WO2004015937A3 - Logarithmic time range-based multifield-correlation packet classification - Google Patents

Logarithmic time range-based multifield-correlation packet classification Download PDF

Info

Publication number
WO2004015937A3
WO2004015937A3 PCT/US2003/024346 US0324346W WO2004015937A3 WO 2004015937 A3 WO2004015937 A3 WO 2004015937A3 US 0324346 W US0324346 W US 0324346W WO 2004015937 A3 WO2004015937 A3 WO 2004015937A3
Authority
WO
WIPO (PCT)
Prior art keywords
multifield
time range
packet classification
logarithmic time
correlation packet
Prior art date
Application number
PCT/US2003/024346
Other languages
French (fr)
Other versions
WO2004015937A2 (en
Inventor
Priya Govindarajan
Chun-Yang Chiu
David Durham
Original Assignee
Intel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp filed Critical Intel Corp
Priority to GB0502953A priority Critical patent/GB2408169B/en
Priority to AU2003261356A priority patent/AU2003261356A1/en
Priority to DE10393053T priority patent/DE10393053B4/en
Publication of WO2004015937A2 publication Critical patent/WO2004015937A2/en
Publication of WO2004015937A3 publication Critical patent/WO2004015937A3/en
Priority to HK05104388A priority patent/HK1073026A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2441Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/20Traffic policing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Abstract

Classification of network data packets includes a determination sets of one or more filter-identifiers where each set is associated with a respective data-packet classifier field. A result-set of filter-identifiers may be derived based on an intersection of the filter-identifier sets.
PCT/US2003/024346 2002-08-08 2003-08-04 Logarithmic time range-based multifield-correlation packet classification WO2004015937A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
GB0502953A GB2408169B (en) 2002-08-08 2003-08-04 Logarithmic time range-based multifield-correlation packet classification
AU2003261356A AU2003261356A1 (en) 2002-08-08 2003-08-04 Logarithmic time range-based multifield-correlation packet classification
DE10393053T DE10393053B4 (en) 2002-08-08 2003-08-04 Range-based multi-field correlation - packet classification with log-time behavior
HK05104388A HK1073026A1 (en) 2002-08-08 2005-05-25 Logarithmic time range-based multifield-correlation packet classification

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/216,051 2002-08-08
US10/216,051 US7684400B2 (en) 2002-08-08 2002-08-08 Logarithmic time range-based multifield-correlation packet classification

Publications (2)

Publication Number Publication Date
WO2004015937A2 WO2004015937A2 (en) 2004-02-19
WO2004015937A3 true WO2004015937A3 (en) 2004-07-29

Family

ID=31494997

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2003/024346 WO2004015937A2 (en) 2002-08-08 2003-08-04 Logarithmic time range-based multifield-correlation packet classification

Country Status (6)

Country Link
US (1) US7684400B2 (en)
AU (1) AU2003261356A1 (en)
DE (1) DE10393053B4 (en)
GB (1) GB2408169B (en)
HK (1) HK1073026A1 (en)
WO (1) WO2004015937A2 (en)

