CN110971530A - Video traffic data identification method, device and equipment - Google Patents
Video traffic data identification method, device and equipment Download PDFInfo
- Publication number
- CN110971530A CN110971530A CN201811141045.5A CN201811141045A CN110971530A CN 110971530 A CN110971530 A CN 110971530A CN 201811141045 A CN201811141045 A CN 201811141045A CN 110971530 A CN110971530 A CN 110971530A
- Authority
- CN
- China
- Prior art keywords
- traffic data
- video
- tcp connection
- flow data
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/19—Flow control; Congestion control at layers above the network layer
- H04L47/193—Flow control; Congestion control at layers above the network layer at the transport layer, e.g. TCP related
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/20—Traffic policing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2483—Traffic characterised by specific attributes, e.g. priority or QoS involving identification of individual flows
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application discloses a method for identifying video flow data, which comprises the following steps: when detecting that a TCP connection is established by a server aiming at a network access request of a client and traffic data is transmitted with the client through the TCP connection, judging whether the traffic data conforms to the statistical characteristics of video traffic; and if so, judging that the traffic data corresponding to the TCP connection are all video traffic data. The method based on the characteristic statistics can identify the TCP connection which transmits the flow data partially conforming to the video flow statistical characteristics so as to block the video flow data, and can ensure the normal use of other network resources sharing the same DNS with the video resource files. The application also discloses a device and equipment for identifying the video flow data and a computer readable storage medium, and the beneficial effects are also achieved.
Description
Technical Field
The present application relates to the field of network technologies, and in particular, to a method, an apparatus, a device, and a computer-readable storage medium for identifying video traffic data.
Background
An Access Controller (AC) is a network device responsible for managing network Access points in a local area network, and its main functions include Access control to different network Access points.
Access control is a security aspect function to prevent or control certain communications and interactions between a user and a network server. For most enterprises and public institutions, it is usually necessary to prevent and control the transmission of video traffic data in their internal lan, so as to avoid the influence of the transmission rate of normal office traffic data.
In view of network security, the existing network transmission process generally adopts encryption measures, typically, the SSL (Secure Sockets Layer) protocol is used to encrypt the network connection. Since the file format corresponding to the encrypted traffic data cannot be seen, the video traffic data cannot be directly identified by the file format, so that in the prior art, the blocking of the video traffic data is mainly realized by using a Domain Name System (DNS) of the video file, that is, the known DNS of the video file is listed in a "black list" so as to uniformly block all the traffic data from the DNS. However, in practical applications, video traffic data and other normal office traffic data share the same DNS many times, for example, large-scale network service products such as Facebook or Youtube, and various network services including video, information, communication, game, etc. use the same common DNS and authentication certificate. Therefore, although the transmission of video traffic data can be intercepted by adopting the blocking method in the prior art, the network use of other normal office services can be influenced.
Therefore, what kind of video traffic data identification method is adopted to perform blocking, and meanwhile, normal use of other types of network resources sharing the DNS with the video traffic data is not affected, which is a technical problem to be solved urgently by those skilled in the art.
Disclosure of Invention
The application aims to provide a method, a device, equipment and a computer readable storage medium for identifying video traffic data, so that the video traffic data can be blocked in a targeted manner without influencing the normal use of other types of network resources sharing a DNS.
In order to solve the above technical problem, the present application provides a method for identifying video traffic data, including:
when detecting that a TCP connection is established by a server aiming at a network access request of a client and flow data is transmitted with the client through the TCP connection, judging whether the flow data conforms to the video flow statistical characteristics;
and if so, judging that the flow data corresponding to the TCP connection are all video flow data.
Optionally, the video traffic statistical features include:
and uplink flow data in the flow data are smaller than a preset quantity proportion, and downlink flow data are transmitted in a time-sharing mode.
Optionally, the video traffic statistic features further include:
and the transmission rate of the downlink flow data is higher than a preset rate threshold.
Optionally, before the determining whether the traffic data conforms to the video traffic statistical characteristic, the method further includes:
judging whether the TCP connection is a TCP short connection;
if not, continuing to execute the step of judging whether the flow data accords with the statistical characteristics of the video flow;
and if so, judging that the flow data corresponding to the TCP connection is non-video flow data.
Optionally, after the determining that the traffic data corresponding to the TCP connection is video traffic data, the method further includes:
the TCP connection is broken to terminate transmission of the traffic data.
