[go: up one dir, main page]

CN101465809B - Method, equipment and system for managing network flux - Google Patents

Method, equipment and system for managing network flux Download PDF

Info

Publication number
CN101465809B
CN101465809B CN2009100002932A CN200910000293A CN101465809B CN 101465809 B CN101465809 B CN 101465809B CN 2009100002932 A CN2009100002932 A CN 2009100002932A CN 200910000293 A CN200910000293 A CN 200910000293A CN 101465809 B CN101465809 B CN 101465809B
Authority
CN
China
Prior art keywords
network traffic
management
behavior
user
behavior information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2009100002932A
Other languages
Chinese (zh)
Other versions
CN101465809A (en
Inventor
伊鹏
扈红超
张风雨
张震
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PLA Information Engineering University
Original Assignee
PLA Information Engineering University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by PLA Information Engineering University filed Critical PLA Information Engineering University
Priority to CN2009100002932A priority Critical patent/CN101465809B/en
Publication of CN101465809A publication Critical patent/CN101465809A/en
Application granted granted Critical
Publication of CN101465809B publication Critical patent/CN101465809B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开一种网络流量管理方法、设备和系统,属于网络应用领域,所塑方法:解析接收到的管理信号,得到至少一个关键词和分别与关键词对应的至少一个行为信息;将经过网络流量管理设备的网络流量与所述至少一个关键词进行匹配,得到匹配的关键词,获取与所述关键词对应的行为信息,依据所述行为信息对所述接收到的网络流量进行管理。所述设备包括解析模块、匹配模块、获取模块和管理模块。所述系统包括网络流量控制中心和串行接入网络链路中的网络流量管理设备,所述网络控制中心生成管理信号下发给所述网络流量管理设备。本发明公开的一种网络流量管理方法、设备和系统实现了对网络流量的有效管理。

Figure 200910000293

The invention discloses a network traffic management method, equipment and system, which belong to the field of network applications. The network traffic of the traffic management device is matched with the at least one keyword to obtain the matched keyword, the behavior information corresponding to the keyword is obtained, and the received network traffic is managed according to the behavior information. The device includes an analysis module, a matching module, an acquisition module and a management module. The system includes a network flow control center and a network flow management device in a serial access network link, and the network control center generates a management signal and sends it to the network flow management device. The network flow management method, equipment and system disclosed by the invention realize effective management of network flow.

Figure 200910000293

Description

一种网络流量管理方法、设备和系统A network traffic management method, device and system

技术领域 technical field

本发明涉及网络应用领域,特别涉及一种网络流量管理方法、设备和系统。The invention relates to the field of network applications, in particular to a network flow management method, device and system.

背景技术 Background technique

随着互联网应用范围的扩展和用户数量的激增,网络应用也在传统E-mail、Web网页访问、FTP文件传输的基础上迅猛发展,数据传输的流量也越来越大,造成了网络的拥堵。现有的流量控制一般是采用流量控制算法等软件方法来实现,路由器或接入设备在每条网络链路上设置一个阈值,当流量超过阈值时进行流量控制。但这种方法存在速度低,扩展性差的问题。With the expansion of the scope of Internet applications and the rapid increase in the number of users, network applications are also developing rapidly on the basis of traditional E-mail, Web page access, and FTP file transmission, and the traffic of data transmission is also increasing, resulting in network congestion. . Existing flow control is generally implemented by using software methods such as flow control algorithms. A router or access device sets a threshold on each network link, and performs flow control when the flow exceeds the threshold. But this method has the problems of low speed and poor scalability.

另外,由于目前缺少对用户网络行为进行有效管理的解决方案,使得运营商不能有针对性的进行业务扩展,从一定程度上限制了网络应用的持续发展。还有,网络病毒、网络攻击、垃圾邮件等非法信息严重威胁网络的可信、安全高效运行。In addition, due to the lack of solutions for effective management of user network behaviors, operators cannot expand services in a targeted manner, which limits the sustainable development of network applications to a certain extent. In addition, illegal information such as network viruses, network attacks, and spam seriously threaten the credible, safe and efficient operation of the network.

可见,目前网络应用中存在着网络应用需求增加和有效管理的矛盾,极大的限制了网络应用的发展,我们一般称在网络链路上传输的各种业务汇聚成的网络信号为网络流量,所以对网络流量进行有效管理成了急需解决的问题。It can be seen that there is a contradiction between increasing demand for network applications and effective management in network applications, which greatly limits the development of network applications. We generally call the network signals aggregated by various services transmitted on network links as network traffic. Therefore, effective management of network traffic has become an urgent problem to be solved.

发明内容 Contents of the invention

本发明提供的网络流量管理方法、设备和系统,以解决对网络流量进行有效管理的问题。The network flow management method, equipment and system provided by the invention solve the problem of effectively managing network flow.

一方面,提供了一种网络流量管理方法,包括In one aspect, a network traffic management method is provided, including

解析接收到的管理信号,得到至少一个关键词和分别与所述关键词对应的至少一个行为信息;Analyzing the received management signal to obtain at least one keyword and at least one behavior information respectively corresponding to the keyword;

将经过网络流量管理设备的网络流量与所述至少一个关键词进行匹配,得到匹配的关键词,获取与所述匹配的关键词对应的行为信息,依据所述行为信息对所述网络流量进行管理。matching the network traffic passing through the network traffic management device with the at least one keyword to obtain the matched keyword, acquiring behavior information corresponding to the matched keyword, and managing the network traffic according to the behavior information .

另一方面,还提供了一种网络流量管理设备,包括On the other hand, a network traffic management device is also provided, including

解析模块,用于解析接收到的管理信号,得到至少一个关键词和分别与所述关键词对应的至少一个行为信息;An analysis module, configured to analyze the received management signal to obtain at least one keyword and at least one behavior information respectively corresponding to the keyword;

匹配模块,用于将经过所述设备的网络流量与所述解析模块得到的至少一个关键词进行匹配,得到匹配的关键词;A matching module, configured to match the network traffic passing through the device with at least one keyword obtained by the parsing module to obtain a matched keyword;

获取模块,用于获取与所述匹配模块找到的关键词对应的行为信息;An acquisition module, configured to acquire behavior information corresponding to the keywords found by the matching module;

管理模块,用于依据所述获取模块获取的行为信息对所述网络流量进行管理。A management module, configured to manage the network traffic according to the behavior information acquired by the acquisition module.