Families Citing this family (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040177157A1 (en) * 2003-02-13 2004-09-09 Nortel Networks Limited Logical grouping of VPN tunnels
CN1275422C (en) * 2004-04-09 2006-09-13 华为技术有限公司 Method for strengthening accounting rules and operating in grouped data service
US7870565B2 (en) * 2005-06-30 2011-01-11 Intel Corporation Systems and methods for secure host resource management
EP2098077A2 (en) * 2006-11-15 2009-09-09 QUALCOMM Incorporated Systems and methods for applications using channel switch frames
US8806059B1 (en) * 2007-04-05 2014-08-12 Juniper Networks, Inc. Rule tree for network device
US7808990B2 (en) * 2008-07-25 2010-10-05 Samsung Electronics Co., Ltd. Method and system for data filtering for data packets
US8798057B1 (en) 2008-09-30 2014-08-05 Juniper Networks, Inc. Methods and apparatus to implement except condition during data packet classification
US8675648B1 (en) 2008-09-30 2014-03-18 Juniper Networks, Inc. Methods and apparatus for compression in packet classification
US7835357B2 (en) 2008-09-30 2010-11-16 Juniper Networks, Inc. Methods and apparatus for packet classification based on policy vectors
US7796541B1 (en) 2008-09-30 2010-09-14 Juniper Networks, Inc. Methods and apparatus for range matching during packet classification based on a linked-node structure
US7961734B2 (en) * 2008-09-30 2011-06-14 Juniper Networks, Inc. Methods and apparatus related to packet classification associated with a multi-stage switch
US7738454B1 (en) * 2008-09-30 2010-06-15 Juniper Networks, Inc. Methods and apparatus related to packet classification based on range values
US8804950B1 (en) 2008-09-30 2014-08-12 Juniper Networks, Inc. Methods and apparatus for producing a hash value based on a hash function
US8032660B2 (en) * 2008-12-30 2011-10-04 Intel Corporation Apparatus and method for managing subscription requests for a network interface component
US8488588B1 (en) 2008-12-31 2013-07-16 Juniper Networks, Inc. Methods and apparatus for indexing set bit values in a long vector associated with a switch fabric
US8111697B1 (en) 2008-12-31 2012-02-07 Juniper Networks, Inc. Methods and apparatus for packet classification based on multiple conditions
US7889741B1 (en) 2008-12-31 2011-02-15 Juniper Networks, Inc. Methods and apparatus for packet classification based on multiple conditions
US8064457B2 (en) * 2009-04-22 2011-11-22 Samsung Electronics Co., Ltd. System and method for filtering a data packet using a common filter
US8089966B2 (en) * 2009-04-22 2012-01-03 Samsung Electronics Co., Ltd. System and method for filtering a data packet using a combined filter
CN101888369B (en) * 2009-05-15 2013-04-03 北京启明星辰信息技术股份有限公司 Method and device for matching network message rules
US9282060B2 (en) 2010-12-15 2016-03-08 Juniper Networks, Inc. Methods and apparatus for dynamic resource management within a distributed control plane of a switch
US9426067B2 (en) * 2012-06-12 2016-08-23 International Business Machines Corporation Integrated switch for dynamic orchestration of traffic
US9137205B2 (en) 2012-10-22 2015-09-15 Centripetal Networks, Inc. Methods and systems for protecting a secured network
US9565213B2 (en) 2012-10-22 2017-02-07 Centripetal Networks, Inc. Methods and systems for protecting a secured network
US9203806B2 (en) 2013-01-11 2015-12-01 Centripetal Networks, Inc. Rule swapping in a packet network
US9124552B2 (en) 2013-03-12 2015-09-01 Centripetal Networks, Inc. Filtering network data transfers
US9094445B2 (en) 2013-03-15 2015-07-28 Centripetal Networks, Inc. Protecting networks from cyber attacks and overloading
US9264370B1 (en) 2015-02-10 2016-02-16 Centripetal Networks, Inc. Correlating packets in communications networks
US9866576B2 (en) 2015-04-17 2018-01-09 Centripetal Networks, Inc. Rule-based network-threat detection
US9917856B2 (en) 2015-12-23 2018-03-13 Centripetal Networks, Inc. Rule-based network-threat detection for encrypted communications
US11729144B2 (en) 2016-01-04 2023-08-15 Centripetal Networks, Llc Efficient packet capture for cyber threat analysis
US10503899B2 (en) 2017-07-10 2019-12-10 Centripetal Networks, Inc. Cyberanalysis workflow acceleration
US11233777B2 (en) 2017-07-24 2022-01-25 Centripetal Networks, Inc. Efficient SSL/TLS proxy
US10284526B2 (en) 2017-07-24 2019-05-07 Centripetal Networks, Inc. Efficient SSL/TLS proxy
US10333898B1 (en) 2018-07-09 2019-06-25 Centripetal Networks, Inc. Methods and systems for efficient network protection
US11362996B2 (en) 2020-10-27 2022-06-14 Centripetal Networks, Inc. Methods and systems for efficient adaptive logging of cyber threat incidents
US11159546B1 (en) 2021-04-20 2021-10-26 Centripetal Networks, Inc. Methods and systems for efficient threat context-aware packet filtering for network protection