Optionally, the preset quantity proportion is 10%.
The application also provides a device for identifying the video flow data, which comprises a detection module and a judgment module;
when the detection module detects that a server establishes a TCP connection aiming at a network access request of a client and transmits flow data with the client through the TCP connection, the judgment module is used for judging whether the flow data accords with the statistical characteristics of video flow; and if so, judging that the flow data corresponding to the TCP connection are all video flow data.
Optionally, the method further comprises:
a processing module: the processing module is used for disconnecting the TCP connection so as to terminate the transmission of the flow data after the judging module judges that the flow data corresponding to the TCP connection are all video flow data.
The present application further provides an identification device for video traffic data, including:
a memory: for storing a computer program;
a processor: for executing said computer program to implement the steps of any of the video traffic data identification methods described above.
The present application also provides a computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, is adapted to implement the steps of any one of the video traffic data identification methods described above.
The identification method of the video flow data provided by the application comprises the following steps: when detecting that a TCP connection is established by a server aiming at a network access request of a client and flow data is transmitted with the client through the TCP connection, judging whether the flow data conforms to the video flow statistical characteristics; and if so, judging that the flow data corresponding to the TCP connection are all video flow data.
It can be seen that, in the identification method of video traffic data provided in the present application, a DNS or an authentication certificate is not used as identification information of video traffic data as in the prior art, but traffic data of different TCP connections under the same DNS is respectively determined, that is, a TCP connection that has transmitted traffic data partially conforming to a video traffic statistical characteristic is identified based on a characteristic statistical method with traffic data in the same TCP connection as a processing unit, so that the TCP connection is determined as a network connection corresponding to a video network resource, all the transmitted traffic data is determined as video traffic data, and further, video traffic data can be blocked for the TCP connection. According to the method and the device, flow data plugging is not performed on the DNS or the authentication certificate, so that normal use of other network resources sharing the same DNS with the video resource file can be effectively guaranteed. The identification device, the equipment and the computer readable storage medium for the video traffic data provided by the application can realize the identification method for the video traffic data, and also have the beneficial effects.
Drawings
In order to more clearly illustrate the technical solutions in the prior art and the embodiments of the present application, the drawings that are needed to be used in the description of the prior art and the embodiments of the present application will be briefly described below. Of course, the following description of the drawings related to the embodiments of the present application is only a part of the embodiments of the present application, and it will be obvious to those skilled in the art that other drawings can be obtained from the provided drawings without any creative effort, and the obtained other drawings also belong to the protection scope of the present application.
Fig. 1 is an application scenario diagram of a video traffic data identification method provided in the present application;
fig. 2 is a flowchart of a method for identifying video traffic data according to the present application;
fig. 3 is a flowchart of another method for identifying video traffic data provided in the present application;
fig. 4 is a block diagram illustrating a structure of an apparatus for identifying video traffic data according to the present application.
Detailed Description
The core of the application is to provide a method, a device, equipment and a computer-readable storage medium for identifying video traffic data, so as to perform targeted blocking on the video traffic data without affecting normal use of other types of network resources sharing a DNS with the video traffic data.
In order to more clearly and completely describe the technical solutions in the embodiments of the present application, the technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. It is to be understood that the embodiments described are only a few embodiments of the present application and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The video traffic data identification method provided by the application can be particularly applied to a network management device, namely an access controller, so that the traffic data accessed by each client can be judged and the video traffic data in the traffic data can be identified, and therefore the network access behavior of a user on a video file can be intercepted and blocked in time.
Referring to fig. 1, fig. 1 is a view illustrating an application scenario of a method for identifying video traffic data according to the present application. The access controller 12 is a core of the entire communication network, and is configured to manage each network access point, that is, each client 11, and manage communication connection and communication configuration between each client 11 and the server 13.
Referring to fig. 2, fig. 2 is a flowchart of a method for identifying video traffic data provided in the present application, which mainly includes the following steps:
step 21: when detecting that a TCP connection is established by a server aiming at a network access request of a client and traffic data is transmitted with the client through the TCP connection, judging whether the traffic data conforms to the statistical characteristics of video traffic; if so, go to step 22.
Step 22: and judging that the traffic data corresponding to the TCP connection are video traffic data.