再一方面,还提供了一种网络流量管理系统,所述系统包括网络流量控制中心和串行接入网络链路中的网络流量管理设备,所述网络控制中心生成包含关键词和行为信息的管理信号,下发给所述网络流量管理设备;In yet another aspect, a network traffic management system is also provided, the system includes a network traffic control center and a network traffic management device in a serial access network link, and the network control center generates traffic information containing keywords and behavior information A management signal is issued to the network traffic management device;

所述网络流量管理设备包括,The network traffic management device includes,

解析模块,用于解析接收到的管理信号,得到至少一个关键词和分别与所述关键词对应的至少一个行为信息;An analysis module, configured to analyze the received management signal to obtain at least one keyword and at least one behavior information respectively corresponding to the keyword;

匹配模块,用于将经过所述设备的网络流量与所述解析模块得到的至少一个关键词进行匹配,得到匹配的关键词;A matching module, configured to match the network traffic passing through the device with at least one keyword obtained by the parsing module to obtain a matched keyword;

获取模块,用于获取与所述匹配模块找到的关键词对应的行为信息;An acquisition module, configured to acquire behavior information corresponding to the keywords found by the matching module;

管理模块,用于依据所述获取模块获取的行为信息对所述网络流量进行管理。A management module, configured to manage the network traffic according to the behavior information acquired by the acquisition module.

本发明提供的网络流量管理方法、设备和系统的有益效果是:对网络流量实现了有效管理,进一步的,采用FPGA或ASIC设计开发的网络流量管理设备,极大的提高了处理能力,另外,采用TCAM实现了浮动关键词查表功能,使得对网络流量的管理可以更加灵活和多样化,而且,通过对用户行为的管理,为运营商有针对性的进行业务推广提供了前提,还有,过滤管理提高了网络的安全性,再次,网络流量管理设备串行接入网络链路,使得能够对网络流量进行更加灵活有效的管理。The beneficial effects of the network traffic management method, device and system provided by the present invention are: effective management of network traffic is realized, and further, the network traffic management device designed and developed by FPGA or ASIC greatly improves the processing capacity. In addition, Using TCAM to realize the table look-up function of floating keywords makes the management of network traffic more flexible and diversified. Moreover, through the management of user behavior, it provides a premise for operators to carry out targeted service promotion. In addition, The filtering management improves the security of the network. Thirdly, the network traffic management equipment is serially connected to the network link, enabling more flexible and effective management of the network traffic.

附图说明 Description of drawings

图1是本发明实施例提供的一种网络流量管理方法流程图;Fig. 1 is a flow chart of a network traffic management method provided by an embodiment of the present invention;

图2是本发明实施例提供的一种网络流量管理设备结构图;FIG. 2 is a structural diagram of a network traffic management device provided by an embodiment of the present invention;

图3是本发明实施例提供的一种优选网络流量管理设备电路框图;FIG. 3 is a circuit block diagram of a preferred network traffic management device provided by an embodiment of the present invention;

图4是本发明实施例提供的一种网络流量管理系统结构图。Fig. 4 is a structural diagram of a network traffic management system provided by an embodiment of the present invention.

具体实施方式 Detailed ways

为使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明实施方式作进一步地详细描述。In order to make the object, technical solution and advantages of the present invention clearer, the implementation manner of the present invention will be further described in detail below in conjunction with the accompanying drawings.

实施例一Embodiment one

参见图1,为本发明实施例提供的一种网络流量管理方法,包括Referring to Fig. 1, a network traffic management method provided by an embodiment of the present invention includes

步骤101:网络流量管理设备接收到网络流量控制中心产生的管理信号;Step 101: the network traffic management device receives the management signal generated by the network traffic control center;

网络流量控制中心根据运营需求生成管理信号,下发到网络流量管理设备,每条管理信号包含关键词和行为信息,其中关键词可以是ID号,用于唯一标识某一用户,或者某类业务,或者用户行为等,由运营需求决定。The network traffic control center generates management signals according to operational requirements and sends them to network traffic management devices. Each management signal contains keywords and behavior information, where the keywords can be ID numbers, which are used to uniquely identify a certain user or a certain type of business , or user behavior, etc., are determined by operational needs.

优选的,网络流量控制中心收集基础数据信息,包括网络流量管理设备上报的管理结果、及经过网络流量控制中心的网络流量等中的基础数据信息,对收集到的基础数据信息进行分析,如:网络服务器流量统计与分析、网络链路流量统计与分析等、对业务流进行分析预测、业务的利润贡献率分析、业务的资源利用率分析、业务的流量分布特征分析、业务内客户群体分析、业务内TOPN站点分析等;依据上述分析结果制定宏观策略,如客户群体资源利用率分析、客户忠诚度分析等,依据宏观策略生成包含关键词和行为信息的管理信号,这样网络流量控制中心就可以根据当前的情况不断的调整对各个网络流量管理设备下发的管理信号,对整个网络进行实时控制和管理。Preferably, the network traffic control center collects basic data information, including management results reported by network traffic management equipment, and basic data information in network traffic passing through the network traffic control center, and analyzes the collected basic data information, such as: Network server traffic statistics and analysis, network link traffic statistics and analysis, etc., analysis and prediction of business flow, analysis of business profit contribution rate, analysis of business resource utilization, analysis of business traffic distribution characteristics, analysis of customer groups within the business, Analysis of TOPN sites in the business, etc.; formulate macro strategies based on the above analysis results, such as customer group resource utilization analysis, customer loyalty analysis, etc., and generate management signals containing keywords and behavior information according to macro strategies, so that the network traffic control center can According to the current situation, it continuously adjusts the management signals issued by each network traffic management device, and performs real-time control and management of the entire network.

步骤102:网络流量管理设备解析接收到的管理信号,得到至少一个关键词和分别与上述关键词对应的至少一个行为信息;Step 102: The network traffic management device parses the received management signal to obtain at least one keyword and at least one behavior information respectively corresponding to the keyword;

步骤103:将经过网络流量管理设备的网络流量与上述至少一个关键词进行匹配,得到匹配的关键词;Step 103: matching the network traffic passing through the network traffic management device with the above at least one keyword to obtain the matched keyword;

本发明实施例中的关键词包括固定关键词和/或浮动关键词,相应的,将经过网络流量管理设备的网络流量与所述至少一个关键词进行匹配,得到匹配的关键词的步骤具体为:将经过网络流量管理设备的网络流量固定位置的内容与所述至少一个固定关键词进行匹配,得到匹配的固定关键词;和/或将经过网络流量管理设备的网络流量任意位置的内容与所述至少一个浮动关键词进行匹配,得到匹配的浮动关键词。The keywords in the embodiment of the present invention include fixed keywords and/or floating keywords. Correspondingly, the network traffic passing through the network traffic management device is matched with the at least one keyword, and the step of obtaining the matched keyword is specifically as follows : matching the content at a fixed position of the network traffic passing through the network traffic management device with the at least one fixed keyword to obtain a matched fixed keyword; and/or matching the content at any position of the network traffic passing through the network traffic management device with the at least one fixed keyword The at least one floating keyword is matched to obtain the matched floating keyword.

