Abstract: The present invention relates to a protocol type identification method and apparatus. The method includes: acquiring a data packet transmitted on a connection that is established between a user terminal and a server; if multidimensional user information corresponding to the user terminal exists in a multidimensional user information table, performing, according to information that is identified by the found multidimensional user information and about all connections that are currently established by the user terminal, multidimensional user information based protocol type identification on the connection; and if the multidimensional user information corresponding to the user terminal is not found, performing, according to a packet characteristic of the data packet, data flow based protocol type identification on the connection on which the data packet is transmitted.

Abstract: A signature rule processing method, a server, and an intrusion prevention system is provided. The method includes: performing, by a cloud server, correlation analysis on signature rule usage status information of each security device connected to the cloud server and a latest signature rule set published by the cloud server, to obtain a most active threat signature rule identification list, and sending, by the cloud server, update information to each security device to update a signature rule after generating the update information according to the most active threat signature rule identification list. The present invention is applicable to the field of network security systems.

Abstract: The present invention relates to a protocol type identification method and apparatus. The method includes: acquiring a data packet transmitted on a connection that is established between a user terminal and a server; if multidimensional user information corresponding to the user terminal exists in a multidimensional user information table, performing, according to information that is identified by the found multidimensional user information and about all connections that are currently established by the user terminal, multidimensional user information based protocol type identification on the connection; and if the multidimensional user information corresponding to the user terminal is not found, performing, according to a packet characteristic of the data packet, data flow based protocol type identification on the connection on which the data packet is transmitted.

Abstract: A signature rule processing method, a server, and an intrusion prevention system is provided. The method includes: performing, by a cloud server, correlation analysis on signature rule usage status information of each security device connected to the cloud server and a latest signature rule set published by the cloud server, to obtain a most active threat signature rule identification list, and sending, by the cloud server, update information to each security device to update a signature rule after generating the update information according to the most active threat signature rule identification list. The present invention is applicable to the field of network security systems.

Abstract: A signature rule processing method, a server, and an intrusion prevention system is provided. The method includes: performing, by a cloud server, correlation analysis on signature rule usage status information of each security device connected to the cloud server and a latest signature rule set published by the cloud server, to obtain a most active threat signature rule identification list, and sending, by the cloud server, update information to each security device to update a signature rule after generating the update information according to the most active threat signature rule identification list. The present invention is applicable to the field of network security systems.

Abstract: A signature rule processing method, a server, and an intrusion prevention system is provided. The method includes: performing, by a cloud server, correlation analysis on signature rule usage status information of each security device connected to the cloud server and a latest signature rule set published by the cloud server, to obtain a most active threat signature rule identification list, and sending, by the cloud server, update information to each security device to update a signature rule after generating the update information according to the most active threat signature rule identification list. The present invention is applicable to the field of network security systems.

Abstract: A method for identifying a Stream Control Transmission Protocol (SCTP) packet is provided, which includes: acquiring a feature tuple of a received SCTP packet, in which the feature tuple includes at least one piece of the following information: a source Internet Protocol (IP) address, a destination IP address, and a verification tag (V_tag); matching the acquired feature tuple of the SCTP packet with a SCTP tuple identification table, in which the SCTP tuple identification table includes a mapping relation between a feature set tuple and an SCTP association, and the feature set tuple includes at least one piece of the following information: a source IP address set, a destination IP address set, and the V_tag; and acquiring an SCTP association to which the SCTP packet belongs, if the acquired feature tuple of the SCTP packet matches one or more records of the SCTP tuple identification table.

Abstract: The embodiments of the present invention disclose a method, an apparatus and a system for bandwidth control, wherein the method comprises: acquiring and identifying a HTTP request message of a stream media-on-demand service, and forwarding the HTTP request message of the stream media-on-demand service to a media server; receiving a HTTP response message which is returned from the media server and corresponds to the HTTP request message of the stream media-on-demand service; parsing the HTTP response message, and obtaining a playback bit-rate of a stream media file to be transmitted; determining a transmission bandwidth allocated practically for the stream media-on-demand service according to comparison result between the playback bit-rate and a user subscription bandwidth allocated initially for the stream media-on-demand service; and controlling the transmission of the stream media file by adopting the determined transmission bandwidth.

Abstract: A method for identifying a Stream Control Transmission Protocol (SCTP) packet is provided, which includes: acquiring a feature tuple of a received SCTP packet, in which the feature tuple includes at least one piece of the following information: a source Internet Protocol (IP) address, a destination IP address, and a verification tag (V_tag); matching the acquired feature tuple of the SCTP packet with a SCTP tuple identification table, in which the SCTP tuple identification table includes a mapping relation between a feature set tuple and an SCTP association, and the feature set tuple includes at least one piece of the following information: a source IP address set, a destination IP address set, and the V_tag; and acquiring an SCTP association to which the SCTP packet belongs, if the acquired feature tuple of the SCTP packet matches one or more records of the SCTP tuple identification table.

Abstract: A network capable of M3UA-based networking, an apparatus, and a message transfer method are disclosed herein. The network includes: an IPSTP, configured to: perform signaling interworking with an IPSEP and/or other IPSTPs in the network, and maintain routes dynamically; and an IPSEP, configured to perform signaling interworking with the IPSTP.

Abstract: The invention discloses a method for reducing service loss in interworking between SS7 signaling network and M3UA. In the method, when state of an M3UA ASP-related signaling point changes, the SS7 signaling network may be notified by using messages defined in existing protocols or other messages. Thus, when performing service interworking with M3UA, the SS7 signaling network determines whether service interaction may be performed with M3UA in accordance with the state of current ASP-related signaling point. If the current ASP-related signaling point is unavailable, the SS7 signaling network will not perform service interaction. As a result, the service loss in interworking between SS7 signaling network and M3UA may be reduced without any affect on the normal service interworking between SS7 signaling network and M3UA. In addition, the method may conform to existing protocol standards, and implemented in a simple and easy way.

Abstract: The invention discloses a method for reducing service loss in interworking between SS7 signaling network and M3UA. In the method, when state of an M3UA ASP-related signaling point changes, the SS7 signaling network may be notified by using messages defined in existing protocols or other messages. Thus, when performing service interworking with M3UA, the SS7 signaling network determines whether service interaction may be performed with M3UA in accordance with the state of current ASP-related signaling point. If the current ASP-related signaling point is unavailable, the SS7 signaling network will not perform service interaction. As a result, the service loss in interworking between SS7 signaling network and M3UA may be reduced without any affect on the normal service interworking between SS7 signaling network and M3UA. In addition, the method may conform to existing protocol standards, and implemented in a simple and easy way.