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999059303A2 (en) * 1998-05-14 1999-11-18 Telia Ab (Publ) A communications network or an ip-network which incorporates a packet classifier
WO2001059702A1 (en) * 2000-02-08 2001-08-16 Xstream Logic, Inc. Wire-speed multi-dimensional packet classifier
EP1128609A2 (en) * 1999-12-13 2001-08-29 Ascend Communications, Inc. Packet classification engine
WO2001071982A1 (en) * 2000-03-20 2001-09-27 At & T Corp. Service selection in a shared access network using policy routing
EP1180882A2 (en) * 2000-08-17 2002-02-20 Nippon Telegraph and Telephone Corporation Packet classification search device and method
WO2002015469A2 (en) * 2000-08-14 2002-02-21 Advanced Micro Devices, Inc. Apparatus and method for packet classification
WO2002015521A1 (en) * 2000-08-17 2002-02-21 Redback Networks Inc. Methods and apparatus for packet classification with multi-level data structure
EP1227630A2 (en) * 2001-01-26 2002-07-31 Broadcom Corporation Method, system and computer program product for classifying packet flows with a bit mask

Family Cites Families (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6041053A (en) * 1997-09-18 2000-03-21 Microsfot Corporation Technique for efficiently classifying packets using a trie-indexed hierarchy forest that accommodates wildcards
US5956721A (en) * 1997-09-19 1999-09-21 Microsoft Corporation Method and computer program product for classifying network communication packets processed in a network stack
US6341130B1 (en) * 1998-02-09 2002-01-22 Lucent Technologies, Inc. Packet classification method and apparatus employing two fields
US6289013B1 (en) 1998-02-09 2001-09-11 Lucent Technologies, Inc. Packet filter method and apparatus employing reduced memory
US6522632B1 (en) * 1998-05-06 2003-02-18 Avici Systems Apparatus and method for efficient prefix search
US6157955A (en) * 1998-06-15 2000-12-05 Intel Corporation Packet processing system including a policy engine having a classification unit
US6691168B1 (en) * 1998-12-31 2004-02-10 Pmc-Sierra Method and apparatus for high-speed network rule processing
US6594268B1 (en) * 1999-03-11 2003-07-15 Lucent Technologies Inc. Adaptive routing system and method for QOS packet networks
US6798788B1 (en) * 1999-11-24 2004-09-28 Advanced Micro Devices, Inc. Arrangement determining policies for layer 3 frame fragments in a network switch
US7039641B2 (en) * 2000-02-24 2006-05-02 Lucent Technologies Inc. Modular packet classification
TW498650B (en) 2000-03-22 2002-08-11 Ind Tech Res Inst Flexible and highly efficient packet classification method
WO2002015488A1 (en) 2000-08-17 2002-02-21 Redback Networks Inc. Methods and apparatus for packet classification with multiple answer sets
EP1211610A1 (en) * 2000-11-29 2002-06-05 Lafayette Software Inc. Methods of organising data and processing queries in a database system
US6680916B2 (en) * 2001-01-22 2004-01-20 Tut Systems, Inc. Method for using a balanced tree as a base for a routing table
CN100367730C (en) * 2001-02-14 2008-02-06 克利尔斯皮德科技有限公司 Interconnection system
US7170891B2 (en) * 2001-08-30 2007-01-30 Messenger Terabit Networks, Inc. High speed data classification system
US7386525B2 (en) * 2001-09-21 2008-06-10 Stonesoft Corporation Data packet filtering
US7899067B2 (en) * 2002-05-31 2011-03-01 Cisco Technology, Inc. Method and apparatus for generating and using enhanced tree bitmap data structures in determining a longest prefix match
US7444318B2 (en) * 2002-07-03 2008-10-28 University Of Florida Research Foundation, Inc. Prefix partitioning methods for dynamic router tables
US7508825B2 (en) * 2002-08-05 2009-03-24 Intel Corporation Data packet classification
US7554980B1 (en) * 2002-10-18 2009-06-30 Alcatel Lucent Packet classification using relevance scoring
US7382777B2 (en) * 2003-06-17 2008-06-03 International Business Machines Corporation Method for implementing actions based on packet classification and lookup results
US7317723B1 (en) * 2004-02-03 2008-01-08 Cisco Technology, Inc. Action based termination of multidimensional lookup

