction model;
detecting network abnormality of the target network according to the target network service quality data;
when detecting that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem.
Correspondingly, an embodiment of the present application provides a network quality control device, including:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring service flow data in a target network in real time, and the service flow data comprises at least one network data packet;
the statistical analysis unit is used for carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension;
the prediction unit is used for determining predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model;
the verification unit is used for verifying the predicted network service quality data based on the real network service quality data of the target network in a target predicted time period, which is obtained by real-time statistical analysis, so as to obtain the target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to the prediction process of the network quality prediction model;
the detection unit is used for detecting network abnormality of the target network according to the target network service quality data;
and the regulating and controlling unit is used for regulating and controlling the quality of the target network based on a target network regulating and controlling strategy corresponding to the abnormal problem when the abnormal problem exists in the target network.
Alternatively, in some embodiments of the present application, the verification unit may include a determination subunit, a calculation subunit, and a verification pass subunit, as follows:
the determining subunit is used for determining real network service quality data of the target network within a target prediction time period, which is obtained through real-time statistical analysis;
a calculating subunit, configured to calculate a fitting degree between the real network quality of service data and the predicted network quality of service data, so as to verify the predicted network quality of service data;
and the verification passing subunit is used for determining the predicted network service quality data as target network service quality data through verification of the predicted network service quality data when the fitting degree meets a preset fitting condition.
Optionally, in some embodiments of the present application, the network quality control device may further include a correction unit, as follows:
and the correction unit is used for correcting the predicted network service quality data based on the real network service quality data to obtain target network service quality data when the fitting degree does not meet the preset fitting condition.
Alternatively, in some embodiments of the present application, the correction unit may include a weight determination subunit and a fusion subunit, as follows:
the weight determining subunit is configured to determine a first weight corresponding to the real network quality of service data and a second weight corresponding to the predicted network quality of service data;
and the fusion subunit is used for fusing the real network service quality data and the predicted network service quality data according to the first weight and the second weight to obtain target network service quality data.
Optionally, in some embodiments of the present application, the network quality control device may further include a training unit, as follows:
and the training unit is used for training the network quality prediction model based on the real network service quality data when the fitting degree does not meet the preset fitting condition, so as to obtain a trained network quality prediction model.
Alternatively, in some embodiments of the present application, the training unit may include a loss calculation subunit and an adjustment subunit, as follows:
the loss calculation subunit is configured to calculate a loss value between the real network quality of service data and the predicted network quality of service data;
And the adjustment subunit is used for adjusting parameters of the network quality prediction model based on the loss value to obtain a trained network quality prediction model.
Optionally, in some embodiments of the present application, the calculating subunit may be specifically configured to perform a transform process on a time axis on a data sequence corresponding to the predicted network quality of service data when a difference between the time lengths of the future time period and the target predicted time period is greater than a preset value, to obtain a processed predicted data sequence; performing conversion processing on a time axis on a data sequence corresponding to the real network service quality data to obtain a processed real data sequence; calculating the similarity between the processed predicted data sequence and the processed real data sequence; and determining the fitting degree between the real network service quality data and the predicted network service quality data based on the similarity.
Optionally, in some embodiments of the present application, the regulation unit may include a first execution subunit, a second execution subunit, an analysis subunit, and a third execution subunit, as follows:
the first execution subunit is configured to execute a security defense policy for the target network when the abnormal problem indicates that the target network has a risk of being attacked, so as to perform quality control on the target network;
A second execution subunit, configured to execute a load regulation policy for the target network when the abnormal problem indicates that the target network has a network overload risk, so as to perform quality regulation on the target network;
an analysis subunit, configured to perform device representation analysis on a service device accessing the target network when the abnormal problem indicates that the target network has abnormal network traffic, so as to determine a device identity of the service device;
and the third execution subunit is used for executing a security defense strategy aiming at the target network when the equipment identity indicates that the service equipment is abnormal equipment so as to regulate and control the quality of the target network.
Optionally, in some embodiments of the present application, the first execution subunit may be specifically configured to intercept an access request for a service device of the target network based on a preset abnormal device list; according to the session state of the service equipment accessing the target network, filtering the network data packet corresponding to the service equipment; and carrying out anomaly detection on the business flow data in the target network based on a preset anomaly rule.
Optionally, in some embodiments of the present application, the network quality control apparatus may further include an anomaly detection unit and a quality control unit, as follows:
the abnormality detection unit is used for carrying out real-time abnormality detection on the network service quality data to obtain a network detection result;
and the quality control unit is used for controlling the quality of the target network based on a target network control strategy corresponding to the abnormal problem when the network detection result indicates that the target network has the abnormal problem.
Optionally, in some embodiments of the present application, the network quality control apparatus is adapted to a network device, where the network device includes a user plane function component; the acquisition unit can be specifically used for acquiring service flow data in a target network in real time through the user plane functional component, wherein the service flow data comprises at least one network data packet;
the statistical analysis unit may be specifically configured to perform real-time statistical analysis on the network data packet through the user plane function component to obtain network quality of service data of the target network in at least one dimension;
the anomaly detection unit may be specifically configured to transmit the network quality of service data to an anomaly detection server in real time through a data opening function of the user plane function component, so as to trigger the anomaly detection server to perform real-time anomaly detection on the network quality of service data, thereby obtaining a network detection result.
Alternatively, in some embodiments of the present application, the prediction unit may include a transmission subunit and a prediction subunit, as follows:
the transmission subunit is configured to transmit the network quality of service data to a prediction server through an open interface, where the prediction server stores a network quality prediction model;
and the prediction subunit is used for triggering the prediction server to determine the predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model.
The electronic equipment provided by the embodiment of the application comprises a processor and a memory, wherein the memory stores a plurality of instructions, and the processor loads the instructions to execute the steps in the network quality regulation method provided by the embodiment of the application.
The embodiment of the application also provides a computer readable storage medium, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the steps in the network quality regulation method provided by the embodiment of the application.
In addition, the embodiment of the application also provides a computer program product, which comprises a computer program or instructions, and the computer program or instructions realize the steps in the network quality regulation method provided by the embodiment of the application when being executed by a processor.
The embodiment of the application provides a network quality regulation and control method and related equipment, which can collect service flow data in a target network in real time, wherein the service flow data comprises at least one network data packet; carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension; determining predicted network quality of service data of the target network in a future time period according to the network quality of service data through a network quality prediction model; verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to a prediction process of the network quality prediction model; detecting network abnormality of the target network according to the target network service quality data; when detecting that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem. The application can be combined with the network quality prediction model to predict the network quality in the future time period, so that the network anomaly problem which possibly occurs can be found or predicted in time, the communication quality and the safety and reliability of the network are ensured, specifically, the predicted network service quality data output by the network quality prediction model can be verified based on the real network service quality data obtained by a real-time acquisition and analysis mechanism, the accuracy of a prediction result is ensured, when the network anomaly is detected based on the verified target network service quality data, a corresponding network regulation strategy can be introduced to regulate and optimize the network, the quality of the network is enhanced, and the stability and the safety of the user surfing the internet are ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1a is a schematic diagram of a scenario of a network quality control method according to an embodiment of the present application;
fig. 1b is a flowchart of a network quality control method according to an embodiment of the present application;
fig. 1c is an explanatory diagram of a network quality regulation method provided by an embodiment of the present application;
fig. 1d is a network architecture diagram of a network quality control method according to an embodiment of the present application;
fig. 1e is another explanatory diagram of a network quality regulation method according to an embodiment of the present application;
fig. 1f is another explanatory diagram of a network quality regulation method according to an embodiment of the present application;
FIG. 1g is another flow chart of a network quality control method according to an embodiment of the present application;
fig. 1h is a system architecture diagram of a network quality control method according to an embodiment of the present application;
fig. 1i is a schematic diagram of a network quality control method according to an embodiment of the present application;
Fig. 1j is another explanatory diagram of a network quality regulation method according to an embodiment of the present application;
fig. 1k is a schematic page diagram of a network quality control method according to an embodiment of the present application;
fig. 1l is another explanatory diagram of a network quality regulation method according to an embodiment of the present application;
fig. 1m is another schematic diagram of a network quality control method according to an embodiment of the present application;
fig. 1n is a schematic diagram of another scenario of a network quality control method according to an embodiment of the present application;
fig. 1o is a schematic diagram of another scenario of a network quality regulation method according to an embodiment of the present application;
fig. 2 is another flowchart of a network quality control method according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a network quality control device according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to fall within the scope of the application.
Embodiments of the present application provide a network quality control method and related devices, which may include a network quality control apparatus, an electronic device, a computer-readable storage medium, and a computer program product. The network quality control device may in particular be integrated in an electronic device, which may be a network device.
As shown in fig. 1a, an example is a network quality control method performed by a terminal and a server together. The network quality regulation and control system provided by the embodiment of the application comprises a terminal, a server, network equipment and the like; the terminal and the server are connected through a network, for example, a wired or wireless network connection, wherein the network quality control device can be integrated in the network equipment.
Wherein the network device may be configured to: collecting service flow data in a target network in real time, wherein the service flow data comprises at least one network data packet; carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension; determining predicted network quality of service data of the target network in a future time period according to the network quality of service data through a network quality prediction model; verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to a prediction process of the network quality prediction model; detecting network abnormality of the target network according to the target network service quality data; when detecting that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem. The network device may be a UPF device in the core network, etc.
Wherein the terminal may be configured to: and sending the service flow data to the server through the network equipment, and receiving the data fed back by the server through the network equipment. The terminal may include a mobile phone, a smart television, a tablet computer, a notebook computer, a personal computer (PC, personal Computer), or the like. A client may also be provided on the terminal, which may be an application client or a browser client, etc.
Wherein the server may be configured to: and receiving the service flow data sent by the terminal through the network equipment, and sending feedback data to the terminal through the network equipment based on the service flow data. The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, content delivery networks (CDN, content Delivery Network), basic cloud computing services such as big data and artificial intelligent platforms, and the like.
The network quality regulation and control method provided by the embodiment of the application relates to a machine learning direction in the field of artificial intelligence.
Among these, artificial intelligence (Artificial Intelligence, AI) is the theory, method, technique and application system that uses a digital computer or a digital computer-controlled machine to simulate, extend and extend human intelligence, sense the environment, acquire knowledge and use knowledge to obtain optimal results. In other words, artificial intelligence is an integrated technology of computer science that attempts to understand the essence of intelligence and to produce a new intelligent machine that can react in a similar way to human intelligence. Artificial intelligence, i.e. research on design principles and implementation methods of various intelligent machines, enables the machines to have functions of sensing, reasoning and decision. The artificial intelligence technology is a comprehensive subject, and relates to the technology with wide fields, namely the technology with a hardware level and the technology with a software level. Artificial intelligence infrastructure technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction systems, mechatronics, and the like. The artificial intelligence software technology mainly comprises a computer vision technology, a voice processing technology, a natural language processing technology, machine learning/deep learning, automatic driving, intelligent traffic and other directions.
Among them, machine Learning (ML) is a multi-domain interdisciplinary, and involves multiple disciplines such as probability theory, statistics, approximation theory, convex analysis, algorithm complexity theory, etc. It is specially studied how a computer simulates or implements learning behavior of a human to acquire new knowledge or skills, and reorganizes existing knowledge structures to continuously improve own performance. Machine learning is the core of artificial intelligence, a fundamental approach to letting computers have intelligence, which is applied throughout various areas of artificial intelligence. Machine learning and deep learning typically include techniques such as artificial neural networks, belief networks, reinforcement learning, transfer learning, induction learning, teaching learning, and the like.
The network quality regulation and control method provided by the embodiment of the application also relates to a cloud network, cloud security and cloud computing directions in the cloud technical field.
Cloud technology (Cloud technology) refers to a hosting technology that unifies serial resources such as hardware, software, networks and the like in a wide area network or a local area network to realize calculation, storage, processing and sharing of data. The cloud technology is a generic term of network technology, information technology, integration technology, management platform technology, application technology and the like based on cloud computing business model application, can form a resource pool, and is flexible and convenient as required. Cloud computing technology will become an important support. Background services of technical networking systems require a large amount of computing, storage resources, such as video websites, picture-like websites, and more portals. Along with the high development and application of the internet industry, each article possibly has an own identification mark in the future, the identification mark needs to be transmitted to a background system for logic processing, data with different levels can be processed separately, and various industry data needs strong system rear shield support and can be realized only through cloud computing.
The Cloud network (Cloud web) is specifically a generic term for Cloud time internet technology, integration and application. Cloud networks use clouds to implement connections between network resources, which may represent a pool of resources that users pay for on-demand access by integrating separate servers into a virtual network service system through network technology.
