Hardware acceleration architecture for signature matching applications for deep packet inspection
US-10091074-B2 · Oct 2, 2018 · US
Monitoring network traffic to determine similar content
US10977252B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10977252-B2 |
| Application number | US-201916595029-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 7, 2019 |
| Priority date | May 9, 2016 |
| Publication date | Apr 13, 2021 |
| Grant date | Apr 13, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In an embodiment, a method monitors a plurality of data streams passing through a router in the connectivity service provider environment, and for each of the data streams, periodically samples packets at the router. The method further generates a stream signature based at least on the payload of the sampled packets. The method further includes, for each generated stream signature, attaching information to the stream signature. Such information may, for example, include time-stamp information for the stream signature, or an identification of the router. The method may further comprise storing the stream signatures corresponding to the data streams in a database. The stored stream signatures may be compared to determine matching stream signatures. Matching signatures may identify data streams that carry identical or similar content.
First claim
Opening claim text (preview).
What is claimed is: 1. A system comprising: at least one processor; and memory storing instructions that, when executed by the at least one processor, causes the system to perform a set of operations, the set of operations comprising: monitoring a plurality of data streams relayed through a plurality of routers in a connectivity service provider environment; sampling packets of a first data stream received at a first router of the plurality of routers based on a determination that the first data stream is one of a predetermined number of data streams with highest data rates among the plurality of data streams; filtering the sampled packets to exclude at least one packet based on a determination that the at least one packet does not change a stream signature for the first data stream; generating the stream signature based at least on the filtered packets, the stream signature comprising an identification of the first router at which the sampled packets were received; determining, based at least in part on the stream signature and the identification of the router, that the first data stream is similar to a second data stream relayed through a second router different than the first router; and rerouting, based on the determining, at least the first data stream within the connectivity service provider environment causing the first data stream to be relayed using the second router instead of the first router. 2. The system of claim 1 , wherein the stream signature is generated further based at least on a source address and a destination address of at least one packet of the filtered packets. 3. The system of claim 1 , wherein the stream signature is generated without parsing a payload of the filtered packets. 4. The system of claim 1 , wherein the stream signature is generated further based on statistical information about the first data stream comprising at least one of: mean of data rate; variance of data rate; skewness of data rate; minimum data rate; or maximum data rate. 5. The system of claim 1 , wherein the first data stream is sampled according to a predetermined time interval, and wherein the first data stream is sampled for a predetermined time period. 6. A method for identifying similar data streams in a connectivity service provider environment, the method comprising: monitoring a plurality of data streams relayed through a plurality of routers in a connectivity service provider environment; sampling packets of a first data stream received at a first router of the plurality of routers based on a determination that the first data stream is one of a predetermined number of data streams with highest data rates among the plurality of data streams; filtering the sampled packets to exclude at least one packet based on a determination that the at least one packet does not change a stream signature for the first data stream; generating the stream signature based at least on the filtered packets, the stream signature comprising an identification of the first router at which the sampled packets were received; determining, based at least in part on the stream signature and the identification of the router, that the first data stream is similar to a second data stream relayed through a second router different than the first router; and rerouting, based on the determining, at least the first data stream within the connectivity service provider environment causing the first data stream to be relayed using the second router instead of the first router. 7. The method of claim 6 , wherein the stream signature is generated further based at least on a source address and a destination address of at least one packet of the filtered packets. 8. The method of claim 6 , wherein the stream signature is generated without parsing a payload of the filtered packets. 9. The method of claim 6 , wherein the stream signature is generated further based on statistical information about the first data stream comprising at least one of: mean of data rate; variance of data rate; skewness of data rate; minimum data rate; or maximum data rate. 10. The method of claim 6 , wherein the first data stream is sampled according to a predetermined time interval, and wherein the first data stream is sampled for a predetermined time period.
Assignees
Inventors
Classifications
involving identification of individual flows · CPC title
by sampling · CPC title
Packet rate · CPC title
Clustering or classification · CPC title
by tagging of packets, e.g. using discard eligibility [DE] bits · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10977252B2 cover?
- In an embodiment, a method monitors a plurality of data streams passing through a router in the connectivity service provider environment, and for each of the data streams, periodically samples packets at the router. The method further generates a stream signature based at least on the payload of the sampled packets. The method further includes, for each generated stream signature, attaching in…
- Who is the assignee on this patent?
- Level 3 Communications Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F16/24568. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 13 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).