一般情况下,用户信息在网络流量中的位置相对固定,所以可以利用固定关键词来实现对用户信息的查找,而对于业务类型、访问内容等信息在网络流量中的位置是不固定的,此时用浮动关键词来查找会更加方便。优选的,报文头部的解析式是由固定关键词策略实现的,报文载荷区解析式由浮动关键词策略实现的,用户是由五元组标识的,业务由固定关键词策略标识,用户业务由固定关键词策略和浮动关键词策略共同标识。当然在实际应用中,不限于用固定关键词来查找用户信息,用浮动关键词来查找业务、访问内容等信息,也可以用浮动关键词来查找用户信息等。本发明实施例中提供的对网络流量报文头部解析的方法可以实现固定关键词和/或浮动关键词解析,本发明实施例支持的浮动关键词数量不限于一个,可以是多个,为实现网络流量管理提供了极大的便利。In general, the location of user information in network traffic is relatively fixed, so fixed keywords can be used to search for user information, but the location of information such as business type and access content in network traffic is not fixed. Sometimes it will be more convenient to use floating keywords to search. Preferably, the analytical formula of the message header is realized by the fixed keyword strategy, the analytical formula of the message load area is realized by the floating keyword strategy, the user is identified by the five-tuple, and the service is identified by the fixed keyword strategy, User business is jointly identified by fixed keyword strategy and floating keyword strategy. Of course, in practical applications, it is not limited to use fixed keywords to search for user information, use floating keywords to search for information such as business and access content, and also use floating keywords to search for user information. The method for analyzing the header of the network traffic message provided in the embodiment of the present invention can realize fixed keyword and/or floating keyword analysis, and the number of floating keywords supported by the embodiment of the present invention is not limited to one, and can be multiple, for Realizing network traffic management provides great convenience.

更进一步的,本发明实施例中的匹配还可以扩展为支持固定关键词、浮动关键词和范围关键词等的“多维”关键词内容级业务感知,其中范围关键词为与网络流量某个范围的内容进行匹配。Furthermore, the matching in the embodiment of the present invention can also be extended to support "multi-dimensional" keyword content-level service perception of fixed keywords, floating keywords, and range keywords, where the range keyword is related to a certain range of network traffic content to match.

可以实现多级关键词查询,比如先在网络流量中采用固定关键词匹配用户信息,再在网络流量中采用浮动关键词匹配业务信息。Multi-level keyword query can be realized. For example, fixed keywords are used to match user information in network traffic first, and then floating keywords are used to match business information in network traffic.

为了得到更好的效果,本发明实施例中在对网络流量进行匹配前还包括对信号进行格式转换的步骤,即将接收到的原始物理帧格式的网络流量转换为IP分组格式的信号。In order to obtain a better effect, the embodiment of the present invention also includes a step of converting the format of the signal before matching the network traffic, that is, converting the received network traffic in the original physical frame format into a signal in the IP packet format.

步骤104:获取与上述关键词对应的行为信息;Step 104: Obtain behavior information corresponding to the above keywords;

步骤105:依据上述行为信息对经过网络流量管理设备的网络流量进行管理。Step 105: Manage the network traffic passing through the network traffic management device according to the above behavior information.

行为信息具体为流量控制行为信息,依据行为信息对网络流量进行管理可以是,依据上述流量控制行为信息触发流量控制行为,比较包含在行为信息中的阈值与网络流量的流量值,当流量值超过阈值时,对接收到的网络流量进行流程控制管理。其中,流量控制行为可是上行总流量控制行为、下行总流量控制行为、上行分协议流量控制行为、下行分洗衣流量控制行为、单用户上行总流量控制行为、单用户下行总流量控制行为等。流量控制管理的方法可以是通过直接丢弃流量分组进行的,流量分组可以是业务的连接建立报文(如TCP、UDP建链报文等),也可以是业务报文等,从而可以有选择性的对用户或业务进行流量控制,解决了影响用户正常业务流量的问题。另外,流量控制可以是基于用户或者业务的,比如说我们可以通过网络流量控制中心向网络流量管理设备发送管理信号,控制某一类业务的流量上限或下限,或者是某一用户的某一种业务的流量上限或下限,甚至可以为某一群用户的业务进行控制等,也就是说,控制的颗粒度是可以调整的,可见本发明实施例提供的流量控制管理方法更加灵活。Behavior information is specifically flow control behavior information. The management of network traffic based on the behavior information may be to trigger the flow control behavior based on the above flow control behavior information, and compare the threshold included in the behavior information with the flow value of the network flow. When the flow value exceeds When the threshold is reached, the flow control management is performed on the received network traffic. Among them, the flow control behavior can be uplink total flow control behavior, downlink total flow control behavior, uplink sub-protocol flow control behavior, downlink sub-laundry flow control behavior, single user uplink total flow control behavior, single user downlink total flow control behavior, etc. The method of flow control management can be carried out by directly discarding traffic packets, and the traffic packets can be service connection establishment messages (such as TCP, UDP link establishment messages, etc.), or service messages, etc., so that it can be selective The flow control of users or business is carried out, which solves the problem of affecting the normal business flow of users. In addition, traffic control can be based on users or services. For example, we can send management signals to network traffic management equipment through the network traffic control center to control the upper or lower limit of traffic of a certain type of business, or a certain type of traffic of a certain user. The upper or lower limit of service flow can even be controlled for the service of a certain group of users. That is to say, the granularity of control can be adjusted. It can be seen that the flow control management method provided by the embodiment of the present invention is more flexible.

行为信息具体为用户业务统计行为信息和/或用户分组复制行为信息,依据行为信息对网络流量进行管理还可以是对用户行为进行管理,包括用户业务行为管理和/或用户访问行为管理,Behavior information is specifically user business statistical behavior information and/or user group copy behavior information. Management of network traffic based on behavior information can also be management of user behavior, including user business behavior management and/or user access behavior management,

其中用户业务行为管理为,依据业务统计行为信息触发业务统计行为,更新业务统计计数器,实现对网络流量进行用户业务行为管理;举例说明,从管理信号中解析出来的关键词包括标识用户A的固定关键词A和标识P2P业务的浮动关键词B,则当用户A访问P2P业务时,对应的网络流量在经过网络流量管理设备时,网络流量管理设备先将该网络流量与至少一个固定关键词匹配,得到匹配的固定关键词A,标识用户A,再将该网络流量与至少一个浮动关键词匹配,得到匹配的浮动关键词B,标识P2P业务,这样,网络流量管理设备便将用户A的P2P业务统计计数器加1操作,这样,网络流量管理设备便可以得知用户A的用户业务行为情况,通过分析,可以知道用户A比较感兴趣的业务等信息,实现对用户业务行为的管理。The user business behavior management is to trigger the business statistical behavior according to the business statistical behavior information, update the business statistics counter, and implement the user business behavior management on the network traffic; for example, the keywords parsed from the management signal include the fixed key that identifies user A keyword A and the floating keyword B that identifies the P2P service, then when user A accesses the P2P service, when the corresponding network traffic passes through the network traffic management device, the network traffic management device first matches the network traffic with at least one fixed keyword , get the matching fixed keyword A, identify user A, and then match the network traffic with at least one floating keyword, get the matching floating keyword B, and identify the P2P service. The service statistics counter is incremented by 1. In this way, the network traffic management device can know the user business behavior of user A. Through analysis, it can know the business and other information that user A is more interested in, and realize the management of user business behavior.