Specifically, after a user initiates a network access request to a server through a client, a process in which the server provides a network service for the client is a process in which a TCP connection is established and traffic data is mutually transmitted through the TCP connection. Specifically, traffic data generated in one TCP connection is generally divided into two types, i.e., upstream traffic data and downstream traffic data. The uplink traffic data is the traffic data sent from the client to the server, and the downlink traffic data is the traffic data sent from the server to the client.
Those skilled in the art will appreciate that a TCP connection corresponds to a channel of access by a client for a particular network resource, i.e., a client accessing a different network resource will generate a different TCP connection. For example, when a user views a video file on a certain website page, a first TCP connection is corresponded to, and when the user views a picture file on a certain website page, a second TCP connection is corresponded to.
Therefore, in order to effectively distinguish video traffic data generated when a video file is accessed from other types of traffic data, the traffic data is specifically identified by taking a TCP connection as a unit. Those skilled in the art can distinguish different TCP connections specifically by DNS, certificate, or other extension fields.
For a TCP connection, after it is established, the present application may start to perform feature statistics on generated traffic data continuously, and once it is found that the generated traffic data conforms to the statistical features of video traffic data, it indicates that a network resource corresponding to the TCP connection should be a video file, and traffic data generated or to be generated in the TCP connection is video traffic data, so that the video traffic data may be blocked for the TCP connection.
It can be seen that, in the identification method of video traffic data provided in the present application, a DNS or an authentication certificate is not used as identification information of video traffic data as in the prior art, but traffic data of different TCP connections under the same DNS is respectively determined, that is, a TCP connection that has transmitted traffic data partially conforming to a video traffic statistical characteristic is identified based on a characteristic statistical method with traffic data in the same TCP connection as a processing unit, so that the TCP connection is determined as a network connection corresponding to a video network resource, all the transmitted traffic data is determined as video traffic data, and further, video traffic data can be blocked for the TCP connection. According to the method and the device, flow data plugging is not performed on the DNS or the authentication certificate, so that normal use of other network resources sharing the same DNS with the video resource file can be effectively guaranteed.
The video traffic data identification method provided by the application is based on the embodiment as follows:
as a preferred embodiment, the video traffic statistics include:
the uplink flow data in the flow data is smaller than the preset quantity proportion, and the downlink flow data is transmitted in a time-sharing mode.
Specifically, the video traffic statistical characteristics may specifically include the following two points: the uplink flow data is smaller than the preset quantity proportion, and the downlink flow data is transmitted in a time-sharing mode. Specifically, other types of traffic data similar to the video traffic data include picture traffic data and file download traffic data.
The picture traffic data can be distinguished according to whether the uplink traffic data is smaller than the preset number proportion, because the proportion of the uplink traffic data in the picture traffic data is relatively more than that of the video traffic data and the file lower current-carrying traffic data, the TCP connection of which the proportion of the uplink traffic data is not smaller than the preset number proportion can be determined as the TCP connection corresponding to the picture traffic data. As a preferred embodiment, the predetermined quantity ratio may be set to 10%. Of course, the adjustment may be performed up and down according to the actual application, for example, the preset quantity ratio may be selected and set within a common ratio range of 5% to 15%, and of course, a person skilled in the art may set the numerical value of the preset quantity ratio within other ranges, which is not limited in the present application.
In addition, the upstream flow data in the picture flow data is basically regularly mixed with the downstream flow data, so that a person skilled in the art can also use whether the upstream flow data has regularity as an auxiliary judgment condition for the picture flow data. The regularity can be judged by judging whether the ratio of the number of the downlink flow data packets to the number of the uplink flow data packets is stable or not; in particular, the counting may be started every time an upstream traffic packet occurs, so as to calculate the number of all downstream traffic packets in a period until the next upstream traffic packet occurs, as the ratio. If the ratio is stable, for example, the variation is below 20%, it can be determined that the upstream flow data in the flow data has regularity. If the traffic data of a certain TCP connection not only occupies a relatively high quantitative proportion but also is regularly included in the downlink traffic data, it can basically be determined that the TCP connection is a TCP connection corresponding to the picture file, and the generated traffic data is the picture traffic data.
