| 发明名称 | Packet capture deep packet inspection sensor | ||
| 摘要 | Systems and processes for filtering network traffic. In one example, an event based flow record aging process may be used to identify flow records to be removed from memory to provide space for newer flow records. In this example, a new incoming network packet may trigger a determination of the flow record to be removed from memory based on the hardware time stamps of the flow records stored in memory. Determining aging flow records in this way may advantageously reduce the amount of computer resources required to manage flow record aging when compared to traditional techniques that require keeping a timer and periodically performing a cleanup process to check the freshness date of each flow record. | ||
| 申请公布号 | US9154461(B2) | 申请公布日期 | 2015.10.06 |
| 申请号 | US201313895666 | 申请日期 | 2013.05.16 |
| 申请人 | THE KEYW CORPORATION | 发明人 | Fraize John;Covell Darrell;Williams Thomas;Tomanek Stephanie |
| 分类号 | H04L29/06;H04L12/851;H04L12/801 | 主分类号 | H04L29/06 |
| 代理机构 | Morrison & Foerster LLP | 代理人 | Morrison & Foerster LLP |
| 主权项 | 1. A computer-implemented method for filtering network traffic, the method comprising: receiving a network packet; identifying a flow record associated with the received network packet in a flow table; if the identified flow record is flagged for forwarding, transmitting the packet; and if the identified flow record is not flagged for forwarding: determining whether the packet matches a packet profile;if the packet does not match the packet profile, appending the received packet to a list of packets associated with the identified flow record; andif the packet matches the packet profile, transmitting a set of packets on the list of packets associated with the identified flow record and flagging the identified flow record for forwarding. | ||
| 地址 | Hanover MD US | ||