用户访问行为管理为,依据用户分组复制行为信息触发用户分组复制行为,将用户信息复制到访问内容信息对应的用户分组中,实现对网络流量进行用户访问行为管理。举例说明,从管理信号中解析出来的关键词包括标识用户A的固定关键词A和标识财经网站的浮动关键词B,则当用户A访问财经类网站时,对应的网络流量在经过网络流量管理设备时,网络流量管理设备先将该网络流量与至少一个固定关键词匹配,得到匹配的固定关键词A,标识用户A,再将该网络流量与至少一个浮动关键词匹配,得到匹配的浮动关键词B,标识访问的是财经网站,这样,网络流量管理设备便将用户A的信息复制到访问财经内容信息对应的用户分组中,这样,网络流量管理设备便可以得到不同的用户分组信息,比如访问财经内容的用户分组、访问体育内容的用户分组等,实现对用户访问行为的管理,以便运营商向不同的用户分组推送对应的服务项目。User access behavior management is to trigger user group copy behavior based on user group copy behavior information, copy user information to user group corresponding to access content information, and implement user access behavior management on network traffic. For example, the keywords parsed from the management signal include a fixed keyword A identifying user A and a floating keyword B identifying a financial website, then when user A visits a financial website, the corresponding network traffic passes through network traffic management device, the network traffic management device first matches the network traffic with at least one fixed keyword, obtains the matching fixed keyword A, identifies user A, and then matches the network traffic with at least one floating keyword to obtain the matching floating key The word B indicates that the user is visiting a financial website. In this way, the network traffic management device will copy the information of user A to the user group corresponding to the access to financial content information. In this way, the network traffic management device can obtain different user group information, such as User groups for accessing financial content, user groups for accessing sports content, etc., realize the management of user access behavior, so that operators can push corresponding service items to different user groups.

进一步的,本发明实施例提供的网络流量管理方法还包括网络流量控制中心依据上述业务统计计数器的统计结果和/或不同类型的用户分组向用户推送服务信息的步骤,这里服务信息包括服务项目、广告等。比如,业务统计计数器统计的结果为目前P2P业务是用的最多的,则运营商可以针对P2P业务定制服务项目,网络流量控制中心将运营商针对P2P业务定制的服务项目推送给用户;再比如,用户分组分为财经用户分组、体育用户分组等,则运营商便会依据不同的用户分组定制财经类的服务项目、体育类的服务项目或广告,网络流量控制中心按用户分组向对应的用户推送相应的服务信息,为网络业务应用的持续发展提供了更大的空间。Further, the network traffic management method provided by the embodiment of the present invention also includes a step in which the network traffic control center pushes service information to the user according to the statistical results of the above-mentioned service statistics counter and/or different types of user groups, where the service information includes service items, advertising etc. For example, the result of the service statistics counter statistics shows that P2P services are currently the most used, then operators can customize service items for P2P services, and the network traffic control center pushes the service items customized by operators for P2P services to users; another example, User groups are divided into financial user groups, sports user groups, etc., then operators will customize financial service items, sports service items or advertisements according to different user groups, and the network traffic control center will push them to corresponding users according to user groups The corresponding service information provides more space for the continuous development of network business applications.

行为信息还可以具体为网络过滤行为信息,依据行为信息对所述接收到的网络流量进行管理还可以是,依据网络过滤行为信息触发网络过滤行为,过滤与关键词对应的网络流量,实现对接收到的网络流量进行网络过滤管理。比如关键词可以设置为一些病毒、黄色网站等相关的关键词,当网络流量流经网络流量管理设备时,便可以对与上述病毒、黄色网站等相关的关键词匹配的网站信息进行筛选和过滤了,因而大大提升了网络的安全性。Behavior information can also specifically be network filtering behavior information, and the management of the received network traffic according to the behavior information can also be, triggering network filtering behavior according to the network filtering behavior information, filtering network traffic corresponding to keywords, and realizing receiving Incoming network traffic is managed through network filtering. For example, keywords can be set to keywords related to viruses, pornographic websites, etc. When the network traffic flows through the network traffic management device, it can screen and filter the website information that matches the keywords related to the above-mentioned viruses, pornographic websites, etc. Therefore, the security of the network is greatly improved.

本发明实施例提供的对网络流量管理方法不仅仅限制于对网络流量的控制管理、对用户行为的管理和对网络流量过滤管理三种中的至少一种,凡是可以利用本发明实施例思想的设置关键词和行为信息的组合,通过在网络流量中进行查询匹配的关键词,触发行为信息中的行为进行对应的管理的均包含在本发明的思想之内。The network traffic management method provided by the embodiments of the present invention is not limited to at least one of the three types of network traffic control management, user behavior management, and network traffic filtering management. Setting the combination of keywords and behavior information, and triggering behaviors in behavior information for corresponding management by querying and matching keywords in network traffic are included in the idea of the present invention.

本发明实施例中的网络流量管理设备有至少一个,每个网络流量管理设备按照网络流量控制中心向各个网络流量管理设备发送的管理信号对经过所述设备的网络流量进行管理,每个网络流量管理设备会按固定的时间间隔或其他预设的规则向网络流量控制中心上报网络流量控制中心,网络流量控制中心对管理结果进行分析,比如网络态势分析、异常流量分析和增值服务等,依据上述分析结果生成新的管理信号,这样网络流量控制中心就可以根据当前的情况不断的调整对各个网络流量管理设备下发的管理信号,对整个网络进行实时控制和管理。There is at least one network traffic management device in the embodiment of the present invention, each network traffic management device manages the network traffic passing through the device according to the management signal sent by the network traffic control center to each network traffic management device, each network traffic The management device will report to the network traffic control center at fixed time intervals or other preset rules, and the network traffic control center will analyze the management results, such as network situation analysis, abnormal traffic analysis and value-added services, etc., according to the above The analysis results generate new management signals, so that the network traffic control center can continuously adjust the management signals sent to each network traffic management device according to the current situation, and carry out real-time control and management of the entire network.

为了得到更好的效果,本发明实施例中网络流量从网络流量管理设备输出之前还包括对网络流量进行信号整形的步骤。In order to obtain a better effect, before the network traffic is output from the network traffic management device in the embodiment of the present invention, a step of performing signal shaping on the network traffic is also included.

实施例二Embodiment two

参见图2,为本发明实施例提供的一种网络流量管理设备,包括:Referring to FIG. 2, a network traffic management device provided by an embodiment of the present invention includes:

解析模块,用于解析接收到的管理信号,得到至少一个关键词和分别与关键词对应的至少一个行为信息;An analysis module, configured to analyze the received management signal to obtain at least one keyword and at least one behavior information respectively corresponding to the keyword;

匹配模块,用于将经过所述设备的网络流量与所述解析模块得到的至少一个关键词进行匹配,得到匹配的关键词;A matching module, configured to match the network traffic passing through the device with at least one keyword obtained by the parsing module to obtain a matched keyword;

获取模块,用于获取与匹配模块找到的关键词对应的行为信息;An acquisition module, configured to acquire behavior information corresponding to keywords found by the matching module;

管理模块,用于依据获取模块获取的行为信息对上述接收到的网络流量进行管理。The management module is configured to manage the above-mentioned received network traffic according to the behavior information acquired by the acquisition module.

其中,匹配模块包括,Among them, the matching module includes,

固定关键词匹配单元,用于将经过所述设备的网络流量固定位置的内容与所述解析模块中得到的至少一个固定关键词进行匹配,得到匹配的固定关键词;和/或浮动关键词匹配单元,用于将经过所述设备的网络流量任意位置的内容与所述解析模块中得到的至少一个浮动关键词进行匹配,得到匹配的浮动关键词。A fixed keyword matching unit, configured to match the content at a fixed location of the network traffic passing through the device with at least one fixed keyword obtained in the parsing module to obtain a matching fixed keyword; and/or match the floating keyword A unit, configured to match the content at any position of the network traffic passing through the device with the at least one floating keyword obtained in the parsing module to obtain the matched floating keyword.

所述获取模块获取的行为信息具体为流量控制行为信息,所述管理模块具体为流量控制管理模块,具体用于依据所述流量控制行为信息触发流量控制行为,比较包含在所述行为信息中的阈值与所述网络流量的流量值,当所述流量值超过阈值时,对所述网络流量进行流程控制管理。The behavior information acquired by the acquisition module is specifically flow control behavior information, and the management module is specifically a flow control management module, which is specifically used to trigger a flow control behavior based on the flow control behavior information, and compare the information contained in the behavior information The threshold and the flow value of the network flow, when the flow value exceeds the threshold, process control management is performed on the network flow.

管理模块具体为用户行为管理模块,包括The management module is specifically a user behavior management module, including

所述获取模块获取的行为信息具体为业务统计行为信息,用户业务行为管理单元,用于依据所述业务统计行为信息触发业务统计行为,更新业务统计计数器,实现对所述网络流量进行用户业务行为管理;和/或The behavior information acquired by the acquisition module is specifically business statistical behavior information, and the user business behavior management unit is used to trigger the business statistical behavior according to the business statistical behavior information, update the business statistics counter, and implement user business behavior on the network traffic. management; and/or

所述获取模块获取的行为信息具体为用户分组复制行为信息,用户访问行为管理单元,用于依据所述用户分组复制行为信息触发用户分组复制行为,将用户信息复制到访问内容信息对应的用户分组中,实现对所述网络流量进行用户访问行为管理。The behavior information acquired by the acquisition module is specifically the user group copy behavior information, and the user access behavior management unit is used to trigger the user group copy behavior according to the user group copy behavior information, and copy the user information to the user group corresponding to the access content information , implementing user access behavior management on the network traffic.

所述获取模块获取的行为信息具体为网络过滤行为信息,所述管理模块具体为网络过滤管理模块,具体用于依据所述网络过滤行为信息触发网络过滤行为,过滤所述网络流量,实现对所述网络流量进行网络过滤管理。The behavior information acquired by the acquisition module is specifically network filtering behavior information, and the management module is specifically a network filtering management module, which is specifically used to trigger network filtering behavior according to the network filtering behavior information, filter the network traffic, and realize all Network filtering management for the above network traffic.

优选的,本发明实施例中的匹配模块可以由三重内容寻址存储器TCAM实现,至少一个行为信息可以存储在静态随机存储器SRAM中,解析模块、获取模块和管理模块可以集成在现场可编程门阵列FPGA或专用大规模集成电路ASIC中等实现。由于本发明实施例提供的网络流量管理设备采用的是FPGA(或ASIC)+TCAM+SRAM硬件方式实现的,参见图3,为一个网络流量管理设备的优选实例,其中TCAM中设置有关键词,SRAM中存储有行为信息,解析模块、获取模块和管理模块集成在一块FPGA中实现,所以可以支持很高的处理能力,比如可以达到10Gbps或更高的的处理能力。Preferably, the matching module in the embodiment of the present invention can be realized by the triple content addressable memory TCAM, at least one behavior information can be stored in the static random access memory SRAM, and the analysis module, the acquisition module and the management module can be integrated in the field programmable gate array FPGA or application-specific large-scale integrated circuit ASIC medium implementation. Because the network traffic management equipment that the embodiment of the present invention provides adopts FPGA (or ASIC)+TCAM+SRAM hardware mode to realize, referring to Fig. 3, it is a preferred example of a network traffic management equipment, wherein keywords are set in the TCAM, Behavior information is stored in the SRAM, and the analysis module, acquisition module and management module are integrated in one FPGA, so it can support high processing capabilities, such as 10Gbps or higher processing capabilities.

实施例三,Embodiment three,

参见图4,为本发明实施例提供的一种网络流量管理系统,其特征在于,所述系统包括网络流量控制中心和串行接入网络链路中的网络流量管理设备,所述网络控制中心生成管理信号下发给所述网络流量管理设备;Referring to Fig. 4, a network traffic management system provided by an embodiment of the present invention is characterized in that the system includes a network traffic control center and a network traffic management device in a serial access network link, and the network control center Generate a management signal and send it to the network traffic management device;

所述网络流量管理设备包括,The network traffic management device includes,

解析模块,用于解析接收到的管理信号,得到至少一个关键词和分别与所述关键词对应的至少一个行为信息;An analysis module, configured to analyze the received management signal to obtain at least one keyword and at least one behavior information respectively corresponding to the keyword;

匹配模块,用于将经过所述设备的网络流量与所述解析模块得到的至少一个关键词进行匹配,得到匹配的关键词;A matching module, configured to match the network traffic passing through the device with at least one keyword obtained by the parsing module to obtain a matched keyword;

获取模块,用于获取与所述匹配模块找到的关键词对应的行为信息;An acquisition module, configured to acquire behavior information corresponding to the keyword found by the matching module;

管理模块,用于依据所述获取模块获取的行为信息对所述接收到的网络流量进行管理。A management module, configured to manage the received network traffic according to the behavior information acquired by the acquisition module.

进一步的,所述系统还包括与所述网络流量管理设备并联的切换模块,所述网络流量管理设备还包括切换控制模块,用于控制所述切换模块处于联通或断开状态。优选的,切换模块可以采用开关设备实现。当网络流量管理设备监控到系统的关键芯片、器件等的运行状态出现问题时,包括链路层芯片、TCAM查表器件、流控队列调度FPGA、板级处理机等,切换控制模块向切换模块下发指令,将切换模块(比如光藕开关)设为联通状态,使网络流量直接从切换模块上经过,即将网络流量经过网络流量管理设备的串接方式切换为网络流量经过切换模块的直通方式,从而避免影响网络流量的运行。Further, the system further includes a switching module connected in parallel with the network traffic management device, and the network traffic management device also includes a switching control module, which is used to control the switching module to be in a connected or disconnected state. Preferably, the switch module can be realized by using a switch device. When the network traffic management equipment monitors that there is a problem with the operating status of key chips and devices in the system, including link layer chips, TCAM table lookup devices, flow control queue scheduling FPGA, board-level processors, etc., the switching control module will switch to the switching module. Issue an instruction to set the switching module (such as an optical coupler switch) to the Unicom state, so that the network traffic passes directly through the switching module, that is, the serial connection mode of the network traffic passing through the network traffic management device is switched to the straight-through mode of the network traffic passing through the switching module , so as to avoid affecting the operation of network traffic.

