关键词: 移动网络数据, DPI, 缓存命中, 五元组, 协议特征标记

Abstract:

The rapid growth of data services in mobile network brings not only convenience and benefits,but also lots of security risks.In order to purify the mobile network environment and mining the potential value of network data,more and more operators use DPI(Deep Packet Inspection) systems on mobile data traffic to supervise the network data.However,facing high speed network data,DPI systems have a poor performance.In order to improve the efficiency of DPI processing in high speed network data,this paper proposes a new method of pretreatment based on the cache hit.The five-tuple of the data packets used as the key and the connection with the protocol mark used as the value,create the hash structure cache.Before arrival packets entering the DPI process,search their key-value pairs in the cache.If the key-value pair is found,mark the packet identified.By avoiding pattern matching processing of some data packets,the DPI processing pressure is reduced,and the throughput of the system if improved.Experiments show that this method effectively enhance the efficiency of the analysis of mobile network data.The method is feasible and can be recommended.

Key words: mobile network data, DPI, cache hit, five-tuple, protocol mark