CN1845066A - Automatic protocol recognition method and system - Google Patents
Automatic protocol recognition method and system Download PDFInfo
- Publication number
- CN1845066A CN1845066A CN 200610080453 CN200610080453A CN1845066A CN 1845066 A CN1845066 A CN 1845066A CN 200610080453 CN200610080453 CN 200610080453 CN 200610080453 A CN200610080453 A CN 200610080453A CN 1845066 A CN1845066 A CN 1845066A
- Authority
- CN
- China
- Prior art keywords
- protocol
- agreement
- fingerprint
- type
- sample
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (7)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2006100804535A CN100429617C (en) | 2006-05-16 | 2006-05-16 | Automatic protocol recognition method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2006100804535A CN100429617C (en) | 2006-05-16 | 2006-05-16 | Automatic protocol recognition method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1845066A true CN1845066A (en) | 2006-10-11 |
CN100429617C CN100429617C (en) | 2008-10-29 |
Family
ID=37063994
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2006100804535A Expired - Fee Related CN100429617C (en) | 2006-05-16 | 2006-05-16 | Automatic protocol recognition method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100429617C (en) |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101577704A (en) * | 2008-05-08 | 2009-11-11 | 北京东华合创数码科技股份有限公司 | Network application-level protocol recognition method and system |
CN101282251B (en) * | 2008-05-08 | 2011-04-13 | 中国科学院计算技术研究所 | Method for digging recognition characteristic of application layer protocol |
CN102035698A (en) * | 2011-01-06 | 2011-04-27 | 西北工业大学 | HTTP tunnel detection method based on decision tree classification algorithm |
CN101335654B (en) * | 2007-06-28 | 2012-04-04 | 中兴通讯股份有限公司 | Interface positioning test method and system |
CN102413007A (en) * | 2011-10-12 | 2012-04-11 | 上海奇微通讯技术有限公司 | Deep packet inspection method and equipment |
CN101925895B (en) * | 2007-12-13 | 2012-11-07 | 谷歌公司 | Generic format for efficient transfer data |
CN103164698A (en) * | 2013-03-29 | 2013-06-19 | 华为技术有限公司 | Method and device of generating fingerprint database and method and device of fingerprint matching of text to be tested |
CN103914031A (en) * | 2013-12-04 | 2014-07-09 | 哈尔滨安天科技股份有限公司 | RS-485 bus monitor probe circuit automatically adapting to various protocols |
CN103945287A (en) * | 2013-01-21 | 2014-07-23 | 中兴通讯股份有限公司 | Method for processing message by interface machine and interface machine |
CN104184726A (en) * | 2014-07-25 | 2014-12-03 | 汉柏科技有限公司 | IPS message omission preventive method and device based on protocol identification |
CN101425876B (en) * | 2008-12-16 | 2015-04-22 | 北京中创信测科技股份有限公司 | Communication protocol deciphering method and device |
CN105282133A (en) * | 2014-06-19 | 2016-01-27 | 凯为公司 | A method of forming a Hash input from packet contents and an apparatus thereof |
CN105530098A (en) * | 2015-12-04 | 2016-04-27 | 北京浩瀚深度信息技术股份有限公司 | Protocol fingerprint automatic extraction method and system |
CN105939304A (en) * | 2015-06-11 | 2016-09-14 | 杭州迪普科技有限公司 | Tunnel message analysis method and device |
CN108255675A (en) * | 2018-01-10 | 2018-07-06 | 北京知道创宇信息技术有限公司 | A kind of port diagnostic extracting method, device and computing device |
CN105678188B (en) * | 2016-01-07 | 2019-01-29 | 杨龙频 | The leakage-preventing protocol recognition method of database and device |
CN110855576A (en) * | 2015-12-31 | 2020-02-28 | 杭州数梦工场科技有限公司 | Application identification method and device |
CN111865724A (en) * | 2020-07-28 | 2020-10-30 | 公安部第三研究所 | Information acquisition control implementation method for video monitoring equipment |
CN112272121A (en) * | 2020-09-21 | 2021-01-26 | 中国科学院信息工程研究所 | Effect verification method and system for flow monitoring |
CN112367317A (en) * | 2020-11-09 | 2021-02-12 | 浙江大学 | Endogenous safe WAF fingerprint transformation method |
CN112637223A (en) * | 2020-12-26 | 2021-04-09 | 曙光网络科技有限公司 | Application protocol identification method and device, computer equipment and storage medium |
CN112714045A (en) * | 2020-12-31 | 2021-04-27 | 浙江远望信息股份有限公司 | Rapid protocol identification method based on equipment fingerprint and port |
CN112787875A (en) * | 2019-11-06 | 2021-05-11 | 杭州海康威视数字技术股份有限公司 | Equipment identification method, device and equipment, and storage medium |
CN112995172A (en) * | 2021-02-24 | 2021-06-18 | 合肥优尔电子科技有限公司 | Communication method and communication system for butt joint between Internet of things equipment and Internet of things platform |
CN113705161A (en) * | 2021-08-10 | 2021-11-26 | 博流智能科技(南京)有限公司 | UVM register model rapid generation method and system, and chip verification method and system |
CN114124562A (en) * | 2021-12-02 | 2022-03-01 | 湖北天融信网络安全技术有限公司 | Defense method, defense device, electronic equipment and storage medium |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH08214041A (en) * | 1995-02-03 | 1996-08-20 | Max Co Ltd | Automatic protocol recognition device |
US6895020B2 (en) * | 2001-07-31 | 2005-05-17 | Agilent Technologies, Inc. | Method and apparatus for protocol pattern identification in protocol data units |
CN1203641C (en) * | 2002-10-11 | 2005-05-25 | 北京启明星辰信息技术有限公司 | Method and system for monitoring network intrusion |
CN1612135B (en) * | 2003-10-30 | 2012-07-04 | 北京神州绿盟信息安全科技股份有限公司 | Invasion detection (protection) product and firewall product protocol identifying technology |
-
2006
- 2006-05-16 CN CNB2006100804535A patent/CN100429617C/en not_active Expired - Fee Related
Cited By (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101335654B (en) * | 2007-06-28 | 2012-04-04 | 中兴通讯股份有限公司 | Interface positioning test method and system |
CN101925895B (en) * | 2007-12-13 | 2012-11-07 | 谷歌公司 | Generic format for efficient transfer data |
CN101577704A (en) * | 2008-05-08 | 2009-11-11 | 北京东华合创数码科技股份有限公司 | Network application-level protocol recognition method and system |
CN101282251B (en) * | 2008-05-08 | 2011-04-13 | 中国科学院计算技术研究所 | Method for digging recognition characteristic of application layer protocol |
CN101425876B (en) * | 2008-12-16 | 2015-04-22 | 北京中创信测科技股份有限公司 | Communication protocol deciphering method and device |
CN102035698A (en) * | 2011-01-06 | 2011-04-27 | 西北工业大学 | HTTP tunnel detection method based on decision tree classification algorithm |
CN102035698B (en) * | 2011-01-06 | 2012-07-25 | 西北工业大学 | HTTP tunnel detection method based on decision tree classification algorithm |
CN102413007A (en) * | 2011-10-12 | 2012-04-11 | 上海奇微通讯技术有限公司 | Deep packet inspection method and equipment |
CN102413007B (en) * | 2011-10-12 | 2014-03-26 | 上海奇微通讯技术有限公司 | Deep packet inspection method and equipment |
CN103945287A (en) * | 2013-01-21 | 2014-07-23 | 中兴通讯股份有限公司 | Method for processing message by interface machine and interface machine |
WO2014110903A1 (en) * | 2013-01-21 | 2014-07-24 | 中兴通讯股份有限公司 | Method used by interface machine to process messages and interface machine |
CN103945287B (en) * | 2013-01-21 | 2019-05-10 | 中兴通讯股份有限公司 | A kind of method and interface message processor (IMP) of interface message processor (IMP) processing message |
CN103164698A (en) * | 2013-03-29 | 2013-06-19 | 华为技术有限公司 | Method and device of generating fingerprint database and method and device of fingerprint matching of text to be tested |
CN103164698B (en) * | 2013-03-29 | 2016-01-27 | 华为技术有限公司 | Text fingerprints library generating method and device, text fingerprints matching process and device |
CN103914031A (en) * | 2013-12-04 | 2014-07-09 | 哈尔滨安天科技股份有限公司 | RS-485 bus monitor probe circuit automatically adapting to various protocols |