Cloud Security (Cloud Security) refers to a generic term of Security software, hardware, users, institutions, and Security Cloud platforms based on Cloud computing business model application. Cloud security fuses emerging technologies and concepts such as parallel processing, grid computing, unknown virus behavior judgment and the like, acquires the latest information of Trojan horse and malicious programs in the Internet through abnormal monitoring of a large number of network clients on software behaviors, sends the latest information to a server for automatic analysis and processing, and distributes solutions of viruses and Trojan horse to each client.
The main research directions of cloud security include: 1. cloud computing security, namely, how to guarantee security of cloud and various applications on the cloud, including cloud computer system security, security storage and isolation of user data, user access authentication, information transmission security, network attack protection, compliance audit and the like; 2. clouding of a safety infrastructure, mainly researching how to build and integrate safety infrastructure resources by adopting cloud computing, and optimizing a safety protection mechanism, wherein the cloud computing technology is used for constructing a super-large-scale safety event and an information acquisition and processing platform, realizing acquisition and association analysis of mass information, and improving the control capability and risk control capability of the whole-network safety event; 3. cloud security services, mainly research on various security services provided for users based on cloud computing platforms, such as anti-virus services and the like.
Wherein cloud computing (cloud computing) refers to a delivery and usage mode of an IT infrastructure, which refers to obtaining required resources in an on-demand, easily-extensible manner through a network; generalized cloud computing refers to the delivery and usage patterns of services, meaning that the required services are obtained in an on-demand, easily scalable manner over a network. Such services may be IT, software, internet related, or other services. Cloud Computing is a product of fusion of traditional computer and network technology developments such as Grid Computing (Grid Computing), distributed Computing (Distributed Computing), parallel Computing (Parallel Computing), utility Computing (Utility Computing), network storage (Network Storage Technologies), virtualization (Virtualization), load balancing (Load balancing), and the like. With the development of the internet, real-time data flow and diversification of connected devices, and the promotion of demands of search services, social networks, mobile commerce, open collaboration and the like, cloud computing is rapidly developed. Unlike the previous parallel distributed computing, the generation of cloud computing will promote the revolutionary transformation of the whole internet mode and enterprise management mode in concept.
The following will describe in detail. The following description of the embodiments is not intended to limit the preferred embodiments.
The present embodiment will be described from the viewpoint of a network quality control apparatus, which may be integrated in an electronic device, which may be a network device or the like, in particular.
It will be appreciated that in the specific embodiments of the present application, related data such as user information is involved, and when the above embodiments of the present application are applied to specific products or technologies, user permissions or consents need to be obtained, and the collection, use and processing of related data need to comply with related laws and regulations and standards of related countries and regions.
As shown in fig. 1b, the specific flow of the network quality control method may be as follows:
101. and collecting service flow data in the target network in real time, wherein the service flow data comprises at least one network data packet.
The target network may be a 5G network (core network), which is not limited in this embodiment.
The service flow data in the target network can be collected in real time through the UPF component. The traffic data may include a plurality of network packets, where the network packets may be IP (Internet Protocol ) packets.
Among them, a 5G (fifth generation mobile communication technology, 5th Generation Mobile Communication Technology) core network is used as a core part in the 5G communication system, and is responsible for processing data transmission and control in the mobile communication network, and is used for providing a higher data transmission rate, a lower delay and a higher network capacity to support more users and devices. The architecture of the 5G core network adopts a layered design, and comprises a user plane and a control plane, wherein the user plane is responsible for processing data transmission, including data encryption, decryption and transmission; the control plane is responsible for handling network control and management including authentication, session management and resource allocation.
UPF (User Plane Function), i.e. user plane function, refers in particular to the network function responsible for handling user data transmission in 5G networks. UPF can distribute user data traffic to different network nodes in order to fulfill various traffic demands in the network. The UPF can provide low-delay and high-bandwidth network services and the like to realize flexible configuration of a network and efficient data transmission and management, and bring higher network quality and user experience to various business scenes.
For example, UPF can be used to enhance mobile broadband (eMBB). An eMBB is the most basic business requirement in 5G networks, which may involve application scenarios such as high definition video, virtual Reality (VR), and Augmented Reality (AR). The UPF can transmit user data to a suitable network node in order to quickly respond to the service needs of the mobile user and achieve low-latency, high-bandwidth data transmission.
For another example, UPF may also be used for internet of things (IoT, internet of Things). IoT refers to the connection of various devices and items over the internet, enabling the collection and transmission of data. The UPF can implement flexible configuration of the network, distribute data transmission of various devices and articles to different network nodes, and implement efficient data transmission and management.
Also for example, UPF can be used for Smart manufacturing (Industry 4.0). Smart manufacturing refers to the use of the internet and digital technology to achieve digitization and intellectualization of the manufacturing industry, including data collection and transmission of various devices and systems. The UPF can realize network management and optimization of various devices and systems in intelligent manufacturing, and improves manufacturing efficiency and product quality.
Specifically, the User Plane Function (UPF) of 5G is a basic component of the 5G core network architecture. UPF is the core of packet routing and forwarding, responsible for handling user data between mobile devices and networks. UPF has an important role in 5G networks and is therefore also faced with various security threats and attacks. The major security threats and attacks faced by UPF include the following:
1. data leakage: UPF may be attacked by an attacker while handling user data, creating a risk of data leakage.
2. Network attack: UPF may be subject to network attacks, such as denial of service (DoS) attacks, DDoS attacks, etc., when processing data, resulting in a network that is not available.
3. Malware: UPF may be attacked by malware, such as viruses, trojans, worms, etc., jeopardizing network security.
The DDoS (Distributed Denial of Service) attack is a distributed denial of service attack, which is an attack means for sending a large number of useless data packets or requests to a target website or server by using a large number of broiler chickens or controlled devices in a coordinated manner, so as to exhaust network bandwidth or server resources. DDoS attacks are typically collaborative attacks by multiple sources, which can be very large in scale. The main characteristics of DDoS attack include network paralysis, broiler attack, network layer attack and CC (Challenge Collapsar, challenge black hole) attack. The network paralysis is one of main targets of DDoS attack, and by controlling a large number of attack hosts to connect with website ports simultaneously, large-flow useless data is manufactured, so that network congestion to the attacked host is caused, and the attacked host cannot normally communicate with the outside. Under 5G networks and UPF, DDoS attacks are very dangerous. UPF is an important component in a 5G network, and is used for implementing data forwarding and flow control of a user plane, so if a DDoS attack is suffered, performance of the UPF is reduced, and data transmission speed and stability are affected. In addition, as the number of devices on the 5G network increases, the attack surface increases accordingly, so that the 5G network is more vulnerable to DDoS attacks.
In order to ensure the safety of UPF, the network quality regulation method provided by the application can take the following measures:
1) And (3) safe filtration: the UPF is deployed outside the operator network and therefore needs to provide security filtering functions to check and filter traffic in and out of the UPF.
2) Bidirectional digital authentication: the UPF adopts a bidirectional digital authentication mechanism to carry out identity authentication on the equipment accessed to the UPF, so as to prevent illegal equipment from accessing the network.
3) Data encryption: the UPF uses encryption technology to encrypt and protect user data, and prevents data leakage.
4) Malicious attack prevention: UPF adopts firewall, intrusion detection and intrusion prevention technologies to protect the network from malicious attacks.
UPF is used as a core component of a 5G network and bears important functions such as network flow control, security policy, quality assurance and the like. In order to ensure the safety of UPF operation and avoid damaging the normal internet surfing of users due to denial of service attack, the application provides a network quality enhancement technology combining UPF to real-time detection and model prediction of QoS data to ensure the safety and improve the robustness of a 5G network. Compared with the prior related art, the method combines network quality monitoring and AI prediction technologies at the same time, and enhances the accuracy of AI prediction through real-time statistical analysis. In addition, on the UPF security threat level caused by DDoS attack, the application further introduces a defending measure based on triggering on the basis of statistics and prediction, specifically, when the network quality is detected to be reduced or the DDoS attack is encountered, a security triggering mechanism is introduced to regulate and optimize the network, thereby realizing the comprehensive guarantee of UPF security.
102. And carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension.
The real-time statistical analysis of the network data packet may specifically be to analyze the network data packet in real time, obtain time information of the network data packet passing through each network node, so as to obtain round trip delay of data communication of each network node, and the like, and also may be to calculate the current size of the network data packet and the number of the current data packet in real time, so as to determine throughput, and the like.
The network service quality data in each dimension may include time delay, uplink and downlink jitter, uplink and downlink bandwidth, uplink and downlink throughput, and the like. Network quality of service data, i.e. QoS (Quality of Service ) data.
Specifically, the present application can independently count QoS data on the UPF, without adding additional configuration on the UE (User Equipment).
In one specific scenario, shown in fig. 1c, real-time network QoS data collected and calculated on the UPF is illustrated. The Timestamp indicates an acquisition Timestamp, the as_ip indicates an IP address of an access service, the ue_ip indicates an IP address of a user equipment, throughput_ul indicates an upstream Throughput, throughput_dl indicates a downstream Throughput, delay_ue indicates a delay from the UE user equipment to the AS server, delay_as indicates a delay from the AS server to the UE user equipment, ue_upf_delay indicates a delay from the UE to the UPF, upf_as_delay indicates a delay from the UPF to the AS, as_upf_delay indicates a delay from the AS to the UPF, upf_ue_delay indicates a delay from the UPF to the UE, jitter_ul indicates an upstream jitter, and jitter_dl indicates a downstream jitter.
In this embodiment, after the QoS data is acquired and calculated, the data may be analyzed by a statistical analysis functional module on the UPF on the one hand, and the QoS data may be transmitted to the prediction server in the form of an API to perform network quality prediction on the other hand. Meanwhile, by using the UPF capability opening technology, these high-quality underlying network data (i.e., qos data) can be further opened to the application layer to develop various network application apps, and then continuously integrated into the whole ecology to promote further development of the network.
Specifically, the UPF may be developed with functional modules such as uplink and downlink packet identification, qoS calculation, data buffering, data reporting, and API (Application Programming Interface ) opening. Fig. 1d shows the position of a UPF network element in a 5G core network environment, and in terms of service level, communication data when user equipment UE accesses a network all pass through UPF, and the UPF used in the present application is developed by adopting dpdk and VPP frames, so that the UPF capability opening function target of the present application can be effectively supported and completed. The application can open the application of the linkage upper layer through UPF capability, thereby forming a set of more stable and reliable network system. As shown in fig. 1e, functional modules and security applications of a UPF network element are shown, and a set of UPF security capability modules can be developed on the basis of the original 5G core network basic capability, where the UPF security capability modules can include QoS data calculation and guarantee, real-time detection of network status, attack detection and interception based on traffic analysis and whitelist, UE positioning information, and endogenous security, etc. The 5G core network control plane may include SMF, NEF, NWDAF functionality. The opening of UPF capability can bring about the value-added capability of the 5G network such as secondary authentication, autonomous IP distribution, local forwarding, TSN, time delay measurement, industry customization function and the like.
The 5G core network basic capability may include tunnel encapsulation and decapsulation, N4 node and session management, downlink data caching, local offloading, policy control, packet forwarding, and the like.
The NEF (Network Exposure Function) network open function is responsible for managing data to the external open network, and all external applications want to access the internal data of the 5G core network, and must pass through the NEF. The NEF may provide functions such as external application Qos customization capability opening. The NWDAF is a data perception analysis network element, and performs automatic perception and analysis on a network based on network data, and participates in network planning, construction, operation and maintenance, network optimization and operation full life cycle, so that the network is easy to maintain and control, the network resource utilization efficiency is improved, and the user service experience is improved. TSN (Time-Sensitive Networking) Time sensitive networks, i.e. a family of protocols that implement deterministic minimum Time delays in non-deterministic ethernet networks.
Specifically, in fig. 1d, the N1 interface is a signaling interface between the UE and the AMF, and the N2 interface is a signaling interface between the 5G (R) AN and the AMF. The N3 interface is AN interface between a 5G (R) AN (Radio Access Network ) and UPF (User Plane Function), and is mainly used for transferring uplink and downlink user plane data between the 5G (R) AN and the UPF. The N4 interface is an interface between a UPF and an SMF. The N6 interface is an interface of UPF (User Plane Function) and DN for delivering upstream and downstream user data flows between UPF and DN, communicating with DN networks based on IP and routing protocols. In addition, UDP (User Datagram Protocol) is a message-oriented transport layer protocol, TCP (Transmission Control Protocol) is a transmission control protocol. Sctp (Stream Control Transmission Protocol) is a stream control transmission protocol, which is a protocol that transmits multiple data streams simultaneously between two ends of a network connection.
gNB (generation node basestation) is a 5G base station. DN (Data Network) represents a data network, which may be, for example, an operator service, the internet or a third party service, etc.
AMF (Access and Mobility Management Function) is access and mobility management functionality. The AMF is a main functional unit of 5GC, provides a session management message transmission channel for the UE and the SMF, and provides authentication and authentication functions for the user when accessing, and the terminal and the wireless core network control plane access point. SMF (Session Management Function ) for handling traffic of a user.
AUSF (Authentication Server Function) it is used for receiving the request of the AMF for authentication of UE, requesting the key from the UDM, and forwarding the key issued by the UDM to the AMF for authentication. UDM (The Unified Data Management) the unified data management function. UDR (Unified Data Repository), a unified data warehouse function. MySQL is an open source cross-platform database management system based on SQL queries.
VPP framework: VPP (Vector Packet Processing) is an extensible open source framework that can provide production quality switch/router functionality. VPP has two main functions: the framework can extend and mature switching/routing functions. The VPP platform aims to solve the problem of high delay in single packet processing in the conventional scalar processing method. In order to improve the expandability of the network, the VPP adopts a vector processing mode, so that a plurality of data packets can be processed at the same time, and the delay is reduced. Specifically, the VPP may function as a network switch or router, and common usage scenarios include data centers, cloud computing, edge computing, internet of things, and the like. In addition, the flexibility and scalability of VPP also provides possibilities for the fields of network security, virtualized networks, etc.
DPDK (Data Plane Development Kit) is an open source data plane development kit that provides a set of libraries and drivers that can help developers build high-performance data plane applications quickly. The DPDK is mainly used in the fields of Network Function Virtualization (NFV), software Defined Network (SDN) and the like, and can accelerate the processing and forwarding of data packets and improve the performance and throughput of network application programs.
As shown in fig. 1f, it is illustrated how the UPF is linked to the upper layer application through capability openness. Specifically, the UPF receives and transmits data from N3 and N6 network ports in real time, calculates and counts single-way delay, round-trip delay, uplink and downlink jitter, and uplink and downlink bandwidth in an internal Node (Node) through the VPP framework, and then reports the QoS data to the AI network quality prediction model through the capability opening technology, and meanwhile, needs to analyze and detect cached data in real time. In addition, more security applications on the upper layer can call an API opened by UPF to acquire QoS data so as to realize more network control and optimization functions. Wherein GTP-USRv6, SRv and VxLAN are communication protocols.
Specifically, through real-time detection of the UPF capability opening function module, network load exceeding a threshold value or network risk such as abnormal network traffic exists can be detected, so that a defense mechanism such as a firewall, equipment portrait analysis and other network regulation and control mechanisms can be triggered, for example, the bandwidth of a common user, a network congestion control algorithm and the like are increased to optimize a 5G network, thereby ensuring the experience of the normal user for accessing the network and ensuring the stability, reliability and safety of the 5G core network.
Optionally, in this embodiment, the network quality control method may further include:
performing real-time anomaly detection on the network service quality data to obtain a network detection result;
when the network detection result indicates that the target network has an abnormal problem, quality control is performed on the target network based on a target network control strategy corresponding to the abnormal problem.
The embodiment can detect the target network in real time and find abnormal problems in time, where the detection may include detection of incoming and outgoing traffic, jitter, response time, delay, and the like.
The corresponding network regulation strategy can be determined according to the network risk type corresponding to the abnormal problem, and then quality regulation is performed on the target network based on the network regulation strategy.
For example, the anomaly issue herein may include that future network loads will exceed a threshold, that there is abnormal network traffic, and so on. If only the future network load is detected to exceed the threshold value, the network load is serious possibly due to the overlarge data access quantity of the normal user, and for the network risk type, a load regulation strategy can be executed on the target network, and particularly, the network service performance can be upgraded, and a current limiting algorithm or a congestion control algorithm can be used. If only abnormal network traffic is detected, it may be that a certain user accesses a plurality of services to cause the identified abnormal traffic, and for such a network risk type, a device portrait analysis function may be started to determine the device identity of the service device accessing the target network, and if the device is identified as an abnormal device later, a firewall may be further started to avoid the network from being attacked.
If the future network load is detected to exceed the threshold value and abnormal network traffic exists, the probability of the network risk type of the DDos attack of the target network is high, so that the intelligent firewall can be started to establish the network security defense strategy.
Specifically, in some embodiments, the UPF capability opening function may be utilized to open the real-time Qos data to other servers for performing anomaly detection in real time, so as to better ensure the quality of the target network.
The network quality regulation method provided by the application can calculate the real-time network QoS data under the actual service scene of statistics, caching and opening based on UPF capability opening technology, so as to measure the real-time network quality of the 5G cloud core network based on the real-time network QoS data.
Optionally, in this embodiment, the network quality regulation method is applied to a network device, where the network device includes a user plane function component; the step of collecting, in real time, traffic data in a target network, where the traffic data includes at least one network data packet may include:
acquiring service flow data in a target network in real time through the user plane functional component, wherein the service flow data comprises at least one network data packet;
The step of performing real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension may include:
carrying out real-time statistical analysis on the network data packet through the user plane functional component to obtain network service quality data of the target network in at least one dimension;
the step of performing real-time anomaly detection on the network service quality data to obtain a network detection result may include:
and transmitting the network service quality data to an anomaly detection server in real time through a data opening function of the user plane functional component so as to trigger the anomaly detection server to perform real-time anomaly detection on the network service quality data to obtain a network detection result.
The network service quality data is transmitted to the abnormality detection server in real time through the data opening function of the user plane function assembly, specifically, the network service quality data is transmitted to the abnormality detection server in real time by utilizing the opening interface of the user plane function assembly (UPF).
103. And determining predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model.
The Network quality prediction model may be a neural Network model, which may specifically be a convolutional neural Network (CNN, convolutional Neural Networks), a Residual Network (Residual Network), a dense connection convolutional Network (DenseNet, dense Convolutional Network), or the like, but it should be understood that the neural Network of the present embodiment is not limited to only the types listed above.
Specifically, the step of determining predicted network quality of service data of the target network in a future time period according to the network quality of service data through a network quality prediction model may include:
extracting the characteristics of the network service quality data through a network quality prediction model to obtain the characteristic information of the network service quality data;
and predicting predicted network service quality data of the target network in a future time period based on the characteristic information.
Wherein the predicted network quality of service data for the target network at a future time period may be predicted by a classifier in the neural network model. The classifier may specifically be a support vector machine (SVM, support Vector Machine), a cyclic neural network, a fully connected deep neural network (DNN, deep Neual Networks), or the like, which is not limited in this embodiment.
The present application can utilize PQoS techniques to predict network quality for future time periods. The future time period here may be with respect to the acquisition time corresponding to the network quality of service data input by the network quality prediction model, and in particular, the future time period here may be a time period after the acquisition time.
Among them, the PQoS technology, i.e., network quality prediction technology (Network Prediction of QoS), is to predict and evaluate future network performance by using technologies such as network data and machine learning, so as to discover potential problems in advance, optimize network performance, and improve quality of experience (QoE) of users. This technique can be used to evaluate the performance in terms of availability, reliability, mobility, etc. of the network. In a 5G network, the network quality prediction technique may help to implement real-time monitoring and optimization of the network to improve user experience. For example, the network quality prediction technology can be used for scenes such as on-site production line equipment control, robot control, automatic Guided Vehicle (AGV) control, 5G programmable logic controller and the like, so as to realize wireless and flexible manufacturing in the industrial internet.
In this embodiment, when the security scenario is oriented, the fast recognition of the network attack can be implemented based on AI prediction, for example, the model predicts that the network load is seriously increased in a future period of time, and if DDoS attack may exist, an additional current limiting or load balancing algorithm can be introduced, and a firewall is adopted to defend, so as to ensure the stability of the network.
In particular, to reduce core network overhead, the present application may deploy network quality prediction models on independent and stable cloud servers.
Optionally, in this embodiment, the step of determining, by a network quality prediction model, predicted network quality of service data of the target network in a future time period according to the network quality of service data may include:
transmitting the network service quality data to a prediction server through an open interface, wherein the prediction server is stored with a network quality prediction model;
triggering the prediction server to determine predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model.
The present embodiment may use an independent qos prediction server to make network quality predictions. The prediction server can be deployed on the cloud, and is stable and reliable.
The application can utilize UPF capability opening technology to open Qos data to the prediction server so as to predict network quality through the AI model on the prediction server, thus ensuring the communication quality and the safety reliability of the 5G network and enhancing the stability and the self-adaptive capability of the network.
The UPF capability opening technology (UPF Capability Exposure) is a technology used in a 5G network, and aims to implement flexible scheduling and customizing services of network capability through opening of User Plane Functions (UPFs), so as to improve network performance and user experience. The UPF capability opening technology provides a more flexible and customized network management mode, and can dynamically allocate and optimize network resources according to different application scenes and service requirements. The method of UPF capability opening technology is to introduce an opening interface on UPF to expose its functions and capabilities to application programs and services, so as to realize flexible scheduling and management of network resources. The method can effectively improve the utilization rate and efficiency of network resources and support more diversified and personalized services. The significance of the UPF capability opening technology is that the UPF capability opening technology can improve the performance and user experience of the 5G network and realize more flexible, efficient and personalized service. Meanwhile, the method can promote industry coordination and innovation, and provides a wider space for the development of 5G application. For example, the UPF capability opening technology can be used in a 5G internet of vehicles scene, and through real-time acquisition and analysis of vehicle data, intelligent detection and optimization of the running state of the vehicle are realized, and running safety and efficiency are improved. In addition, the UPF capability opening technology can be also used in intelligent medical scenes, intelligent detection and prediction of the health state of a patient are realized through real-time acquisition and analysis of medical data, and diagnosis and treatment efficiency and accuracy are improved.
104. And verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to the prediction process of the network quality prediction model.
The target prediction time period corresponds to the prediction process of the network quality prediction model. Specifically, when the network quality prediction model performs prediction calculation based on the network quality of service data obtained by real-time statistical analysis, the network quality control system (specifically, UPF) synchronously collects service flow data, and performs statistical analysis on network data packets in the service flow data in real time, so as to obtain real network quality of service data of the target network in the period of time when the model performs prediction calculation, and in this embodiment, the period of time when the model performs prediction calculation may be referred to as a target prediction period. The target prediction time period may specifically be a time period after the acquisition time corresponding to the network quality of service data input by the model and before the current verification time point.
The real network service quality data may be network service quality data that is acquired after the acquisition time corresponding to the network service quality data input by the model and is statistically analyzed before verification. In particular, the actual network quality of service data may be network quality of service data obtained by statistical analysis during the target prediction period.
For example, the collection time corresponding to the network quality of service data input by the network quality prediction model is 5 points 0 minutes, the network quality prediction model performs quality prediction calculation based on the network quality of service data in a time period from 5 points 0 minutes to 5 points 1 minutes, and outputs predicted network quality of service data in a time period from 5 points 1 minutes, where the predicted network quality of service data specifically refers to the network quality of the target network from 5 points 0 minutes to 5 points 5 minutes, that is, the future time period refers to the time period from 5 points 0 minutes to 5 points 5 minutes. It can be understood that, when the network quality prediction model performs quality prediction calculation, the UPF also synchronously collects service flow data in real time, and performs real-time statistical analysis on network service quality data, and in the period of time when the model performs quality prediction, network service quality data in the period of time, that is, real network service quality data, can be correspondingly obtained, and if the predicted network service quality data is checked immediately after the predicted network service quality data is output, the target prediction time period can be a time period from 5 points 0 to 5 points 1 minute.
The embodiment considers the problem of insufficient generalization capability of the network quality prediction model. In some specific scenarios, the prediction effect may be greatly reduced in the face of the corner case data that the model does not see, which may cause a safety hazard. Therefore, the application provides an auxiliary enhancement means for UPF real-time data statistics to ensure the accuracy of the prediction effect, and particularly, the application can correct the prediction model based on a UPF real-time detection mechanism to ensure the accuracy of the prediction model.
Optionally, in this embodiment, the step of "verifying the predicted network quality of service data based on the real network quality of service data of the target network within the target predicted time period obtained by the real-time statistical analysis" may include:
determining real network service quality data of the target network within a target prediction time period, which is obtained by real-time statistical analysis;
calculating the fitting degree between the real network service quality data and the predicted network service quality data so as to check the predicted network service quality data;
and when the fitting degree meets a preset fitting condition, determining the predicted network service quality data as target network service quality data through checking the predicted network service quality data.