再进一步的,所述网络流量控制中心还包括服务信息推送模块,用于依据所述网络流量管理设备得到的业务统计计数器的统计结果和/或所述用户分组向用户推送服务信息。Still further, the network traffic control center further includes a service information push module, configured to push service information to users according to the statistical result of the service statistics counter obtained by the network traffic management device and/or the user groups.

本发明实施例中的网络流量管理设备有至少一个,每个网络流量管理设备按照网络流量控制中心向各个网络流量管理设备发送的管理信号对经过所述设备的网络流量进行管理,每个网络流量管理设备会按固定的时间间隔或其他预设的规则向网络流量控制中心上报网络流量控制中心,网络流量控制中心对管理结果进行分析,比如网络态势分析、异常流量分析和增值服务等,依据上述分析结果生成新的管理信号,这样网络流量控制中心就可以根据当前的情况不断的调整对各个网络流量管理设备下发的管理信号,对整个网络进行实时控制和管理。There is at least one network traffic management device in the embodiment of the present invention, each network traffic management device manages the network traffic passing through the device according to the management signal sent by the network traffic control center to each network traffic management device, each network traffic The management device will report to the network traffic control center at fixed time intervals or other preset rules, and the network traffic control center will analyze the management results, such as network situation analysis, abnormal traffic analysis and value-added services, etc., according to the above The analysis results generate new management signals, so that the network traffic control center can continuously adjust the management signals sent to each network traffic management device according to the current situation, and carry out real-time control and management of the entire network.

本发明实施例中将网络流量管理设备串行接入网络链路中,使得输出的网络流量即为经过网络流量管理设备管理之后的信号,相对将网络流量管理设备并行接入网络链路的方式而言,可以实现更大的管理力度。In the embodiment of the present invention, the network traffic management device is serially connected to the network link, so that the output network traffic is the signal after being managed by the network traffic management device, compared with the method of connecting the network traffic management device to the network link in parallel As a result, greater management efforts can be achieved.

本发明实施例提供的网络流量管理系统采用网络流量控制中心和网络流量管理设备分离的思想,有利于单独升级维护。The network traffic management system provided by the embodiment of the present invention adopts the idea of separating the network traffic control center and the network traffic management equipment, which is beneficial for independent upgrade and maintenance.

以上所述仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。凡在本发明的精神和原则之内所作的任何修改、等同替换、改进等,均包含在本发明的保护范围内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the protection scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principles of the present invention are included in the protection scope of the present invention.

Claims (17)