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999059303A2 (en) * 1998-05-14 1999-11-18 Telia Ab (Publ) A communications network or an ip-network which incorporates a packet classifier
EP1128609A2 (en) * 1999-12-13 2001-08-29 Ascend Communications, Inc. Packet classification engine
WO2001059702A1 (en) * 2000-02-08 2001-08-16 Xstream Logic, Inc. Wire-speed multi-dimensional packet classifier
WO2001071982A1 (en) * 2000-03-20 2001-09-27 At & T Corp. Service selection in a shared access network using policy routing
WO2002015469A2 (en) * 2000-08-14 2002-02-21 Advanced Micro Devices, Inc. Apparatus and method for packet classification
EP1180882A2 (en) * 2000-08-17 2002-02-20 Nippon Telegraph and Telephone Corporation Packet classification search device and method
WO2002015521A1 (en) * 2000-08-17 2002-02-21 Redback Networks Inc. Methods and apparatus for packet classification with multi-level data structure
EP1227630A2 (en) * 2001-01-26 2002-07-31 Broadcom Corporation Method, system and computer program product for classifying packet flows with a bit mask

Also Published As

Publication number Publication date
GB2408169A (en) 2005-05-18
US7684400B2 (en) 2010-03-23
DE10393053T5 (en) 2005-08-25
GB0502953D0 (en) 2005-03-16
HK1073026A1 (en) 2005-09-16
AU2003261356A1 (en) 2004-02-25
WO2004015937A2 (en) 2004-02-19
US20040028046A1 (en) 2004-02-12
GB2408169B (en) 2007-02-28
DE10393053B4 (en) 2009-05-07

Similar Documents

Publication Publication Date Title
WO2004015937A3 (en) Logarithmic time range-based multifield-correlation packet classification
WO2005041503A3 (en) Method and apparatus for two-stage packet classification using most specific filter matching and transport level sharing
AU2002333283A1 (en) Selective herbicides based on substituted cyclic keto-enols and safeners
AU2003294251A1 (en) Server resource management, analysis, and intrusion negation
WO2001047186A3 (en) Bandwidth management system
CA2541478A1 (en) Dynamically balanced cutting tool system
WO2007019349A3 (en) Systems and methods for dynamically learning network environments to achieve adaptive security
AU2003255263A1 (en) Mobile ad-hoc network with intrusion detection features and related methods
AU2003268073A1 (en) Mobile ad-hoc network with intrusion detection features and related methods
AU2003270394A1 (en) Network-based portfolio management and risk-analysis
WO2004112333A8 (en) Method and apparatus for packet classification and rewriting
AU2003224322A1 (en) Bandwidth management in a wireless network
WO2007089217A3 (en) Network discovery mechanisms
AU2003300897A1 (en) Electronic credentials verification and management system
AU2002343432A1 (en) Credential management and network querying
AU2003290767A1 (en) Attestation using both fixed token and portable token
DE602004013049D1 (en) AT THE SAME TIME WITH SEVERAL MOBILE STATIONS THROUGH THE USE OF ROOM MULTIPLEX MULTIPLE ACCESS (SDMA) COMMUNICATING WIRELESS ACCESS POINT
WO2004019491A3 (en) Circuit consisting of a filter stage and a balancing structural member
AU2003293057A1 (en) Network architecture, addressing and routing
AU6179800A (en) Education/training management system, training management computer, class attendee terminal device, manager terminal device, education/training management method
AU2003208013A1 (en) Network device management method, network device management program, and network control apparatus
EP1487220A4 (en) Position information providing method and position information providing system
AU2003238625A1 (en) Distribution of user or terminal specific information in a local network
WO2004034627A3 (en) System and method for buffer management in a packet-based network
AU2003283696A1 (en) Transformation structures for approximating color matching functions

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref document number: 0502953

Country of ref document: GB

Kind code of ref document: A

Free format text: PCT FILING DATE = 20030804

RET De translation (de og part 6b)

Ref document number: 10393053

Country of ref document: DE

Date of ref document: 20050825

Kind code of ref document: P

WWE Wipo information: entry into national phase

Ref document number: 10393053

Country of ref document: DE

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Ref document number: JP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8607