Packet logging
US-2017163670-A1 · Jun 8, 2017 · US
Method and system for extracting access control list
US9894074B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9894074-B2 |
| Application number | US-201514693782-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 22, 2015 |
| Priority date | Jul 3, 2014 |
| Publication date | Feb 13, 2018 |
| Grant date | Feb 13, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method and system for extracting an access control list having a predetermined format from packets collected for a predetermined period of time, without requiring TCP flag information. By an information collection unit, network packets and network traffic logs are collected. By the information collection unit, a network traffic log including Media Access Control (MAC), Internet Protocol (IP), and port information is extracted from each network packet. By an information analysis unit, an access control list is generated based on the network traffic log.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for extracting an access control list, comprising: collecting, by an information collection unit, network packets and network traffic logs; extracting, by the information collection unit, a network traffic log including Media Access Control (MAC), Internet Protocol (IP), and port information from each network packet; and generating, by an information analysis unit, an access control list based on the network traffic log, wherein the access control list includes one or more of an access control list related to a MAC protocol, an access control list related to an IP, and an access control list related to a port protocol, and wherein when the access control list is the access control list related to the port protocol, generating the access control list comprises: generating the access control list using a rate of ports used; and supplementing the generated access control list by determining that port1 of an IP address 1 (IP1) is a static port and/or a port of each IP address 2 (IP2) is a static port and modifying the access control list based on determining that port1 of the IP1 is a static port and/or a port of each IP2 is a static port. 2. The method of claim 1 , wherein when the access control list is the access control list related to the MAC protocol, generating the access control list comprises: extracting an item corresponding to the MAC protocol from a log set that is a set of the network traffic logs; and including the item in the access control list. 3. The method of claim 2 , wherein the item includes a source MAC address, a protocol, and a destination MAC address. 4. The method of claim 1 , wherein when the access control list is the access control list related to the IP, generating the access control list comprises: extracting an item corresponding to the IP from a log set that is a set of the network traffic logs; and including the item in the access control list. 5. The method of claim 4 , wherein the item includes a source MAC address, a source IP address, a protocol, a destination MAC address, and a destination IP address. 6. The method of claim 1 , wherein generating the access control list using the rate of ports used comprises, if, for each IP2 that communicates with an IP address and port number (IP1, port1), a number of ports used by the IP2 is greater than a preset value, determining that the port1 of the IP1 is a static port and a port of the IP2 is not a static port, thus enabling the access control list to be generated. 7. A system for extracting an access control list, comprising: an information collection unit for collecting network packets and network traffic logs, and extracting a network traffic log including Media Access Control (MAC), Internet Protocol (IP), and port information from each network packet; and an information analysis unit for generating an access control list based on the network traffic log, wherein the access control list includes one or more of an access control list related to a MAC protocol, an access control list related to an IP, and an access control list related to a port protocol, and wherein when the access control list is the access control list related to the port protocol, the information analysis unit generates the access control list using a rate of ports used, and supplements the generated access control list by determining that port1 of an IP address 1 (IP1) is a static port and/or a port of each IP address 2 (IP2) is a static port and modifying the access control list based on determining that a port1 of IP1 is a static port and/or a port of each IP2 is a static port. 8. The system of claim 7 , wherein when the access control list is the access control list related to the MAC protocol, the information analysis unit is configured to extract an item corresponding to the MAC protocol from a log set that is a set of the network traffic logs and include the item in the access control list. 9. The system of claim 8 , wherein the item includes a source MAC address, a protocol, and a destination MAC address. 10. The system of claim 7 , wherein when the access control list is the access control list related to the IP, the information analysis unit extracts an item corresponding, to the IP from a log set that is a set of the network traffic logs, and includes the item in the access control list. 11. The system of claim 10 , wherein the item includes a source MAC address, a source IP address, a protocol, a destination MAC address, and a destination IP address. 12. The system of claim 7 , wherein the information analysis unit is configured such that, upon generating the access control list using the rate of ports used, if, for each IP2 that communicates with an IP address and port number (IP1, port1), a number of ports used by the IP2 is greater than a preset value, it is determined that the port1 of the IP1 is a static port and a port of the IP2 is not a static port, thus enabling the access control list to be generated.
Assignees
Inventors
Classifications
- H04L63/101Primary
Access control lists [ACL] · CPC title
Filtering by address, protocol, port number or service, e.g. IP-address or URL · CPC title
at the data link layer · CPC title
Arrangements for monitoring or testing data switching networks · CPC title
Electricity · mapped topic
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9894074B2 cover?
- A method and system for extracting an access control list having a predetermined format from packets collected for a predetermined period of time, without requiring TCP flag information. By an information collection unit, network packets and network traffic logs are collected. By the information collection unit, a network traffic log including Media Access Control (MAC), Internet Protocol (IP),…
- Who is the assignee on this patent?
- Electronics & Telecommunications Res Inst
- What technology area does this patent fall under?
- Primary CPC classification H04L63/101. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 13 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).