1.一种网络流量管理方法,其特征在于,所述方法包括:1. A network traffic management method, characterized in that the method comprises: 解析接收到的管理信号,得到至少一个关键词和分别与所述关键词对应的至少一个行为信息;其中,所述管理信号根据运营需求生成;Analyzing the received management signal to obtain at least one keyword and at least one behavior information respectively corresponding to the keyword; wherein the management signal is generated according to operational requirements; 将经过网络流量管理设备的网络流量与所述至少一个关键词进行匹配,得到匹配的关键词,获取与所述匹配的关键词对应的行为信息,依据所述行为信息对所述网络流量进行管理。matching the network traffic passing through the network traffic management device with the at least one keyword to obtain the matched keyword, acquiring behavior information corresponding to the matched keyword, and managing the network traffic according to the behavior information . 2.如权利要求1所述的网络流量管理方法,其特征在于,所述关键词包括固定关键词和/或浮动关键词,2. The network traffic management method according to claim 1, wherein the keywords include fixed keywords and/or floating keywords, 相应的,将经过网络流量管理设备的网络流量与所述至少一个关键词进行匹配,得到匹配的关键词的步骤具体为:将经过网络流量管理设备的网络流量固定位置的内容与所述至少一个固定关键词进行匹配,得到匹配的固定关键词;和/或将经过网络流量管理设备的网络流量任意位置的内容与所述至少一个浮动关键词进行匹配,得到匹配的浮动关键词。Correspondingly, the step of matching the network traffic passing through the network traffic management device with the at least one keyword, and obtaining the matched keyword is specifically: matching the content of the fixed position of the network traffic passing through the network traffic management device with the at least one keyword Matching the fixed keywords to obtain the matched fixed keywords; and/or matching the content at any position of the network traffic passing through the network traffic management device with the at least one floating keyword to obtain the matched floating keywords. 3.如权利要求1或2所述的网络流量管理方法,其特征在于,所述行为信息具体为流量控制行为信息,依据所述行为信息对所述网络流量进行管理的步骤具体为,依据所述流量控制行为信息触发流量控制行为,比较包含在所述流量控制行为信息中的阈值与所述网络流量的流量值,当所述流量值超过阈值时,对所述网络流量进行流程控制管理。3. The network traffic management method according to claim 1 or 2, wherein the behavior information is specifically traffic control behavior information, and the step of managing the network traffic according to the behavior information is specifically, according to the The flow control behavior information triggers the flow control behavior, compares the threshold included in the flow control behavior information with the flow value of the network flow, and performs flow control management on the network flow when the flow value exceeds the threshold. 4.如权利要求1或2所述的网络流量管理方法,其特征在于,所述行为信息具体为用户业务统计行为信息和/或用户分组复制行为信息,依据所述行为信息对所述网络流量进行管理的步骤具体为,依据所述用户业务统计行为信息触发用户业务统计行为,更新用户业务统计计数器,实现对所述网络流量进行用户业务行为管理;和/或依据所述用户分组复制行为信息触发用户分组复制行为,将用户信息复制到访问内容对应的用户分组中,实现对所述网络流量进行用户访问行为管理。4. The network traffic management method according to claim 1 or 2, wherein the behavior information is specifically user business statistics behavior information and/or user group copy behavior information, and the network traffic is analyzed according to the behavior information The step of managing is specifically: triggering user business statistical behavior according to the user business statistical behavior information, updating user business statistical counters, and implementing user business behavior management on the network traffic; and/or copying behavior information according to the user grouping Trigger the user group copy behavior, copy the user information to the user group corresponding to the access content, and implement user access behavior management on the network traffic. 5.如权利要求4所述的网络流量管理方法,其特征在于,所述方法还包括依据所述业务统计计数器的统计结果和/或所述用户分组向用户推送服务信息的步骤。5. The network traffic management method according to claim 4, further comprising the step of pushing service information to users according to the statistics result of the service statistics counter and/or the user groups. 6.如权利要求1或2所述的网络流量管理方法,其特征在于,所述行为信息具体为网络过滤行为信息,依据所述行为信息对所述网络流量进行管理的步骤具体为,依据所述网络过滤行为信息触发网络过滤行为,过滤所述网络流量,实现对所述网络流量进行网络过滤管理。6. The network traffic management method according to claim 1 or 2, wherein the behavior information is specifically network filtering behavior information, and the step of managing the network traffic according to the behavior information is specifically, according to the The network filtering behavior information triggers the network filtering behavior, filters the network traffic, and implements network filtering management on the network traffic. 7.一种网络流量管理设备,其特征在于,所述设备包括:7. A network traffic management device, characterized in that the device comprises: 解析模块,用于解析接收到的管理信号,得到至少一个关键词和分别与所述关键词对应的至少一个行为信息;所述管理信号根据运营需求生成;An analysis module, configured to analyze the received management signal to obtain at least one keyword and at least one behavior information respectively corresponding to the keyword; the management signal is generated according to operational requirements; 匹配模块,用于将经过所述设备的网络流量与所述解析模块得到的至少一个关键词进行匹配,得到匹配的关键词;A matching module, configured to match the network traffic passing through the device with at least one keyword obtained by the parsing module to obtain a matched keyword; 获取模块,用于获取与所述匹配模块找到的关键词对应的行为信息;An acquisition module, configured to acquire behavior information corresponding to the keyword found by the matching module; 管理模块,用于依据所述获取模块获取的行为信息对所述网络流量进行管理。A management module, configured to manage the network traffic according to the behavior information acquired by the acquisition module. 8.如权利要求7所述的网络流量管理设备,其特征在于,所述匹配模块包括8. The network traffic management device according to claim 7, wherein the matching module comprises 固定关键词匹配单元,用于将经过所述设备的网络流量固定位置的内容与所述解析模块中得到的至少一个固定关键词进行匹配,得到匹配的固定关键词;和/或A fixed keyword matching unit, configured to match the content at a fixed location of the network traffic passing through the device with at least one fixed keyword obtained in the parsing module to obtain a matched fixed keyword; and/or 浮动关键词匹配单元,用于将经过所述设备的网络流量任意位置的内容与所述解析模块中得到的至少一个浮动关键词进行匹配,得到匹配的浮动关键词。The floating keyword matching unit is configured to match the content at any position of the network traffic passing through the device with at least one floating keyword obtained in the parsing module to obtain a matching floating keyword. 9.如权利要求7或8所述的网络流量管理设备,其特征在于,所述获取模块获取的行为信息具体为流量控制行为信息,所述管理模块具体为流量控制管理模块,具体用于依据所述流量控制行为信息触发流量控制行为,比较包含在所述流量控制行为信息中的阈值与所述网络流量的流量值,当所述流量值超过阈值时,对所述网络流量进行流程控制管理。9. The network traffic management device according to claim 7 or 8, wherein the behavior information acquired by the acquisition module is specifically traffic control behavior information, and the management module is specifically a traffic control management module, which is specifically used according to The flow control behavior information triggers the flow control behavior, compares the threshold included in the flow control behavior information with the flow value of the network flow, and performs process control management on the network flow when the flow value exceeds the threshold . 10.如权利要求7或8所述的网络流量管理设备,其特征在于,所述管理模块具体为用户行为管理模块;10. The network traffic management device according to claim 7 or 8, wherein the management module is specifically a user behavior management module; 所述获取模块获取的行为信息具体为业务统计行为信息,所述用户行为管理模块包括:用户业务行为管理单元,所述用户业务行为管理单元用于依据所述业务统计行为信息触发业务统计行为,更新业务统计计数器,实现对所述网络流量进行用户业务行为管理;或The behavior information acquired by the acquisition module is specifically business statistical behavior information, and the user behavior management module includes: a user business behavior management unit, the user business behavior management unit is used to trigger business statistical behavior according to the business statistical behavior information, updating the service statistics counter to implement user service behavior management on the network traffic; or 所述获取模块获取的行为信息具体为用户分组复制行为信息,所述用户行为管理模块包括:用户访问行为管理单元,所述用户访问行为管理单元用于依据所述用户分组复制行为信息触发用户分组复制行为,将用户信息复制到访问内容信息对应的用户分组中,实现对所述网络流量进行用户访问行为管理。The behavior information acquired by the acquisition module is specifically user group copy behavior information, and the user behavior management module includes: a user access behavior management unit, and the user access behavior management unit is used to trigger user grouping based on the user group copy behavior information The copy behavior is to copy the user information to the user group corresponding to the access content information, so as to implement user access behavior management on the network traffic. 11.如权利要求7或8所述的网络流量管理设备,其特征在于,所述管理模块具体为用户行为管理模块;11. The network traffic management device according to claim 7 or 8, wherein the management module is specifically a user behavior management module; 所述获取模块获取的行为信息具体为业务统计行为信息和用户分组复制行为信息,所述用户行为管理模块包括:用户业务行为管理单元和用户访问行为管理单元,所述用户业务行为管理单元用于依据所述业务统计行为信息触发业务统计行为,更新业务统计计数器,实现对所述网络流量进行用户业务行为管理,所述用户访问行为管理单元用于依据所述用户分组复制行为信息触发用户分组复制行为,将用户信息复制到访问内容信息对应的用户分组中,实现对所述网络流量进行用户访问行为管理。The behavior information acquired by the acquisition module is specifically business statistical behavior information and user group copy behavior information, and the user behavior management module includes: a user business behavior management unit and a user access behavior management unit, and the user business behavior management unit is used for triggering business statistics behavior according to the business statistics behavior information, updating business statistics counters, implementing user business behavior management on the network traffic, and the user access behavior management unit is used to trigger user group replication based on the user group replication behavior information Behavior, the user information is copied to the user group corresponding to the access content information, so as to implement user access behavior management on the network traffic. 12.如权利要求7或8所述的网络流量管理设备,其特征在于,所述获取模块获取的行为信息具体为网络过滤行为信息,所述管理模块具体为网络过滤管理模块,具体用于依据所述网络过滤行为信息触发网络过滤行为,过滤所述网络流量,实现对所述网络流量进行网络过滤管理。12. The network traffic management device according to claim 7 or 8, wherein the behavior information acquired by the acquisition module is specifically network filtering behavior information, and the management module is specifically a network filtering management module, which is specifically used to The network filtering behavior information triggers the network filtering behavior, filters the network traffic, and implements network filtering management on the network traffic. 13.如权利要求7或8所述的网络流量管理设备,其特征在于,所述匹配模块具体为三重内容寻址存储器TCAM,所述至少一个行为信息存储在静态随机存储器SRAM中,所述解析模块、获取模块和管理模块集成在现场可编程门阵列FPGA或专用大规模集成电路ASIC中。13. The network traffic management device according to claim 7 or 8, wherein the matching module is specifically a triple content addressable memory TCAM, the at least one behavior information is stored in a static random access memory (SRAM), and the parsing module Module, acquisition module and management module are integrated in field programmable gate array FPGA or application-specific large-scale integrated circuit ASIC. 14.一种网络流量管理系统,其特征在于,所述系统包括网络流量控制中心和串行接入网络链路中的网络流量管理设备,所述网络流量控制中心生成包含关键词和行为信息的管理信号,下发给所述网络流量管理设备;14. A network traffic management system, characterized in that the system includes a network traffic control center and a network traffic management device in a serial access network link, and the network traffic control center generates traffic information containing keywords and behavior information A management signal is issued to the network traffic management device; 所述网络流量管理设备包括,The network traffic management device includes, 解析模块,用于解析接收到的管理信号,得到至少一个关键词和分别与所述关键词对应的至少一个行为信息;所述管理信号根据运营需求生成;An analysis module, configured to analyze the received management signal to obtain at least one keyword and at least one behavior information respectively corresponding to the keyword; the management signal is generated according to operational requirements; 匹配模块,用于将经过所述设备的网络流量与所述解析模块得到的至少一个关键词进行匹配,得到匹配的关键词;A matching module, configured to match the network traffic passing through the device with at least one keyword obtained by the parsing module to obtain a matched keyword; 获取模块,用于获取与所述匹配模块找到的关键词对应的行为信息;An acquisition module, configured to acquire behavior information corresponding to the keywords found by the matching module; 管理模块,用于依据所述获取模块获取的行为信息对所述网络流量进行管理。A management module, configured to manage the network traffic according to the behavior information acquired by the acquisition module. 15.如权利要求14所述的网络流量管理系统,其特征在于,所述系统还包括与所述网络流量管理设备并联的切换模块,所述网络流量管理设备还包括切换控制模块,用于控制所述切换模块处于联通或断开状态。15. The network traffic management system according to claim 14, characterized in that, the system further comprises a switching module connected in parallel with the network traffic management device, and the network traffic management device also includes a switching control module for controlling The switching module is in the connected or disconnected state. 16.如权利要求15所述的网络流量管理系统,其特征在于,所述切换模块具体为开关。16. The network traffic management system according to claim 15, wherein the switching module is specifically a switch. 17.如权利要求14所述的网络流量管理系统,其特征在于,所述网络流量控制中心还包括服务信息推送模块,用于依据所述网络流量管理设备得到的业务统计计数器的统计结果和/或用户访问内容对应的用户分组向用户推送服务信息。17. The network traffic management system according to claim 14, wherein the network traffic control center further includes a service information push module, which is used to obtain statistical results of service statistics counters obtained by the network traffic management device and/or Or the user group corresponding to the content accessed by the user pushes the service information to the user.
CN2009100002932A 2009-01-16 2009-01-16 Method, equipment and system for managing network flux Expired - Fee Related CN101465809B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009100002932A CN101465809B (en) 2009-01-16 2009-01-16 Method, equipment and system for managing network flux