Secondly, although both the video traffic data and the file download traffic data have the characteristics of relatively less uplink traffic data and relatively more downlink traffic data, the video traffic data also has the characteristics that one file download traffic data does not have, that is, the downlink traffic data in the video traffic data is generally transmitted in time-sharing manner. This is because most manufacturers providing video resource services will adopt a strategy of segment buffering to save server bandwidth, that is, all video traffic data is not transmitted at one time, but the buffering is suspended after a period of time, and the next period is buffered when the viewing progress of the user is almost the same as the buffering progress. Therefore, the downlink traffic data of the video traffic data has the characteristic of time-sharing transmission. For the downloading process of the resource file, the user often has a higher downloading speed requirement, and the downloading process of the resource file is required to be completed quickly, so that the manufacturer providing the downloading of the resource file can meet the downloading speed requirement of the user as much as possible, and therefore, the downlink flow data in the file downloading flow data is generally completed at one time and is not transmitted in different time periods.
As a preferred embodiment, the video traffic statistic feature further includes:
and the transmission rate of the downlink flow data is higher than a preset rate threshold.
Specifically, since the video, the picture and the resource file generally required to be downloaded are often large, the transmission rate of the downlink traffic data in the video traffic data, the picture traffic data and the file download traffic data is often large. Generally, compared with the three, video traffic data is the largest, and then picture traffic data and file download traffic data are the second most. Therefore, whether the transmission rate of the downlink traffic data is higher than a preset rate threshold value can be used for simply judging the video traffic data so as to exclude some other small-traffic resource transmission, and then the quantity proportion of the uplink traffic data and the statistical characteristics of the time-sharing transmission of the downlink traffic data are further utilized for accurate judgment, so that the identification efficiency can be improved.
As for the preset rate threshold of the transmission rate, a person skilled in the art can select and set the preset rate threshold according to the actual application, which is not limited in the present application. For example, a typical video file that can be played smoothly has a transmission rate of at least 40kB/s, and therefore, the predetermined rate threshold can be set to 40 kB/s.
As a preferred embodiment, before determining whether the traffic data conforms to the video traffic statistical characteristics, the method further includes:
judging whether the TCP connection is a TCP short connection;
if not, continuing to execute the step of judging whether the flow data accords with the statistical characteristics of the video flow;
and if so, judging that the traffic data corresponding to the TCP connection is non-video traffic data.
Specifically, a TCP connection in network communication is two types of short connection and long connection. The short connection refers to the connection that the client and the server only perform HTTP operation once each time, namely the short connection is immediately disconnected after data is sent once; the long connection is not actively turned off after completing one data transfer, but continues the following data transfer operation.
Due to the consistency of the video file during playing, the video file is accessed and played by adopting long connection. Therefore, before the determination is made by using the statistical characteristics of the traffic data, it is also possible to determine whether or not the TCP connection is a short connection. If the TCP connection is a short connection, it will not be a TCP connection to access the video file, and the generated traffic data is non-video traffic data; if the TCP connection is a long connection, the next step can be continued, the video flow statistical characteristics are used for judging part of flow data generated in the long connection, and once the characteristics are matched, the flow data in the long connection can be determined to be the video flow data.
In fact, the short connection is automatically closed after a data transmission, so that the short connection and the long connection are easily distinguished, and it can be naturally determined that the long connection is present as long as the TCP connection is not automatically closed.
As a preferred embodiment, after determining that the traffic data corresponding to the TCP connection is video traffic data, the method further includes:
the TCP connection is disconnected to terminate the transmission of the traffic data.
Specifically, after determining that the currently targeted TCP connection is a TCP connection that generates video traffic data corresponding to a video file, the TCP connection may be disconnected to prevent the user from accessing the video file, i.e., to terminate the transmission of the traffic data. In this embodiment, a person skilled in the art may specifically use technical means such as packet loss and sending a reset packet to interrupt transmission of traffic data in the TCP connection, which is not limited in this application.
In an embodiment, please refer to fig. 3, fig. 3 is a flowchart of another video traffic data identification method provided in the present application, including the following steps:
step 31: when detecting that a TCP connection is established by a server aiming at a network access request of a client and flow data is transmitted with the client through the TCP connection, judging whether the TCP connection is a TCP short connection; if not, go to step 32; if so, go to step 36.
Specifically, as described above, before performing statistical characteristic inspection on traffic data of an already established TCP connection, it may be determined whether the TCP connection is a TCP short connection or a TCP long connection, and the TCP short connection may be determined as non-video traffic data by directly skipping subsequent statistical characteristic inspection.
Step 32: judging whether the transmission rate of downlink traffic data in the traffic data is higher than a preset rate threshold value or not; if yes, go to step 33; if not, go to step 36.