CN103914031B (en) * | 2013-12-04 | 2016-08-17 | 哈尔滨安天科技股份有限公司 | A kind of RS-485 bus monitoring probe circuit of self adaptation various protocols |
CN105282133A (en) * | 2014-06-19 | 2016-01-27 | 凯为公司 | A method of forming a Hash input from packet contents and an apparatus thereof |
CN105282133B (en) * | 2014-06-19 | 2020-06-23 | 马维尔亚洲私人有限公司 | Method and apparatus for forming hash input from packet content |
CN104184726A (en) * | 2014-07-25 | 2014-12-03 | 汉柏科技有限公司 | IPS message omission preventive method and device based on protocol identification |
CN105939304A (en) * | 2015-06-11 | 2016-09-14 | 杭州迪普科技有限公司 | Tunnel message analysis method and device |
CN105530098B (en) * | 2015-12-04 | 2018-10-09 | 北京浩瀚深度信息技术股份有限公司 | A kind of agreement fingerprint extraction method and system |
CN105530098A (en) * | 2015-12-04 | 2016-04-27 | 北京浩瀚深度信息技术股份有限公司 | Protocol fingerprint automatic extraction method and system |
CN110855576A (en) * | 2015-12-31 | 2020-02-28 | 杭州数梦工场科技有限公司 | Application identification method and device |
CN105678188B (en) * | 2016-01-07 | 2019-01-29 | 杨龙频 | The leakage-preventing protocol recognition method of database and device |
CN108255675A (en) * | 2018-01-10 | 2018-07-06 | 北京知道创宇信息技术有限公司 | A kind of port diagnostic extracting method, device and computing device |
CN112787875A (en) * | 2019-11-06 | 2021-05-11 | 杭州海康威视数字技术股份有限公司 | Equipment identification method, device and equipment, and storage medium |
CN112787875B (en) * | 2019-11-06 | 2022-03-01 | 杭州海康威视数字技术股份有限公司 | Equipment identification method, device and equipment, and storage medium |
CN111865724B (en) * | 2020-07-28 | 2022-02-08 | 公安部第三研究所 | Information acquisition control implementation method for video monitoring equipment |
CN111865724A (en) * | 2020-07-28 | 2020-10-30 | 公安部第三研究所 | Information acquisition control implementation method for video monitoring equipment |
CN112272121A (en) * | 2020-09-21 | 2021-01-26 | 中国科学院信息工程研究所 | Effect verification method and system for flow monitoring |
CN112367317A (en) * | 2020-11-09 | 2021-02-12 | 浙江大学 | Endogenous safe WAF fingerprint transformation method |
CN112367317B (en) * | 2020-11-09 | 2021-09-03 | 浙江大学 | Endogenous safe WAF fingerprint transformation method |
CN112637223A (en) * | 2020-12-26 | 2021-04-09 | 曙光网络科技有限公司 | Application protocol identification method and device, computer equipment and storage medium |
CN112714045A (en) * | 2020-12-31 | 2021-04-27 | 浙江远望信息股份有限公司 | Rapid protocol identification method based on equipment fingerprint and port |
CN112995172A (en) * | 2021-02-24 | 2021-06-18 | 合肥优尔电子科技有限公司 | Communication method and communication system for butt joint between Internet of things equipment and Internet of things platform |
CN112995172B (en) * | 2021-02-24 | 2022-09-09 | 合肥优尔电子科技有限公司 | Communication method and communication system for butt joint between Internet of things equipment and Internet of things platform |
CN113705161A (en) * | 2021-08-10 | 2021-11-26 | 博流智能科技(南京)有限公司 | UVM register model rapid generation method and system, and chip verification method and system |
CN113705161B (en) * | 2021-08-10 | 2024-03-22 | 博流智能科技(南京)有限公司 | UVM register model rapid generation method and system, chip verification method and system |
CN114124562A (en) * | 2021-12-02 | 2022-03-01 | 湖北天融信网络安全技术有限公司 | Defense method, defense device, electronic equipment and storage medium |
CN114124562B (en) * | 2021-12-02 | 2024-05-28 | 湖北天融信网络安全技术有限公司 | Defense method, defense device, electronic equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN100429617C (en) | 2008-10-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1845066A (en) | Automatic protocol recognition method and system | |
CN101035111A (en) | Intelligent protocol parsing method and device | |
CN112738126B (en) | Attack tracing method based on threat intelligence and ATT & CK | |
US9781139B2 (en) | Identifying malware communications with DGA generated domains by discriminative learning | |
CN106357618B (en) | Web anomaly detection method and device | |
US9256831B2 (en) | Match engine for detection of multi-pattern rules | |
Bayer et al. | Scalable, behavior-based malware clustering. | |
US7802009B2 (en) | Automatic reverse engineering of message formats from network traces | |
Shabtai et al. | F-sign: Automatic, function-based signature generation for malware | |
JP2020530638A (en) | Malware Host NetFlow Analysis System and Method | |
CN112651028B (en) | Vulnerability code clone detection method based on context semantics and patch verification | |
CN101034974A (en) | Associative attack analysis and detection method and device based on the time sequence and event sequence | |
CN105046152B (en) | Malware detection method based on function call graph fingerprint | |
CN1738257A (en) | Network intrusion detection system and method based on application protocol detection engine | |
CN112532642B (en) | Industrial control system network intrusion detection method based on improved Suricata engine | |
CN108073808B (en) | Method and system for generating attacker portrait based on pdb debugging information | |
CN115396138A (en) | Tracing graph reduction method and device | |
CN101060492A (en) | Talk detection method and talk detection system | |
CN112788065B (en) | Internet of things zombie network tracking method and device based on honeypots and sandboxes | |
CN109670317B (en) | Internet of things equipment inheritance vulnerability mining method based on atomic control flow graph | |
CN116170186A (en) | Attack code online detection method and device based on network traffic analysis | |
Mostafa et al. | Netdroid: Summarizing network behavior of android apps for network code maintenance | |
CN114157459A (en) | Method and device for automatically generating threat intelligence, computer equipment and storage medium | |
CN113660230A (en) | Cloud security protection test method, system, computer and readable storage medium | |
Xu et al. | FIoTFuzzer: Response-based black-box fuzzing for IoT devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C56 | Change in the name or address of the patentee | ||
CP03 | Change of name, title or address |
Address after: No. 12 South Main Street, Beijing, Haidian District, Zhongguancun Patentee after: Beijing Venus Information Technology Co., Ltd. Address before: No. 12 South Main Street, Beijing, Haidian District, Zhongguancun Patentee before: Beijing Qiming Xingchen Information Technology Co., Ltd. |
|
C56 | Change in the name or address of the patentee |
Owner name: BEIJING QIMINGXINGCHEN INFORMATION TECHNOLOGY CO., Free format text: FORMER NAME: BEIJING QIMING XINGCHEN INFORMATION TECHNOLOGY CO. LTD. |
|
ASS | Succession or assignment of patent right |
Owner name: BEIJING QIMINGXINCHEN INFORMATION SECURITY TECHNOL |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100081 NO.12 ZHONGGUANCUN SOUTH AVENUE, HAIDIAN DISTRICT, BEIJING TO: 100193 QIMINGXINGCHEN BUILDING, BUILDING 21, ZHONGGUANCUN SOFTWARE PARK, NO.8, DONGBEIWANG WEST ROAD, HAIDIAN DISTRICT, BEIJING CITY |
|
TR01 | Transfer of patent right |
Effective date of registration: 20100507 Address after: 100193 Beijing city Haidian District Dongbeiwang qimingxingchenmansionproject Building No. 21 West Road No. 8 Zhongguancun Software Park Co-patentee after: Beijing Venusense Information Security Technology Co., Ltd. Patentee after: Beijing Venus Information Technology Co., Ltd. Address before: 100081 Beijing, Zhongguancun, South Street, No. 12, No. Patentee before: Beijing Venus Information Technology Co., Ltd. |
|
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20081029 Termination date: 20150516 |
|
EXPY | Termination of patent right or utility model |