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009100002932A CN101465809B (en) 2009-01-16 2009-01-16 Method, equipment and system for managing network flux

Publications (2)

Publication Number Publication Date
CN101465809A CN101465809A (en) 2009-06-24
CN101465809B true CN101465809B (en) 2012-11-14

Family

ID=40806179

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009100002932A Expired - Fee Related CN101465809B (en) 2009-01-16 2009-01-16 Method, equipment and system for managing network flux

Country Status (1)

Country Link
CN (1) CN101465809B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101951623B (en) * 2010-09-13 2014-11-05 中兴通讯股份有限公司 User behavior statistical method and device based on user events
CN102662888A (en) * 2012-03-20 2012-09-12 大连梯耐德网络技术有限公司 A control system and control method for multi-user parallel operation TCAM
TWI540860B (en) * 2013-09-26 2016-07-01 緯創資通股份有限公司 Network management system, network path control module, and network management method thereof
CN104601486A (en) * 2013-10-30 2015-05-06 阿里巴巴集团控股有限公司 Method and device for shunt of network flow
CN105101302B (en) * 2014-04-30 2019-03-08 宇龙计算机通信科技(深圳)有限公司 Flow managing method and system based on user's use habit
CN109962956B (en) * 2017-12-26 2022-06-07 中国电信股份有限公司 Method and system for recommending communication services to a user
CN109164786B (en) * 2018-08-24 2020-05-29 杭州安恒信息技术股份有限公司 Abnormal behavior detection method, device and equipment based on time-dependent baseline
CN111581371A (en) * 2020-05-07 2020-08-25 中国信息安全测评中心 Network security analysis method and device based on outbound data network flow
CN118631736B (en) * 2024-08-13 2024-10-29 北京中网华通设计咨询有限公司 A flow control method and system in digital information transmission based on big data

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1852297A (en) * 2005-11-11 2006-10-25 华为技术有限公司 Network data flow recognizing system and method
CN101141390A (en) * 2007-07-17 2008-03-12 武汉烽火网络有限责任公司 Novel self-defining ethernet out-of-band data packet filtering method and device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1852297A (en) * 2005-11-11 2006-10-25 华为技术有限公司 Network data flow recognizing system and method
CN101141390A (en) * 2007-07-17 2008-03-12 武汉烽火网络有限责任公司 Novel self-defining ethernet out-of-band data packet filtering method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
张棣兴.下一代网络业务流量识别与控制的研究.《电信网技术》.2006,(第11期),12-15. *
韦安明等.高速网络中P2P流量检测及控制方法.《北京邮电大学学报》.2007,第30卷(第5期),117-120. *

Also Published As

Publication number Publication date
CN101465809A (en) 2009-06-24

Similar Documents

Publication Publication Date Title
CN101465809B (en) Method, equipment and system for managing network flux
US9037710B2 (en) Method and apparatus for correlating end to end measurements through control plane monitoring of wireless traffic
CN108701187B (en) Apparatus and method for hybrid hardware-software distributed threat analysis
EP2206289B1 (en) Intelligent collection and management of flow statistics
EP2580903B1 (en) Traffic classification
CN103841045B (en) A kind of internet method for caching and processing, content detection subsystem and Cache systems
CN114422451A (en) A kind of network traffic identification method and related equipment
US10146682B2 (en) Method and apparatus for improving non-uniform memory access
US8699344B2 (en) Method and apparatus for managing a degree of parallelism of streams
Abu et al. Interest packets retransmission in lossy CCN networks and its impact on network performance
US20150215187A1 (en) Data Services in a Computer System
US9270561B2 (en) Method and apparatus for applying uniform hashing to wireless traffic
US9055113B2 (en) Method and system for monitoring flows in network traffic
US8611343B2 (en) Method and apparatus for providing a two-layer architecture for processing wireless traffic
EP2605480B1 (en) Apparatus and method for HTTP analysis
Zerfos et al. Platform and applications for massive-scale streaming network analytics
KR101003505B1 (en) Dynamic Control Method of Traffic According to Network Load and Its Apparatus
CN114844704B (en) Real-time DNS tunnel detection method and related equipment based on programmable switch
CN115484087B (en) An embedded device business identification system
WO2025036112A1 (en) Data security protection selection method and apparatus, and storage medium
Han et al. A Lightware Attribute Based Access Control Mechanism in Software Defined Internet of Things
Mai et al. Fast filtered sampling
CN118199903A (en) Flow filtering method, device, equipment, system and storage medium
Yao et al. Content-Centric and Software-Defined Networking with Big Data
Guo et al. Research and Implementation of Distributed Access Control and Traffic Statistics Based on XORP

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20121114

Termination date: 20180116

CF01 Termination of patent right due to non-payment of annual fee