Specifically, for the determined TCP long connection, it may be observed first whether the transmission rate of the downlink traffic data in the traffic data is higher than a preset rate threshold, and if not, the subsequent statistical characteristic review may be skipped to determine as the non-video traffic data.
Step 33: judging whether uplink flow data in the flow data is smaller than a preset quantity proportion and downlink flow data are transmitted in a time-sharing mode; if yes, go to step 34; if not, go to step 36.
Specifically, if the traffic data of the TCP long connection conforms to the statistical characteristics of the video traffic data, that is, the uplink traffic data is smaller than the preset number proportion and the downlink traffic data is transmitted in time-sharing, it can be determined that the resource file corresponding to the TCP connection is a video file, and the generated traffic data is video traffic data.
Step 34: judging that the traffic data corresponding to the TCP connection are video traffic data; step 35 is entered.
Step 35: the TCP connection is broken to terminate the transmission of the traffic data.
Step 36: and judging that the traffic data corresponding to the TCP connection is non-video traffic data.
The following description is directed to a specific recognition case of the recognition method shown in fig. 3 for a client accessing facebook video. First, in step 31, the access controller will obtain the result that the TCP connection is a long TCP connection, and then enter step 32, and also obtain the result that the transmission rate of the downlink traffic data in the traffic data is higher than the preset rate threshold (here, 40kB/s), and then enter step 33, and through statistics, the ratio of the downlink traffic data to the uplink traffic data is basically stable and is more than 10 times, which indicates that the proportion of the uplink traffic data is less than the preset quantity proportion (here, 10%), and, the downstream traffic data is divided into a plurality of segments, specifically every 700kB, from which it can be seen that, the traffic data of the TCP is in accordance with the statistical characteristics of the video traffic data, so that step 34 may be entered to determine that the traffic data corresponding to the TCP connection is video traffic data, and step 35 is entered to intercept the transmission of the traffic data of the TCP connection.
The following describes an apparatus for identifying video traffic data according to an embodiment of the present application.
Referring to fig. 4, fig. 4 is a block diagram illustrating a structure of a video traffic data recognition apparatus according to the present application; comprises a detection module 41 and a judgment module 42;
when the detection module 41 detects that the server establishes a TCP connection for a network access request of the client and transmits traffic data with the client through the TCP connection, the judgment module 42 is configured to judge whether the traffic data conforms to the statistical characteristics of the video traffic; and if so, judging that the traffic data corresponding to the TCP connection are all video traffic data.
It can be seen that, the video traffic data identification device provided in the present application does not use DNS or authentication certificates as identification information of video traffic data as in the prior art, but separately determines traffic data of different TCP connections under the same DNS, that is, uses traffic data in the same TCP connection as a processing unit, and identifies a TCP connection that has transmitted traffic data partially conforming to the statistical characteristics of video traffic based on a characteristic statistical method, so as to determine the TCP connection as a network connection corresponding to a video network resource, determine all the transmitted traffic data as video traffic data, and further perform video traffic data blocking for the TCP connection. According to the method and the device, flow data plugging is not performed on the DNS or the authentication certificate, so that normal use of other network resources sharing the same DNS with the video resource file can be effectively guaranteed.
The video traffic data identification device provided by the application is based on the above embodiment:
as a preferred embodiment, the determining module 42 is specifically configured to:
and judging whether the flow data corresponding to the TCP connection accords with the condition that the uplink flow data is smaller than a preset quantity proportion and the downlink flow data adopts the video flow statistical characteristics of time-interval transmission.
As a preferred embodiment, before determining whether the traffic data corresponding to the TCP connection conforms to that the uplink traffic data is smaller than the preset number proportion and the downlink traffic data adopts the video traffic statistical characteristic of time-division transmission, the determining module 42 is further specifically configured to:
judging whether the traffic data corresponding to the TCP connection accords with the video traffic statistical characteristic that the transmission rate of the downlink traffic data is higher than a preset rate threshold; if yes, the method continues to be used for judging whether the flow data corresponding to the TCP connection accords with the condition that the uplink flow data is smaller than the preset quantity proportion and the downlink flow data adopts the video flow statistical characteristics of time-interval transmission.
As a preferred embodiment, before determining whether the traffic data conforms to the video traffic statistic, the determining module 42 is further configured to:
judging whether the TCP connection is a TCP short connection;
if not, continuing to judge whether the flow data accords with the statistical characteristics of the video flow;
and if so, judging that the traffic data corresponding to the TCP connection is non-video traffic data.