Specifically, the real network service quality data and the predicted network service quality data may be presented in a curve manner, and an abscissa of the curve may be time and an ordinate of the curve may be a quality-related index. The real network quality of service data may correspond to a real data curve and the predicted network quality of service data may correspond to a predicted data curve. In this embodiment, the fitting degree between the real network quality of service data and the predicted network quality of service data is calculated, that is, the fitting degree between the real data curve and the predicted data curve is calculated.
The time periods corresponding to the real network service quality data (specifically, the target predicted time period) and the time periods corresponding to the predicted network service quality data (specifically, the future time period) may be different, or even more different. Specifically, when the difference between the time lengths is not greater than a preset value, the fitting degree can be calculated directly on the real network service quality data and the predicted network service quality data, and particularly the fitting degree can be calculated based on some regression evaluation indexes, so that the effect of the prediction model is measured according to the fitting degree. When the difference of the time lengths of the real network service quality data and the predicted network service quality data is larger than a preset value, the fitting degree of the real network service quality data and the predicted network service quality data cannot be calculated directly, and some transformation processing is needed. The preset value may be set according to actual situations, for example, may also be set to 0.
The preset fitting condition can be set according to actual conditions, for example, the preset fitting condition can be that the fitting degree is higher than the preset fitting degree. When the fitting degree meets the preset fitting condition, the predicted network service quality data can be considered to pass the verification, otherwise, the predicted network service quality data can not pass the verification, and correction processing is required.
Specifically, the following three regression evaluation indexes may be used respectively: MAE, RMSE, and R-party indices to calculate the fitness of the actual network quality of service data and the predicted network quality of service data. Only when the error is small enough will the output result of the predictive model be taken in, so as to avoid misoperation of the network. As shown in the following formulas (1), (2) and (3), the formula (a) and (b) are respectively MAE, RMSE and R-side index:
(1)
(2)
(3)
wherein MAE represents the mean square error, RMSE represents the root mean square error,representing real network quality of service data +.>Representing predicted network quality of service data.
Optionally, in an embodiment, if the errors calculated by the three regression evaluation indexes are smaller than the preset value, the fitting degree of the real network service quality data and the predicted network service quality data may be considered to satisfy the preset fitting condition.
When the difference between the time length of the time period corresponding to the real network service quality data and the time period corresponding to the predicted network service quality data is larger than a preset value, a DTW (Dynamic Time Warping ) algorithm can be adopted to measure the fitting degree of the real network service quality data and the predicted network service quality data.
The DTW can calculate the similarity of two time series, and is particularly suitable for time series with different lengths and different rhythms. DTW will warp the time series automatically (i.e. locally scaled on the time axis) so that the morphology of the two sequences is as consistent as possible, yielding the highest possible similarity. Specifically, the DTW adopts a method of dynamic programming DP (dynamic programming) to perform calculation of time warping.
Based on the DTW algorithm, one (or both) of the sequences needs to be warped in the time axis before comparing the similarity of the true network quality of service data and the predicted network quality of service data to achieve better alignment. DTW calculates the similarity between two time series by extending and shortening the time series.
Optionally, in this embodiment, the step of "calculating the fitting degree between the real network quality of service data and the predicted network quality of service data" may include:
When the difference value of the time length of the future time period and the target prediction time period is larger than a preset value, carrying out transformation processing on a time axis on a data sequence corresponding to the prediction network service quality data to obtain a processed prediction data sequence;
performing conversion processing on a time axis on a data sequence corresponding to the real network service quality data to obtain a processed real data sequence;
calculating the similarity between the processed predicted data sequence and the processed real data sequence;
and determining the fitting degree between the real network service quality data and the predicted network service quality data based on the similarity.
The transformation process may be a transformation process such as extension and shortening.
Specifically, when the "real data curve" obtained by the UPF real-time acquisition function is used to enhance and correct the "predicted data curve" output by the network quality prediction model, a Dynamic Time Warping (DTW) algorithm may be used to measure the similarity between the two curves, considering that the lengths of the two curves are not equal, where the DTW algorithm is specifically shown in formula (4):
(4)
wherein, the liquid crystal display device comprises a liquid crystal display device,can represent the true data curve,/- >Can represent a predictive data curve,/->Sample points on the true data curve, < +.>Representing the sampling points on the predicted data curve, m and n are the time series lengths of the two curves, respectively.
Optionally, in this embodiment, the network quality control method may further include:
and when the fitting degree does not meet the preset fitting condition, correcting the predicted network service quality data based on the real network service quality data to obtain target network service quality data.
There are various ways to correct the predicted network qos data, for example, the correction may be performed by means of weighted summation or online learning of a model, which is not limited in this embodiment.
Optionally, in this embodiment, the step of "correcting the predicted network quality of service data based on the actual network quality of service data to obtain the target network quality of service data" may include:
determining a first weight corresponding to the real network service quality data and a second weight corresponding to the predicted network service quality data;
and according to the first weight and the second weight, fusing the real network service quality data and the predicted network service quality data to obtain target network service quality data.
The first weight and the second weight may be set according to practical situations, which is not limited in this embodiment. Specifically, the method can be set according to the fitting degree of the real network service quality data and the predicted network service quality data, if the fitting degree is relatively high, the first weight can be set to be smaller, and the second weight can be set to be higher; conversely, if the fitting degree is relatively low, the first weight may be set to be a little larger and the second weight may be set to be a little smaller. In a specific embodiment, the first weight may be set to 0.8 and the second weight may be set to 0.2.
The target network quality of service data can be obtained by performing weighted fusion on the real network quality of service data and the predicted network quality of service data based on the first weight and the second weight.
Optionally, in this embodiment, the network quality control method may further include:
and training the network quality prediction model based on the real network service quality data when the fitting degree does not meet the preset fitting condition, so as to obtain a trained network quality prediction model.
Optionally, in this embodiment, the step of "training the network quality prediction model based on the real network quality of service data to obtain a trained network quality prediction model" may include:
Calculating a loss value between the real network quality of service data and the predicted network quality of service data;
and adjusting parameters of the network quality prediction model based on the loss value to obtain a trained network quality prediction model.
The adjustment of parameters of the network quality prediction model may include adjustment of the number of neurons in the network quality prediction model, adjustment of connection weights and offsets between neurons of each layer, and the like.
The parameters of the network quality prediction model can be adjusted by using a back propagation algorithm, and the parameters of the network quality prediction model are optimized based on the loss value between the real network quality of service data and the predicted network quality of service data, so that the predicted network quality of service data approaches to the real network quality of service data, and the trained network quality prediction model is obtained.
The present application can enhance the accuracy of predictions through real-time QoS detection functionality on UPF. Specifically, the application counts real-time network QoS data on UPF network elements, which is a 'real data curve', and the network quality prediction model outputs a 'predicted data curve', and the accuracy of the prediction model is measured by calculating the fitting degree between the two. When the fitting degree is insufficient, a series of measures are adopted for optimization, such as online learning of a model, weighted calculation results and the like, so that accuracy of future network quality judgment is ensured, generalization capability of the model is enhanced, and network scene migration capability is improved.
105. And detecting network abnormality of the target network according to the service quality data of the target network.
Based on the target network service quality data, whether the future network load exceeds a threshold value and whether the abnormal network flow exists or not can be judged.
106. When detecting that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem.
Specifically, a corresponding network regulation strategy can be determined according to a network risk type corresponding to the abnormal problem, and then quality regulation is performed on the target network based on the network regulation strategy.
For example, the anomaly issue herein may include that future network loads will exceed a threshold, that there is abnormal network traffic, and so on. If only the future network load is detected to exceed the threshold value, the network load is serious possibly due to the overlarge data access quantity of the normal user, and for the network risk type, a load regulation strategy can be executed on the target network, and particularly, the network service performance can be upgraded, and a current limiting algorithm or a congestion control algorithm can be used. If only abnormal network traffic is detected, it may be that a certain user accesses a plurality of services to cause the identified abnormal traffic, and for such a network risk type, a device portrait analysis function may be started to determine the device identity of the service device accessing the target network, and if the device is identified as an abnormal device later, a firewall may be further started to avoid the network from being attacked.
If the future network load is detected to exceed the threshold value and abnormal network traffic exists, the probability of the network risk type of the DDos attack of the target network is high, so that the intelligent firewall can be started to establish the network security defense strategy.
Optionally, in this embodiment, the step of "performing quality control on the target network based on the target network control policy corresponding to the abnormal problem" may include:
when the abnormal problem indicates that the target network has attack risk, executing a security defense strategy aiming at the target network so as to regulate and control the quality of the target network;
when the abnormal problem indicates that the target network has network overload risk, executing a load regulation strategy aiming at the target network so as to regulate the quality of the target network;
when the abnormal problem indicates that the abnormal network flow exists in the target network, performing equipment portrait analysis on service equipment accessing the target network to determine the equipment identity of the service equipment;
and when the equipment identity indicates that the service equipment is abnormal equipment, executing a security defense strategy aiming at the target network so as to regulate and control the quality of the target network.
The security defense strategy is executed, specifically, an intelligent firewall is started, and the white list and the black list of the equipment are managed through the intelligent firewall, namely, the IP address and the port which need to be allowed or refused are determined; determining whether to allow the data packet to pass or not according to the session state; detecting DDoS attacks, etc.
The load regulation strategy is executed, and specifically, network service performance is upgraded, a current limiting algorithm or a congestion control algorithm is used, and the like.
Optionally, in this embodiment, the step of "executing a security defense policy for the target network" may include:
intercepting an access request of service equipment aiming at the target network based on a preset abnormal equipment list;
according to the session state of the service equipment accessing the target network, filtering the network data packet corresponding to the service equipment;
and carrying out anomaly detection on the business flow data in the target network based on a preset anomaly rule.
The preset abnormal equipment list may include equipment identification information of the abnormal equipment, and through the preset abnormal equipment list, an access request of the abnormal equipment may be intercepted.
The filtering processing of the network data packet may include forwarding, discarding, etc. If the session state is abnormal, the corresponding network data packet can be discarded.
The preset abnormal rule may be set according to an actual situation, for example, the preset abnormal rule may be a traffic abnormality, a frequent connection, and the like.
The architecture of the network quality regulation method provided by the application can be divided into two modules of network real-time analysis and judgment and optimization regulation. The two modules have high expansion capability, the network real-time analysis and judgment module comprises the functions of real-time statistical analysis, network state detection and AI prediction in UPF, and the design framework based on the real-time analysis and prediction is not only suitable for a 5G core network, but also can be migrated to other network scenes. The optimization regulation module can be further developed into more network regulation applications through an API with open UPF capability, so as to dynamically optimize the network, thereby achieving the aim of providing a more stable, reliable and safe network for users.
In the optimization regulation module, a fixed optimization scheme can be used, such as a pre-defined firewall, a user bandwidth improvement, a congestion control algorithm and the like. In order to reduce the cost overhead and enhance the automation and intelligent capabilities of the framework, the optimization regulation and control module can be designed and developed by further combining reinforcement learning technology.
In a specific scenario, as shown in fig. 1g, an operation flow of the network enhancement mechanism designed by the present application is shown, which is specifically described as follows:
1. when service flow data passes through UPF, the UPF capability opening function module designed by the application can identify the IP data packet; the UPF capability opening function module also comprises a real-time statistics and analysis function, and can calculate QoS data based on the identified IP data packet; in addition, the UPF capability opening function module also provides functions of buffering QoS data and opening QoS data.
2. The prediction server receives real-time QoS data transmitted from the UPF through the open interface and predicts the network quality in a future time period.
3. When it is determined that the future network load exceeds the threshold (set as alert line 1) or that there is abnormal network traffic (set as alert line 2), a secondary determination is entered.
4. The specific network risk is determined, and three cases can be classified here.
If the alert line 1 and the alert line 2 occur simultaneously, that is, the probability of occurrence of DDoS attack is high, the intelligent firewall is started. The intelligent firewall defends the attack, and ensures the stability and safety of the 5G core network.
If only the alert line 1 appears, the network load is serious because the data access volume of the normal user is too large, and at this time, the network quality enhancement mechanism designed by the application automatically adopts an optimization strategy to ensure the high experience of the user using the 5G core network, such as upgrading the network service performance, using a current limiting algorithm or using a congestion control algorithm.
If only the alert line 2 appears, it is possible that a certain user accesses multiple services to be identified as abnormal traffic by the UPF, which enables a User Equipment (UE) portrait analysis function on the UPF to ensure the identity of the device. If the device is judged to be a malicious device subsequently, the intelligent firewall and the traffic positioning are further enabled to avoid the network from being attacked.
The intelligent firewall can be developed based on a VPP framework, and comprises 5 functional modules, which are respectively as follows:
(1) And a data packet analysis module: the analysis and extraction of the data packet are realized, and the information comprises a destination IP address, a destination port, a source IP address, a source port and the like.
(2) Black and white list module: and the management of the white list and the black list is realized, namely, the IP address and the port which need to be allowed or refused are determined.
(3) The state detection module is used for: the detection and management of the session state are realized, namely whether the data packet is allowed to pass or not is determined according to the session state.
(4) Attack detection module: detection of DDoS attacks and the like is achieved, wherein the detection comprises traffic abnormality, frequent connection and the like.
(5) And a data packet processing module: the operations such as forwarding, discarding or releasing the data packet are realized.
The application belongs to the technical field of networks, and can dynamically regulate the 5G core network in real time by combining UPF capability opening technology in the 5G core network and AI prediction network QoS function, thereby ensuring the performance, stability and safety of the network. The overall architecture of the present application is shown in fig. 1h, and is specifically described as follows:
Step 1) acquisition and calculation of real-time network QoS data. This step can be divided into two modes: the first method is to calculate the network delay, jitter and throughput in unit time based on a pcap (packet capture) file and a pyshare; the second is based on UPF capability open technology, where jitter, latency, and throughput per unit time are calculated by capturing IP packets in real time. Considering that the first mode needs to perform offline calculation and analysis after completing packet capturing, and a certain time lag problem exists, the embodiment mainly adopts the second mode of real-time calculation and statistics to collect and calculate the bottom network QoS data.
Where pyshare is a Python library used to capture, parse, and analyze network traffic.
Step 2) detecting the network quality in real time based on Qos data: by using the UPF capability opening technology, the network quality is detected in real time based on the opened Qos data, and specifically, the data visualization can be performed through a Pcap tool. pcap (packet capture) consists of an Application Programming Interface (API) that captures network traffic.
And 3) carrying out quality prediction through a network quality prediction model: the calculated real-time QoS data is transmitted to an AI network quality prediction model by utilizing UPF capability opening, and the regulation and management of network quality are further enhanced by combining artificial intelligence and deep learning technology. Specifically, after the predicted network quality of service data is obtained through the AI network quality prediction model, the predicted network quality of service data may be calibrated based on the real-time Qos data.
Specifically, the step uses real-time network QoS data with open UPF capability to train and deploy a prediction model, and the final goal is to predict network quality conditions such as load in a period of time in the future, so as to judge whether the current network operates normally, encounters DDoS attack, and the like.
Step 4) dynamic self-adaptive management and control of a 5G core network: hardware management is performed through application driving, and specifically, DDoS attacks can be automatically defended based on a trigger mechanism, for example. As shown in fig. 1i, a schematic diagram of a security framework formed by UPF capability opening and AI prediction and a triggering mechanism is illustrated, where when an attacker initiates a DDoS attack on a 5G core network, an AI model in a QoS prediction server and real-time detection of a UPF capability opening function module may obtain a judgment that a network load will exceed a threshold value, so as to trigger a defense mechanism such as a firewall, a white list, a device portrait analysis and other network regulation mechanisms, such as increasing a bandwidth of a general user, a network congestion control algorithm and the like, to optimize the 5G network, ensure experience of a normal user accessing the network, and ensure stability, reliability and security of the 5G core network.
In a specific scenario, as shown in fig. 1j, the test environment of the present application is shown, and the 5GC (5G core network) is tested based on the contact tester, where the contact tester can simulate a normal service scenario, a weak network scenario (increasing access flow, causing network congestion), and a DDoS network attack scenario, respectively. Based on the three simulated scenes, the network quality enhancement mechanism designed by the application can be tested and verified.
The contact tester can simulate that many UEs send information to the server through 5 GC.
Fig. 1k specifically illustrates a real-time call scenario when a contact tester is used to test and verify a 5G network, and specifically, a call flow of a UE may include UE Registration (user equipment Registration), UE Requested PDU Session Establishment (PDU session establishment requested by a user equipment), UE Requested PDU Session Release (PDU session release requested by a user equipment), UE initiated Deregistration (user equipment de-Registration).
Wherein PDU (Protocol Data Unit) is a protocol data unit.
The contact tester can respectively support two modes of testing: the first is that the control plane is tested alone and can be used for testing the normal communication of signaling data; the second is the service mode test of the control plane and the user plane, namely, the scene when the user normally surfs the internet is simulated, so that DDoS attack, such as SMF signaling DDoS and flow DDoS attack of the UE side, can be simulated in the mode to verify the network quality strengthening mechanism based on UPF capability open design.
Fig. 1l shows the corresponding test steps for a comparative test in two network scenarios, respectively. The first is to test the service access condition under the 5G network based on the contact tester in the common 5G network environment, namely, without adopting the network quality enhancement mechanism designed by the application. The second scenario is to perform service access test after introducing the network quality enhancement mechanism designed by the network quality control method of the present application into the 5G core network.
As shown in fig. 1l, to verify the effectiveness of the network enhancement mechanism of the present application, a comparative test was performed. Four different types of tasks are tested in two 5G network environments respectively, and the following is specific:
1) Testing normal service flow, comparing the performance of the common network, ensuring that the application does not bring extra performance reduction problem to the 5G core network;
2) Testing high load flow, namely, network congestion is caused by streaming through the iperf or configuring high load service through the contact tester, so that weak network conditions are simulated, and the testing aim is to hope that the 5G core network can effectively perform self-adaptive regulation and control of the network after introducing the mechanism designed by the application, so as to ensure the stability of the network and the experience of a user accessing the network, for example, to relieve the phenomenon of blocking and screen-patterning caused by network congestion when a user side plays videos;
Wherein, ipref is a network performance testing tool. Ipref can test maximum TCP and UDP bandwidth performance with various parameters and UDP characteristics.
3) Based on the contact tester simulation test DDoS network attack, the aim of comparison test is to verify the effectiveness of the network quality strengthening mechanism combining UPF capability opening and AI prediction. For example, the mechanism provided by the application enables the 5G core network to effectively trigger an intelligent firewall or an abnormal traffic analysis function when suffering from DDoS attack so as to defend and alleviate the attack;
4) Based on the contact tester, the method simulates and tests abnormal flow, and verifies whether the UPF capability opening technology designed by the application can effectively detect network quality and count, analyze and position abnormal flow data.
The application provides a set of real-time network optimization architecture to enhance the self-adaptive capacity of a 5G cloud core network, wherein the network optimization architecture can comprise: the test proves that the method provided by the application can adaptively optimize the network under various network scenes such as network congestion, DDoS attack and the like, and further improves the performance of the 5G cloud core network.
The application belongs to the field of 5G network communication, and mainly aims to improve the reliability of a 5G cloud core network through UPF capability opening and AI technology. The application mainly supports industrial Internet projects, 5G remote driving and digital twinning projects with strict requirements on network quality.
In a specific scenario, as shown in fig. 1m, the support of the present application for 5G remote driving is shown, where a camera at a vehicle end transmits video stream data through a 5G private network, and finally the data is transmitted to an end user side such as a simulated cockpit, a user interface, a video display window, a Web large screen, and the like for playing. Specifically, the camera of the vehicle end can transmit video stream data to a signaling server, a media server and a Web (network) server of the cloud end through an MEC (Mobile Edge Computing) gateway, then the signaling server of the cloud end transmits related display instructions of the video stream data to the user end through a data channel, the media server and the Web server of the cloud end transmit the video stream data to the user end through the media channel, and finally the user end can display the video stream data after processing the video stream data based on the display instructions through a control end processing program.
The application value of the application in the product is to improve the performance, reliability and safety of stream media data transmission. The quality of the current 5G network is counted and displayed in real time by using the UPF capability opening technology, and the method is beneficial to locating and repairing the network in time when the network has problems. Meanwhile, the real-time network QoS data provided by the UPF capability opening technology can be used as an API to be opened to an upper layer application, and after the upper layer application acquires the bottom layer network data, more applications can be developed to be integrated into the whole ecology, so that the experience of surfing the Internet of a user is further improved.
Among other things, mobile Edge Computing (MEC) is a network architecture in which the closer to the edge of a mobile network, the more data processing capacity. In particular, MECs provide IT (Information technology ) service environments and cloud computing capabilities for mobile network edges, which can eventually implement millisecond-scale applications by performing partial caching, data transfer and computation at the mobile network edge to offset the delays associated with the backhaul.
In another specific scenario, as shown in fig. 1n, the network support of products such as a vehicle and road collaborative operation and operation control platform is shown. Roadside devices such as millimeter wave radars, lidars or cameras are directed to a V2X (Vehicle-to-evaluation) server through roadside awareness collected roadside data, which is then transmitted to end users (e.g., applets, electronic maps, car sets, other apps, etc.) through a 5G core network. In the product, the UPF capability opening technology, AI prediction, real-time QoS detection and network security guarantee mechanism designed by the application can effectively support data transmission and guarantee high efficiency, stability and security of communication.
The internet of vehicles server can comprise five big engines for cloud decision and directional distribution and three big data centers.
In another specific scenario, as shown in FIG. 1o, the network support of the present application for a cloud game product is illustrated. Similar to fig. 1m and fig. 1n, the 5G core network is used to support transmission of service data, and quality, performance and safety of the network are guaranteed by continuously regulating and optimizing the 5G core network, so that cloud game effect is enhanced. Meanwhile, the UPF capability opening technical architecture designed by the application can be used for any 5G core network, and the 5G core network can be provided for various terminal applications, such as video applications, instant messaging applications, cloud game applications and the like, so that the application scene of the application is wider.
The cloud game client can send relevant cloud game instructions to the edge cloud platform through the LTE/NR base station, the edge cloud platform sends the game instructions to the scheduling server through EPC (Evolved Packet Core, evolved packet core network)/5 GC through local shunting and real-time calculation so as to acquire relevant cloud game picture data, the cloud game picture data is returned to the edge cloud platform through the EPC/5GC, and the cloud game picture data is returned to the cloud game client through the edge cloud platform.
The application can be oriented to various service scenes using the 5G core network, and in order to ensure the stability, reliability and safety of the 5G core network, a network quality strengthening mechanism combining UPF capability opening technology and AI prediction model technology is provided, and a comparison test experiment is designed to verify the effectiveness of the mechanism. Meanwhile, the application belongs to the optimization technology of network communication, and can well support product projects such as real-time digital twin, 5G remote driving, industrial Internet and the like.
The application has the advantages of combining UPF capability opening, AI prediction technology and security guarantee technology based on a trigger mechanism to realize high-performance operation of the 5G core network. Meanwhile, the application takes the real-time network monitoring function in UPF capability opening as an auxiliary correction means of the AI prediction model, enhances the accuracy of the prediction model, and provides a whole set of mechanism which has certain reference and application value in the field of 5G communication networks.
The network quality regulation and control method provided by the application can help network providers, enterprises and the like to realize intelligent management of network loads, improve network service quality and network reliability, and meet user demands. In addition, the application has wide technical prospect, can be applied to the fields of 5G networks, cloud computing and the like, and provides more scientific and effective guarantee measures for future network security.
As can be seen from the foregoing, the present embodiment may collect, in real time, traffic flow data in a target network, where the traffic flow data includes at least one network data packet; carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension; determining predicted network quality of service data of the target network in a future time period according to the network quality of service data through a network quality prediction model; verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to a prediction process of the network quality prediction model; detecting network abnormality of the target network according to the target network service quality data; when detecting that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem. The application can be combined with the network quality prediction model to predict the network quality in the future time period, so that the network anomaly problem which possibly occurs can be found or predicted in time, the communication quality and the safety and reliability of the network are ensured, specifically, the predicted network service quality data output by the network quality prediction model can be verified based on the real network service quality data obtained by a real-time acquisition and analysis mechanism, the accuracy of a prediction result is ensured, when the network anomaly is detected based on the verified target network service quality data, a corresponding network regulation strategy can be introduced to regulate and optimize the network, the quality of the network is enhanced, and the stability and the safety of the user surfing the internet are ensured.
The method according to the previous embodiment will be described in further detail below with the network quality control device being integrated in a network device.
The embodiment of the application provides a network quality control method, as shown in fig. 2, the specific flow of the network quality control method can be as follows:
201. the network equipment collects service flow data in a target network in real time, wherein the service flow data comprises at least one network data packet.
The target network may be a 5G network (core network), which is not limited in this embodiment.
The service flow data in the target network can be collected in real time through the UPF component. The traffic data may include a plurality of network packets, where the network packets may be IP (Internet Protocol ) packets.
202. And the network equipment performs real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension.
The real-time statistical analysis of the network data packet may specifically be to analyze the network data packet in real time, obtain time information of the network data packet passing through each network node, so as to obtain round trip delay of data communication of each network node, and the like, and also may be to calculate the current size of the network data packet and the number of the current data packet in real time, so as to determine throughput, and the like.
The network service quality data in each dimension may include time delay, uplink and downlink jitter, uplink and downlink bandwidth, uplink and downlink throughput, and the like. Network quality of service data, i.e. QoS (Quality of Service ) data.
Specifically, the present application can independently count QoS data on the UPF, without adding additional configuration on the UE (User Equipment).
In this embodiment, after the QoS data is acquired and calculated, the data may be analyzed by a statistical analysis functional module on the UPF on the one hand, and the QoS data may be transmitted to the prediction server in the form of an API to perform network quality prediction on the other hand. Meanwhile, by using the UPF capability opening technology, these high-quality underlying network data (i.e., qos data) can be further opened to the application layer to develop various network application apps, and then continuously integrated into the whole ecology to promote further development of the network.
203. And the network equipment carries out real-time anomaly detection on the network service quality data to obtain a network detection result.
The embodiment can detect the target network in real time and find abnormal problems in time, where the detection may include detection of incoming and outgoing traffic, jitter, response time, delay, and the like.
204. When the network detection result indicates that the target network has an abnormal problem, the network equipment performs quality control on the target network based on a target network control strategy corresponding to the abnormal problem.
The corresponding network regulation strategy can be determined according to the network risk type corresponding to the abnormal problem, and then quality regulation is performed on the target network based on the network regulation strategy.
For example, the anomaly issue herein may include that future network loads will exceed a threshold, that there is abnormal network traffic, and so on. If only the future network load is detected to exceed the threshold value, the network load is serious possibly due to the overlarge data access quantity of the normal user, and for the network risk type, a load regulation strategy can be executed on the target network, and particularly, the network service performance can be upgraded, and a current limiting algorithm or a congestion control algorithm can be used. If only abnormal network traffic is detected, it may be that a certain user accesses a plurality of services to cause the identified abnormal traffic, and for such a network risk type, a device portrait analysis function may be started to determine the device identity of the service device accessing the target network, and if the device is identified as an abnormal device later, a firewall may be further started to avoid the network from being attacked.
If the future network load is detected to exceed the threshold value and abnormal network traffic exists, the probability of the network risk type of the DDos attack of the target network is high, so that the intelligent firewall can be started to establish the network security defense strategy.
Specifically, in some embodiments, the UPF capability opening function may be utilized to open the real-time Qos data to other servers for performing anomaly detection in real time, so as to better ensure the quality of the target network.
The network quality regulation method provided by the application can calculate the real-time network QoS data under the actual service scene of statistics, caching and opening based on UPF capability opening technology, so as to measure the real-time network quality of the 5G cloud core network based on the real-time network QoS data.
205. And the network equipment transmits the network service quality data to a prediction server through an open interface, and the prediction server stores a network quality prediction model.
In particular, to reduce core network overhead, the present application may deploy network quality prediction models on independent and stable cloud servers.
206. And the network equipment triggers the prediction server to determine the predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model.
The application can utilize UPF capability opening technology to open Qos data to the prediction server so as to predict network quality through the AI model on the prediction server, thus ensuring the communication quality and the safety reliability of the 5G network and enhancing the stability and the self-adaptive capability of the network.
207. And the network equipment checks the predicted network service quality data based on the real network service quality data of the target network in a target predicted time period, which is obtained by real-time statistical analysis, so as to obtain the target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to the prediction process of the network quality prediction model.
The target prediction time period corresponds to the prediction process of the network quality prediction model. Specifically, when the network quality prediction model performs prediction calculation based on the network quality of service data obtained by real-time statistical analysis, the network quality control system (specifically, UPF) synchronously collects service flow data, and performs statistical analysis on network data packets in the service flow data in real time, so as to obtain real network quality of service data of the target network in the period of time when the model performs prediction calculation, and in this embodiment, the period of time when the model performs prediction calculation may be referred to as a target prediction period. The target prediction time period may specifically be a time period after the acquisition time corresponding to the network quality of service data input by the model and before the current verification time point.
The real network service quality data may be network service quality data that is acquired after the acquisition time corresponding to the network service quality data input by the model and is statistically analyzed before verification. In particular, the actual network quality of service data may be network quality of service data obtained by statistical analysis during the target prediction period.
For example, the collection time corresponding to the network quality of service data input by the network quality prediction model is 5 points 0 minutes, the network quality prediction model performs quality prediction calculation based on the network quality of service data in a time period from 5 points 0 minutes to 5 points 1 minutes, and outputs predicted network quality of service data in a time period from 5 points 1 minutes, where the predicted network quality of service data specifically refers to the network quality of the target network from 5 points 0 minutes to 5 points 5 minutes, that is, the future time period refers to the time period from 5 points 0 minutes to 5 points 5 minutes. It can be understood that, when the network quality prediction model performs quality prediction calculation, the UPF also synchronously collects service flow data in real time, and performs real-time statistical analysis on network service quality data, and in the period of time when the model performs quality prediction, network service quality data in the period of time, that is, real network service quality data, can be correspondingly obtained, and if the predicted network service quality data is checked immediately after the predicted network service quality data is output, the target prediction time period can be a time period from 5 points 0 to 5 points 1 minute.
The embodiment considers the problem of insufficient generalization capability of the network quality prediction model. In some specific scenarios, the prediction effect may be greatly reduced in the face of the corner case data that the model does not see, which may cause a safety hazard. Therefore, the application provides an auxiliary enhancement means for UPF real-time data statistics to ensure the accuracy of the prediction effect, and particularly, the application can correct the prediction model based on a UPF real-time detection mechanism to ensure the accuracy of the prediction model.
Optionally, in this embodiment, the step of "verifying the predicted network quality of service data based on the real network quality of service data of the target network within the target predicted time period obtained by the real-time statistical analysis" may include:
determining real network service quality data of the target network within a target prediction time period, which is obtained by real-time statistical analysis;
calculating the fitting degree between the real network service quality data and the predicted network service quality data so as to check the predicted network service quality data;
and when the fitting degree meets a preset fitting condition, determining the predicted network service quality data as target network service quality data through checking the predicted network service quality data.
Optionally, in this embodiment, the network quality control method may further include:
and when the fitting degree does not meet the preset fitting condition, correcting the predicted network service quality data based on the real network service quality data to obtain target network service quality data.
There are various ways to correct the predicted network qos data, for example, the correction may be performed by means of weighted summation or online learning of a model, which is not limited in this embodiment.
Optionally, in this embodiment, the step of "correcting the predicted network quality of service data based on the actual network quality of service data to obtain the target network quality of service data" may include:
determining a first weight corresponding to the real network service quality data and a second weight corresponding to the predicted network service quality data;
and according to the first weight and the second weight, fusing the real network service quality data and the predicted network service quality data to obtain target network service quality data.
The first weight and the second weight may be set according to practical situations, which is not limited in this embodiment. Specifically, the method can be set according to the fitting degree of the real network service quality data and the predicted network service quality data, if the fitting degree is relatively high, the first weight can be set to be smaller, and the second weight can be set to be higher; conversely, if the fitting degree is relatively low, the first weight may be set to be a little larger and the second weight may be set to be a little smaller.
Optionally, in this embodiment, the network quality control method may further include:
and training the network quality prediction model based on the real network service quality data when the fitting degree does not meet the preset fitting condition, so as to obtain a trained network quality prediction model.
Optionally, in this embodiment, the step of "training the network quality prediction model based on the real network quality of service data to obtain a trained network quality prediction model" may include:
calculating a loss value between the real network quality of service data and the predicted network quality of service data;
and adjusting parameters of the network quality prediction model based on the loss value to obtain a trained network quality prediction model.
208. And the network equipment detects network abnormality of the target network according to the service quality data of the target network.
Based on the target network service quality data, whether the future network load exceeds a threshold value and whether the abnormal network flow exists or not can be judged.
209. When detecting that the target network has an abnormal problem, the network equipment performs quality control on the target network based on a target network control strategy corresponding to the abnormal problem.
Optionally, in this embodiment, the step of "performing quality control on the target network based on the target network control policy corresponding to the abnormal problem" may include:
when the abnormal problem indicates that the target network has attack risk, executing a security defense strategy aiming at the target network so as to regulate and control the quality of the target network;
when the abnormal problem indicates that the target network has network overload risk, executing a load regulation strategy aiming at the target network so as to regulate the quality of the target network;
when the abnormal problem indicates that the abnormal network flow exists in the target network, performing equipment portrait analysis on service equipment accessing the target network to determine the equipment identity of the service equipment;
and when the equipment identity indicates that the service equipment is abnormal equipment, executing a security defense strategy aiming at the target network so as to regulate and control the quality of the target network.
The security defense strategy is executed, specifically, an intelligent firewall is started, and the white list and the black list of the equipment are managed through the intelligent firewall, namely, the IP address and the port which need to be allowed or refused are determined; determining whether to allow the data packet to pass or not according to the session state; detecting DDoS attacks, etc.
The load regulation strategy is executed, and specifically, network service performance is upgraded, a current limiting algorithm or a congestion control algorithm is used, and the like.
Optionally, in this embodiment, the step of "executing a security defense policy for the target network" may include:
intercepting an access request of service equipment aiming at the target network based on a preset abnormal equipment list;
according to the session state of the service equipment accessing the target network, filtering the network data packet corresponding to the service equipment;
and carrying out anomaly detection on the business flow data in the target network based on a preset anomaly rule.
The preset abnormal equipment list may include equipment identification information of the abnormal equipment, and through the preset abnormal equipment list, an access request of the abnormal equipment may be intercepted.
The filtering processing of the network data packet may include forwarding, discarding, etc. If the session state is abnormal, the corresponding network data packet can be discarded.
The preset abnormal rule may be set according to an actual situation, for example, the preset abnormal rule may be a traffic abnormality, a frequent connection, and the like.
The application can provide a network quality enhancement technology combining UPF (unified Power flow) with real-time detection and model prediction of QoS (quality of service) data to ensure the safety of a 5G network and improve the robustness. Compared with the prior related art, the method combines network quality monitoring and AI prediction technologies at the same time, and enhances the accuracy of AI prediction through real-time statistical analysis. In addition, on the UPF security threat level caused by DDoS attack, the application further introduces a defending measure based on triggering on the basis of statistics and prediction, specifically, when the network quality is detected to be reduced or the DDoS attack is encountered, a security triggering mechanism is introduced to regulate and optimize the network, thereby realizing the comprehensive guarantee of UPF security.
As can be seen from the foregoing, in this embodiment, service traffic data in a target network may be collected in real time through a network device, where the service traffic data includes at least one network data packet; carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension; performing real-time anomaly detection on the network service quality data to obtain a network detection result; when the network detection result indicates that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem; transmitting the network service quality data to a prediction server through an open interface, wherein the prediction server is stored with a network quality prediction model; triggering the prediction server to determine predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model; verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to a prediction process of the network quality prediction model; detecting network abnormality of the target network according to the target network service quality data; when detecting that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem.
The application can be combined with the network quality prediction model to predict the network quality in the future time period, so that the network anomaly problem which possibly occurs can be found or predicted in time, the communication quality and the safety and reliability of the network are ensured, specifically, the predicted network service quality data output by the network quality prediction model can be verified based on the real network service quality data obtained by a real-time acquisition and analysis mechanism, the accuracy of a prediction result is ensured, when the network anomaly is detected based on the verified target network service quality data, a corresponding network regulation strategy can be introduced to regulate and optimize the network, the quality of the network is enhanced, and the stability and the safety of the user surfing the internet are ensured.
In order to better implement the above method, the embodiment of the present application further provides a network quality control device, as shown in fig. 3, where the network quality control device may include an acquisition unit 301, a statistical analysis unit 302, a prediction unit 303, a verification unit 304, a detection unit 305, and a control unit 306, as follows:
(1) An acquisition unit 301;
the system comprises an acquisition unit, a network data packet acquisition unit and a network data packet acquisition unit, wherein the acquisition unit is used for acquiring service flow data in a target network in real time, and the service flow data comprises at least one network data packet.
(2) A statistical analysis unit 302;
and the statistical analysis unit is used for carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension.
(3) A prediction unit 303;
and the prediction unit is used for determining predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model.
Alternatively, in some embodiments of the present application, the prediction unit may include a transmission subunit and a prediction subunit, as follows:
the transmission subunit is configured to transmit the network quality of service data to a prediction server through an open interface, where the prediction server stores a network quality prediction model;
and the prediction subunit is used for triggering the prediction server to determine the predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model.
(4) A verification unit 304;
and the verification unit is used for verifying the predicted network service quality data based on the real network service quality data of the target network in a target predicted time period, which is obtained by real-time statistical analysis, so as to obtain the target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to the prediction process of the network quality prediction model.
Alternatively, in some embodiments of the present application, the verification unit may include a determination subunit, a calculation subunit, and a verification pass subunit, as follows:
the determining subunit is used for determining real network service quality data of the target network within a target prediction time period, which is obtained through real-time statistical analysis;
a calculating subunit, configured to calculate a fitting degree between the real network quality of service data and the predicted network quality of service data, so as to verify the predicted network quality of service data;
and the verification passing subunit is used for determining the predicted network service quality data as target network service quality data through verification of the predicted network service quality data when the fitting degree meets a preset fitting condition.
Optionally, in some embodiments of the present application, the network quality control device may further include a correction unit, as follows:
and the correction unit is used for correcting the predicted network service quality data based on the real network service quality data to obtain target network service quality data when the fitting degree does not meet the preset fitting condition.
Alternatively, in some embodiments of the present application, the correction unit may include a weight determination subunit and a fusion subunit, as follows:
the weight determining subunit is configured to determine a first weight corresponding to the real network quality of service data and a second weight corresponding to the predicted network quality of service data;
and the fusion subunit is used for fusing the real network service quality data and the predicted network service quality data according to the first weight and the second weight to obtain target network service quality data.
Optionally, in some embodiments of the present application, the network quality control device may further include a training unit, as follows:
and the training unit is used for training the network quality prediction model based on the real network service quality data when the fitting degree does not meet the preset fitting condition, so as to obtain a trained network quality prediction model.
Alternatively, in some embodiments of the present application, the training unit may include a loss calculation subunit and an adjustment subunit, as follows:
the loss calculation subunit is configured to calculate a loss value between the real network quality of service data and the predicted network quality of service data;
And the adjustment subunit is used for adjusting parameters of the network quality prediction model based on the loss value to obtain a trained network quality prediction model.
Optionally, in some embodiments of the present application, the calculating subunit may be specifically configured to perform a transform process on a time axis on a data sequence corresponding to the predicted network quality of service data when a difference between the time lengths of the future time period and the target predicted time period is greater than a preset value, to obtain a processed predicted data sequence; performing conversion processing on a time axis on a data sequence corresponding to the real network service quality data to obtain a processed real data sequence; calculating the similarity between the processed predicted data sequence and the processed real data sequence; and determining the fitting degree between the real network service quality data and the predicted network service quality data based on the similarity.
(5) A detection unit 305;
and the detection unit is used for detecting network abnormality of the target network according to the target network service quality data.
(6) A regulation unit 306;
and the regulating and controlling unit is used for regulating and controlling the quality of the target network based on a target network regulating and controlling strategy corresponding to the abnormal problem when the abnormal problem exists in the target network.
Optionally, in some embodiments of the present application, the regulation unit may include a first execution subunit, a second execution subunit, an analysis subunit, and a third execution subunit, as follows:
the first execution subunit is configured to execute a security defense policy for the target network when the abnormal problem indicates that the target network has a risk of being attacked, so as to perform quality control on the target network;
a second execution subunit, configured to execute a load regulation policy for the target network when the abnormal problem indicates that the target network has a network overload risk, so as to perform quality regulation on the target network;
an analysis subunit, configured to perform device representation analysis on a service device accessing the target network when the abnormal problem indicates that the target network has abnormal network traffic, so as to determine a device identity of the service device;
and the third execution subunit is used for executing a security defense strategy aiming at the target network when the equipment identity indicates that the service equipment is abnormal equipment so as to regulate and control the quality of the target network.
Optionally, in some embodiments of the present application, the first execution subunit may be specifically configured to intercept an access request for a service device of the target network based on a preset abnormal device list; according to the session state of the service equipment accessing the target network, filtering the network data packet corresponding to the service equipment; and carrying out anomaly detection on the business flow data in the target network based on a preset anomaly rule.
Optionally, in some embodiments of the present application, the network quality control apparatus may further include an anomaly detection unit and a quality control unit, as follows:
the abnormality detection unit is used for carrying out real-time abnormality detection on the network service quality data to obtain a network detection result;
and the quality control unit is used for controlling the quality of the target network based on a target network control strategy corresponding to the abnormal problem when the network detection result indicates that the target network has the abnormal problem.
Optionally, in some embodiments of the present application, the network quality control apparatus is adapted to a network device, where the network device includes a user plane function component;
the acquisition unit can be specifically used for acquiring service flow data in a target network in real time through the user plane functional component, wherein the service flow data comprises at least one network data packet;
the statistical analysis unit may be specifically configured to perform real-time statistical analysis on the network data packet through the user plane function component to obtain network quality of service data of the target network in at least one dimension;
the anomaly detection unit may be specifically configured to transmit the network quality of service data to an anomaly detection server in real time through a data opening function of the user plane function component, so as to trigger the anomaly detection server to perform real-time anomaly detection on the network quality of service data, thereby obtaining a network detection result.
As can be seen from the foregoing, in this embodiment, the collecting unit 301 may collect, in real time, traffic data in the target network, where the traffic data includes at least one network data packet; performing real-time statistical analysis on the network data packet through a statistical analysis unit 302 to obtain network service quality data of the target network in at least one dimension; determining, by the prediction unit 303, predicted network quality of service data of the target network at a future time period according to the network quality of service data by a network quality prediction model; the verification unit 304 is used for verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, so as to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to the prediction process of the network quality prediction model; detecting network abnormality of the target network according to the target network service quality data by a detection unit 305; when detecting that the target network has an abnormal problem, the regulating and controlling unit 306 regulates and controls the quality of the target network based on a target network regulating and controlling strategy corresponding to the abnormal problem. The application can be combined with the network quality prediction model to predict the network quality in the future time period, so that the network anomaly problem which possibly occurs can be found or predicted in time, the communication quality and the safety and reliability of the network are ensured, specifically, the predicted network service quality data output by the network quality prediction model can be verified based on the real network service quality data obtained by a real-time acquisition and analysis mechanism, the accuracy of a prediction result is ensured, when the network anomaly is detected based on the verified target network service quality data, a corresponding network regulation strategy can be introduced to regulate and optimize the network, the quality of the network is enhanced, and the stability and the safety of the user surfing the internet are ensured.
The embodiment of the application also provides an electronic device, as shown in fig. 4, which shows a schematic structural diagram of the electronic device according to the embodiment of the application, where the electronic device may be a terminal or a server, specifically:
the electronic device may include one or more processing cores 'processors 401, one or more computer-readable storage media's memory 402, power supply 403, and input unit 404, among other components. Those skilled in the art will appreciate that the electronic device structure shown in fig. 4 is not limiting of the electronic device and may include more or fewer components than shown, or may combine certain components, or may be arranged in different components. Wherein:
the processor 401 is a control center of the electronic device, connects various parts of the entire electronic device using various interfaces and lines, and performs various functions of the electronic device and processes data by running or executing software programs and/or modules stored in the memory 402, and calling data stored in the memory 402. Optionally, processor 401 may include one or more processing cores; preferably, the processor 401 may integrate an application processor and a modem processor, wherein the application processor mainly processes an operating system, a user interface, an application program, etc., and the modem processor mainly processes wireless communication. It will be appreciated that the modem processor described above may not be integrated into the processor 401.
The memory 402 may be used to store software programs and modules, and the processor 401 executes various functional applications and data processing by executing the software programs and modules stored in the memory 402. The memory 402 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program (such as a sound playing function, an image playing function, etc.) required for at least one function, and the like; the storage data area may store data created according to the use of the electronic device, etc. In addition, memory 402 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device. Accordingly, the memory 402 may also include a memory controller to provide the processor 401 with access to the memory 402.
The electronic device further comprises a power supply 403 for supplying power to the various components, preferably the power supply 403 may be logically connected to the processor 401 by a power management system, so that functions of managing charging, discharging, and power consumption are performed by the power management system. The power supply 403 may also include one or more of any of a direct current or alternating current power supply, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
The electronic device may further comprise an input unit 404, which input unit 404 may be used for receiving input digital or character information and generating keyboard, mouse, joystick, optical or trackball signal inputs in connection with user settings and function control.
Although not shown, the electronic device may further include a display unit or the like, which is not described herein. In particular, in this embodiment, the processor 401 in the electronic device loads executable files corresponding to the processes of one or more application programs into the memory 402 according to the following instructions, and the processor 401 executes the application programs stored in the memory 402, so as to implement various functions as follows:
collecting service flow data in a target network in real time, wherein the service flow data comprises at least one network data packet; carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension; determining predicted network quality of service data of the target network in a future time period according to the network quality of service data through a network quality prediction model; verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to a prediction process of the network quality prediction model; detecting network abnormality of the target network according to the target network service quality data; when detecting that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem.
The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.
As can be seen from the foregoing, the present embodiment may collect, in real time, traffic flow data in a target network, where the traffic flow data includes at least one network data packet; carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension; determining predicted network quality of service data of the target network in a future time period according to the network quality of service data through a network quality prediction model; verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to a prediction process of the network quality prediction model; detecting network abnormality of the target network according to the target network service quality data; when detecting that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem. The application can be combined with the network quality prediction model to predict the network quality in the future time period, so that the network anomaly problem which possibly occurs can be found or predicted in time, the communication quality and the safety and reliability of the network are ensured, specifically, the predicted network service quality data output by the network quality prediction model can be verified based on the real network service quality data obtained by a real-time acquisition and analysis mechanism, the accuracy of a prediction result is ensured, when the network anomaly is detected based on the verified target network service quality data, a corresponding network regulation strategy can be introduced to regulate and optimize the network, the quality of the network is enhanced, and the stability and the safety of the user surfing the internet are ensured.
Those of ordinary skill in the art will appreciate that all or a portion of the steps of the various methods of the above embodiments may be performed by instructions, or by instructions controlling associated hardware, which may be stored in a computer-readable storage medium and loaded and executed by a processor.
To this end, embodiments of the present application provide a computer readable storage medium having stored therein a plurality of instructions capable of being loaded by a processor to perform the steps of any of the network quality regulation methods provided by the embodiments of the present application. For example, the instructions may perform the steps of:
collecting service flow data in a target network in real time, wherein the service flow data comprises at least one network data packet; carrying out real-time statistical analysis on the network data packet to obtain network service quality data of the target network in at least one dimension; determining predicted network quality of service data of the target network in a future time period according to the network quality of service data through a network quality prediction model; verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to a prediction process of the network quality prediction model; detecting network abnormality of the target network according to the target network service quality data; when detecting that the target network has an abnormal problem, performing quality control on the target network based on a target network control strategy corresponding to the abnormal problem.
The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.
Wherein the computer-readable storage medium may comprise: read Only Memory (ROM), random access Memory (RAM, random Access Memory), magnetic or optical disk, and the like.
Because the instructions stored in the computer readable storage medium may execute the steps in any network quality control method provided by the embodiments of the present application, the beneficial effects that any network quality control method provided by the embodiments of the present application can achieve are detailed in the previous embodiments, and are not described herein.
According to one aspect of the present application, there is provided a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The computer instructions are read from a computer-readable storage medium by a processor of a computer device, and executed by the processor, cause the computer device to perform the methods provided in various alternative implementations of the network quality regulation aspects described above.
The foregoing has described in detail a network quality control method and related devices provided by embodiments of the present application, and specific examples have been applied herein to illustrate the principles and embodiments of the present application, where the foregoing examples are provided to assist in understanding the methods and core ideas of the present application; meanwhile, as those skilled in the art will have variations in the specific embodiments and application scope in light of the ideas of the present application, the present description should not be construed as limiting the present application.
Claims (12)
1. A method for regulating and controlling network quality, which is suitable for a network device, wherein the network device includes a user plane function component, the method comprising:
the user plane function component is used for acquiring service flow data in a target network in real time, wherein the service flow data comprises at least one network data packet, the user plane function component is used for distributing the data to different network nodes, and the network nodes comprise an anomaly detection server and a prediction server;
carrying out real-time statistical analysis on the network data packet through the user plane functional component to obtain network service quality data of the target network in at least one dimension;
transmitting the network service quality data to the anomaly detection server in real time through the data opening function of the user plane functional component so as to trigger the anomaly detection server to detect the network anomaly of the target network in real time according to the network service quality data;
transmitting the network service quality data to the prediction server in real time through the data opening function of the user plane function component, wherein the prediction server is stored with a network quality prediction model;
Triggering the prediction server to determine predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model;
verifying the predicted network service quality data based on the real network service quality data of the target network within a target predicted time period, which is obtained by real-time statistical analysis, to obtain target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to a prediction process of the network quality prediction model;
detecting network abnormality of the target network according to the target network service quality data;
when the anomaly detection server or the prediction server detects that the target network has an anomaly problem, quality control is performed on the target network based on a target network control strategy corresponding to the anomaly problem.
2. The method according to claim 1, wherein the verifying the predicted network quality of service data based on the real network quality of service data of the target network in the target predicted time period obtained by the real-time statistical analysis includes:
Determining real network service quality data of the target network within a target prediction time period, which is obtained by real-time statistical analysis;
calculating the fitting degree between the real network service quality data and the predicted network service quality data so as to check the predicted network service quality data;
and when the fitting degree meets a preset fitting condition, determining the predicted network service quality data as target network service quality data through checking the predicted network service quality data.
3. The method according to claim 2, wherein the method further comprises:
and when the fitting degree does not meet the preset fitting condition, correcting the predicted network service quality data based on the real network service quality data to obtain target network service quality data.
4. The method of claim 3, wherein said correcting said predicted network quality of service data based on said real network quality of service data to obtain target network quality of service data comprises:
determining a first weight corresponding to the real network service quality data and a second weight corresponding to the predicted network service quality data;
And according to the first weight and the second weight, fusing the real network service quality data and the predicted network service quality data to obtain target network service quality data.
5. The method according to claim 2, wherein the method further comprises:
and training the network quality prediction model based on the real network service quality data when the fitting degree does not meet the preset fitting condition, so as to obtain a trained network quality prediction model.
6. The method of claim 5, wherein training the network quality prediction model based on the real network quality of service data results in a trained network quality prediction model, comprising:
calculating a loss value between the real network quality of service data and the predicted network quality of service data;
and adjusting parameters of the network quality prediction model based on the loss value to obtain a trained network quality prediction model.
7. The method of claim 2, wherein said calculating a degree of fit between said real network quality of service data and said predicted network quality of service data comprises:
When the difference value of the time length of the future time period and the target prediction time period is larger than a preset value, carrying out transformation processing on a time axis on a data sequence corresponding to the prediction network service quality data to obtain a processed prediction data sequence;
performing conversion processing on a time axis on a data sequence corresponding to the real network service quality data to obtain a processed real data sequence;
calculating the similarity between the processed predicted data sequence and the processed real data sequence;
and determining the fitting degree between the real network service quality data and the predicted network service quality data based on the similarity.
8. The method according to claim 1, wherein the performing quality control on the target network based on the target network control policy corresponding to the anomaly problem includes:
when the abnormal problem indicates that the target network has attack risk, executing a security defense strategy aiming at the target network so as to regulate and control the quality of the target network;
when the abnormal problem indicates that the target network has network overload risk, executing a load regulation strategy aiming at the target network so as to regulate the quality of the target network;
When the abnormal problem indicates that the abnormal network flow exists in the target network, performing equipment portrait analysis on service equipment accessing the target network to determine the equipment identity of the service equipment;
and when the equipment identity indicates that the service equipment is abnormal equipment, executing a security defense strategy aiming at the target network so as to regulate and control the quality of the target network.
9. The method of claim 8, wherein the enforcing a security defense policy for the target network comprises:
intercepting an access request of service equipment aiming at the target network based on a preset abnormal equipment list;
according to the session state of the service equipment accessing the target network, filtering the network data packet corresponding to the service equipment;
and carrying out anomaly detection on the business flow data in the target network based on a preset anomaly rule.
10. A network quality control apparatus adapted for use with a network device, the network device including a user plane function component, the apparatus comprising:
the system comprises a user plane functional component, an acquisition unit and a prediction server, wherein the user plane functional component is used for acquiring service flow data in a target network in real time through the user plane functional component, the service flow data comprises at least one network data packet, the user plane functional component is used for distributing the data to different network nodes, and the network nodes comprise the anomaly detection server and the prediction server;
The statistical analysis unit is used for carrying out real-time statistical analysis on the network data packet through the user plane functional component to obtain network service quality data of the target network in at least one dimension;
the anomaly detection unit is used for transmitting the network service quality data to the anomaly detection server in real time through the data opening function of the user plane functional component so as to trigger the anomaly detection server to detect the network anomaly of the target network in real time according to the network service quality data;
the prediction unit is used for transmitting the network service quality data to the prediction server in real time through the data opening function of the user plane functional component, triggering the prediction server to determine the predicted network service quality data of the target network in a future time period according to the network service quality data through a network quality prediction model, and storing the network quality prediction model on the prediction server;
the verification unit is used for verifying the predicted network service quality data based on the real network service quality data of the target network in a target predicted time period, which is obtained by real-time statistical analysis, so as to obtain the target network service quality data, wherein the future time period comprises the target predicted time period, and the target predicted time period corresponds to the prediction process of the network quality prediction model;
The detection unit is used for detecting network abnormality of the target network according to the target network service quality data;
and the regulating and controlling unit is used for regulating and controlling the quality of the target network based on a target network regulating and controlling strategy corresponding to the abnormal problem when the abnormal problem exists in the target network detected by the abnormal detection server or the prediction server.
11. An electronic device comprising a memory and a processor; the memory stores an application program, and the processor is configured to execute the application program in the memory to perform the operations in the network quality control method according to any one of claims 1 to 9.
12. A computer readable storage medium storing a plurality of instructions adapted to be loaded by a processor to perform the steps in the network quality regulation method of any one of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310813966.6A CN116528274B (en) | 2023-07-05 | 2023-07-05 | Network quality regulation and control method and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310813966.6A CN116528274B (en) | 2023-07-05 | 2023-07-05 | Network quality regulation and control method and related equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116528274A CN116528274A (en) | 2023-08-01 |
| CN116528274B true CN116528274B (en) | 2023-09-22 |
Family
ID=87403339
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310813966.6A Active CN116528274B (en) | 2023-07-05 | 2023-07-05 | Network quality regulation and control method and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116528274B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117176513B (en) * | 2023-10-31 | 2024-01-12 | 湖南承希科技有限公司 | Internet of things data acquisition gateway equipment based on 5G-R technology |
| CN117459188B (en) * | 2023-12-25 | 2024-04-05 | 吉林省吉能电力通信有限公司 | Electric Beidou communication system and communication method based on Beidou communication technology |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109756911A (en) * | 2019-01-31 | 2019-05-14 | 腾讯科技(深圳)有限公司 | Network quality prediction technique, business reorganization method, relevant device and storage medium |
| CN109787846A (en) * | 2019-03-27 | 2019-05-21 | 湖北大学 | A kind of 5G network service quality exception monitoring and prediction technique and system |
| CN110008079A (en) * | 2018-12-25 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Monitor control index method for detecting abnormality, model training method, device and equipment |
| CN110365674A (en) * | 2019-07-11 | 2019-10-22 | 武汉思普崚技术有限公司 | A kind of method, server and system for predicting network attack face |
| CN112312427A (en) * | 2019-07-31 | 2021-02-02 | ***通信集团广东有限公司 | Method for optimizing network quality and electronic equipment |
| CN114531273A (en) * | 2022-01-11 | 2022-05-24 | 北京理工大学 | Method for defending distributed denial of service attack of industrial network system |
| CN115515171A (en) * | 2021-06-21 | 2022-12-23 | ***通信集团湖南有限公司 | Load prediction method and device of SA network and electronic equipment |
| CN115859188A (en) * | 2021-09-24 | 2023-03-28 | 中兴通讯股份有限公司 | Service abnormity prediction method and device, storage medium and electronic device |
| CN115884195A (en) * | 2021-09-28 | 2023-03-31 | 中兴通讯股份有限公司 | Model training method, wireless resource scheduling method and device and electronic equipment |
| CN116056117A (en) * | 2023-01-20 | 2023-05-02 | 中国联合网络通信集团有限公司 | Network anomaly prediction method, device and storage medium |
| CN116074215A (en) * | 2022-12-30 | 2023-05-05 | 中国联合网络通信集团有限公司 | Network quality detection method, device, equipment and storage medium |
| CN116232851A (en) * | 2022-12-28 | 2023-06-06 | 中国电信股份有限公司 | Early warning method and device for network abnormality, electronic equipment and storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2021138157A1 (en) * | 2019-12-31 | 2021-07-08 | Hughes Network Systems, Llc | Traffic flow classification using machine learning |
-
2023
- 2023-07-05 CN CN202310813966.6A patent/CN116528274B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110008079A (en) * | 2018-12-25 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Monitor control index method for detecting abnormality, model training method, device and equipment |
| CN109756911A (en) * | 2019-01-31 | 2019-05-14 | 腾讯科技(深圳)有限公司 | Network quality prediction technique, business reorganization method, relevant device and storage medium |
| CN109787846A (en) * | 2019-03-27 | 2019-05-21 | 湖北大学 | A kind of 5G network service quality exception monitoring and prediction technique and system |
| CN110365674A (en) * | 2019-07-11 | 2019-10-22 | 武汉思普崚技术有限公司 | A kind of method, server and system for predicting network attack face |
| CN112312427A (en) * | 2019-07-31 | 2021-02-02 | ***通信集团广东有限公司 | Method for optimizing network quality and electronic equipment |
| CN115515171A (en) * | 2021-06-21 | 2022-12-23 | ***通信集团湖南有限公司 | Load prediction method and device of SA network and electronic equipment |
| CN115859188A (en) * | 2021-09-24 | 2023-03-28 | 中兴通讯股份有限公司 | Service abnormity prediction method and device, storage medium and electronic device |
| CN115884195A (en) * | 2021-09-28 | 2023-03-31 | 中兴通讯股份有限公司 | Model training method, wireless resource scheduling method and device and electronic equipment |
| CN114531273A (en) * | 2022-01-11 | 2022-05-24 | 北京理工大学 | Method for defending distributed denial of service attack of industrial network system |
| CN116232851A (en) * | 2022-12-28 | 2023-06-06 | 中国电信股份有限公司 | Early warning method and device for network abnormality, electronic equipment and storage medium |
| CN116074215A (en) * | 2022-12-30 | 2023-05-05 | 中国联合网络通信集团有限公司 | Network quality detection method, device, equipment and storage medium |
| CN116056117A (en) * | 2023-01-20 | 2023-05-02 | 中国联合网络通信集团有限公司 | Network anomaly prediction method, device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116528274A (en) | 2023-08-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Eliyan et al. | DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challenges | |
| US11431744B2 (en) | Detection of denial of service attacks | |
| CN116528274B (en) | Network quality regulation and control method and related equipment | |
| Nguyen et al. | Search: A collaborative and intelligent nids architecture for sdn-based cloud iot networks | |
| Bhardwaj et al. | Towards {IoT-DDoS} Prevention Using Edge Computing | |
| US20210352090A1 (en) | Network security monitoring method, network security monitoring device, and system | |
| Stojmenovic et al. | An overview of fog computing and its security issues | |
| Yan et al. | Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges | |
| Krishnan et al. | SDN/NFV security framework for fog‐to‐things computing infrastructure | |
| Guha Roy et al. | A blockchain‐based cyber attack detection scheme for decentralized Internet of Things using software‐defined network | |
| Yan et al. | Survey on zero-trust network security | |
| Yu et al. | A cooperative DDoS attack detection scheme based on entropy and ensemble learning in SDN | |
| US11314614B2 (en) | Security for container networks | |
| Srivastava et al. | Future IoT‐enabled threats and vulnerabilities: State of the art, challenges, and future prospects | |
| Wang et al. | SDNManager: A safeguard architecture for SDN DoS attacks based on bandwidth prediction | |
| Paranjothi et al. | Survey on three components of mobile cloud computing: offloading, distribution and privacy | |
| Petroulakis et al. | Reactive security for SDN/NFV‐enabled industrial networks leveraging service function chaining | |
| Dong et al. | BotDetector: An extreme learning machine‐based Internet of Things botnet detection model | |
| Zheng | Research on SDN-based IoT security architecture model | |
| Chen et al. | A DDoS attack defense method based on blockchain for IoTs devices | |
| Abdulqadder et al. | The DAG blockchain: A secure edge assisted honeypot for attack detection and multi-controller based load balancing in SDN 5G | |
| Li et al. | A cooperative defense framework against application-level DDoS attacks on mobile edge computing services | |
| Kumar et al. | Handling Security Issues in Software-defined Networks (SDNs) Using Machine Learning | |
| Sahu et al. | Detection of rogue nodes in AMI networks | |
| CN116232777B (en) | DDoS attack detection and defense method based on statistical measure in SDN-IIOT and related equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40092600 Country of ref document: HK |