As a preferred embodiment, further comprising:
a processing module: the method and the device are used for disconnecting the TCP connection so as to terminate the transmission of the traffic data after the judging module 42 judges that the traffic data corresponding to the TCP connection are all video traffic data.
The present application also provides an identification apparatus for video traffic data, including:
a memory: for storing a computer program;
a processor: for executing a computer program for carrying out the steps of any of the video traffic data identification methods described above.
The present application further provides a computer-readable storage medium, in which a computer program is stored, and the computer program is used for implementing the steps of any one of the video traffic data identification methods described above when being executed by a processor.
The specific embodiments of the apparatus, the device, and the computer-readable storage medium for identifying video traffic data provided in the present application and the method for identifying video traffic data described above may be referred to correspondingly, and are not described herein again.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the embodiment disclosure, since it corresponds to the method of the embodiment disclosure, the description is simple, and the relevant points can be referred to the method part for description.
It is further noted that, throughout this document, relational terms such as "first" and "second" are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Furthermore, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The technical solutions provided by the present application are described in detail above. The principles and embodiments of the present application are explained herein using specific examples, which are provided only to help understand the method and the core idea of the present application. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
Claims (10)
1. A method for identifying video traffic data, comprising:
when detecting that a TCP connection is established by a server aiming at a network access request of a client and flow data is transmitted with the client through the TCP connection, judging whether the flow data conforms to the video flow statistical characteristics;
and if so, judging that the flow data corresponding to the TCP connection are all video flow data.
2. The identification method of claim 1, wherein the video traffic statistic comprises:
and uplink flow data in the flow data are smaller than a preset quantity proportion, and downlink flow data are transmitted in a time-sharing mode.
3. The identification method of claim 2, wherein the video traffic statistics further comprise:
and the transmission rate of the downlink flow data is higher than a preset rate threshold.
4. The method of claim 1, prior to said determining whether the traffic data complies with video traffic statistics, further comprising:
judging whether the TCP connection is a TCP short connection;
if not, continuing to execute the step of judging whether the flow data accords with the statistical characteristics of the video flow;
and if so, judging that the flow data corresponding to the TCP connection is non-video flow data.
5. The identification method according to any one of claims 1 to 4, further comprising, after said determining that the traffic data corresponding to the TCP connection is video traffic data:
the TCP connection is broken to terminate transmission of the traffic data.
6. The identification method according to claim 5, characterized in that said preset quantity proportion is 10%.
7. The device for identifying the video flow data is characterized by comprising a detection module and a judgment module;
when the detection module detects that a server establishes a TCP connection aiming at a network access request of a client and transmits flow data with the client through the TCP connection, the judgment module is used for judging whether the flow data accords with the statistical characteristics of video flow; and if so, judging that the flow data corresponding to the TCP connection are all video flow data.
8. The identification device of claim 7, further comprising:
a processing module: the processing module is used for disconnecting the TCP connection so as to terminate the transmission of the flow data after the judging module judges that the flow data corresponding to the TCP connection are all video flow data.
9. An apparatus for identifying video traffic data, comprising:
a memory: for storing a computer program;
a processor: steps for executing the computer program to implement the method of identifying video traffic data according to any one of claims 1 to 6.
10. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, is adapted to carry out the steps of the method for identifying video traffic data according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811141045.5A CN110971530B (en) | 2018-09-28 | 2018-09-28 | Video traffic data identification method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811141045.5A CN110971530B (en) | 2018-09-28 | 2018-09-28 | Video traffic data identification method, device and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110971530A true CN110971530A (en) | 2020-04-07 |
| CN110971530B CN110971530B (en) | 2023-07-14 |
Family
ID=70027747
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811141045.5A Active CN110971530B (en) | 2018-09-28 | 2018-09-28 | Video traffic data identification method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110971530B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101267353A (en) * | 2008-04-24 | 2008-09-17 | 北京大学 | A Payload-Independent Method for Detecting Network Abuse Behavior |
| CN102111814A (en) * | 2010-12-29 | 2011-06-29 | 华为技术有限公司 | Method, device and system for identifying service type |
| CN103036743A (en) * | 2012-12-19 | 2013-04-10 | 中国科学院信息工程研究所 | Transmission control protocol (TCP) heartbeat detecting method of spy trojan |
| WO2014114361A1 (en) * | 2013-01-28 | 2014-07-31 | Telefonaktiebolaget L M Ericsson (Publ) | Method, apparatus and computer program for providing a data object from a content server to a client device over a radio access network (ran) |
| CN105791151A (en) * | 2014-12-22 | 2016-07-20 | 华为技术有限公司 | A dynamic flow control method and device |
| US20170346751A1 (en) * | 2016-05-24 | 2017-11-30 | International Business Machines Corporation | Managing data traffic according to data stream analysis |
| CN107528837A (en) * | 2017-08-17 | 2017-12-29 | 深信服科技股份有限公司 | Encrypted video recognition methods and device, computer installation, readable storage medium storing program for executing |
| CN108040091A (en) * | 2017-11-27 | 2018-05-15 | 腾讯数码(天津)有限公司 | Data processing method, device and storage medium |
-
2018
- 2018-09-28 CN CN201811141045.5A patent/CN110971530B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101267353A (en) * | 2008-04-24 | 2008-09-17 | 北京大学 | A Payload-Independent Method for Detecting Network Abuse Behavior |
| CN102111814A (en) * | 2010-12-29 | 2011-06-29 | 华为技术有限公司 | Method, device and system for identifying service type |
| CN103036743A (en) * | 2012-12-19 | 2013-04-10 | 中国科学院信息工程研究所 | Transmission control protocol (TCP) heartbeat detecting method of spy trojan |
| WO2014114361A1 (en) * | 2013-01-28 | 2014-07-31 | Telefonaktiebolaget L M Ericsson (Publ) | Method, apparatus and computer program for providing a data object from a content server to a client device over a radio access network (ran) |
| CN105791151A (en) * | 2014-12-22 | 2016-07-20 | 华为技术有限公司 | A dynamic flow control method and device |
| US20170346751A1 (en) * | 2016-05-24 | 2017-11-30 | International Business Machines Corporation | Managing data traffic according to data stream analysis |
| CN107528837A (en) * | 2017-08-17 | 2017-12-29 | 深信服科技股份有限公司 | Encrypted video recognition methods and device, computer installation, readable storage medium storing program for executing |
| CN108040091A (en) * | 2017-11-27 | 2018-05-15 | 腾讯数码(天津)有限公司 | Data processing method, device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110971530B (en) | 2023-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3780523B1 (en) | Network traffic identification method and related device | |
| US11606163B2 (en) | System and method for peak flow detection in a communication network | |
| CN109152095B (en) | Wireless network connection method for terminal | |
| EP3481029B1 (en) | Internet defense method and authentication server | |
| KR100959523B1 (en) | Service quality management method for users and system for performing the same | |
| Kakhki et al. | Bingeon under the microscope: Understanding t-mobiles zero-rating implementation | |
| Molavi Kakhki et al. | Identifying traffic differentiation in mobile networks | |
| Mansy et al. | Network-layer fairness for adaptive video streams | |
| US8799998B2 (en) | Methods for controlling a traffic of an authentication server | |
| CN103731887A (en) | Network bandwidth adjusting method, mobile terminal and server | |
| EP3481033A1 (en) | Base station, and method, apparatus and system for responding to access request | |
| US8670448B2 (en) | Methods, systems, and computer program products for providing traffic control services | |
| US9781595B2 (en) | Wireless communication device | |
| CN109246741B (en) | Wireless network connection method for terminal | |
| US20150106502A1 (en) | Dynamic assignment of connection priorities for applications operating on a client device | |
| WO2019214054A1 (en) | Domain name acquisition method, website access method and server | |
| US10999204B2 (en) | System, apparatus, and method for traffic profiling for mobile video streaming | |
| CN107689928A (en) | Data service handling method and device | |
| CN106230741A (en) | A kind of method and apparatus that message is carried out speed limit | |
| CN120378470A (en) | Multi-device cooperative control method and device, computer device and storage medium | |
| US20160315867A1 (en) | Method of controlling data exchange between a mobile communication network and a data provider | |
| CN110971530B (en) | Video traffic data identification method, device and equipment | |
| CN114257625A (en) | Shared internet access detection method, detection device and storage medium | |
| US11800423B2 (en) | System and method for automatically switching real-time communication device to new basic service set | |
| US20160006621A1 (en) | Method and apparatus for service aware charging and control in a communication network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |