Fakitin Fakitin Sadarwar Sadarwar Aikace-aikacen Ganewa Bisa DPI - Duban Fakitin Zurfi

Duban Fakiti mai zurfi (DPI)fasaha ce da ake amfani da ita a cikin Network Packet Brokers (NPBs) don dubawa da kuma nazarin abubuwan da ke cikin fakitin cibiyar sadarwa a matakin granular. Ya ƙunshi bincika nauyin biyan kuɗi, masu kai, da sauran ƙayyadaddun ƙayyadaddun bayanai a cikin fakiti don samun cikakkun bayanai game da zirga-zirgar hanyar sadarwa.

DPI ya wuce bincike mai sauƙi kuma yana ba da zurfin fahimtar bayanan da ke gudana ta hanyar hanyar sadarwa. Yana ba da damar zurfafa bincike na ƙa'idodin Layer na aikace-aikacen, kamar HTTP, FTP, SMTP, VoIP, ko ka'idojin yawo na bidiyo. Ta hanyar nazarin ainihin abun ciki a cikin fakiti, DPI na iya ganowa da gano takamaiman aikace-aikace, ladabi, ko ma takamaiman tsarin bayanai.

Bugu da ƙari ga nazarin matsayi na adiresoshin tushe, adiresoshin manufa, tashar jiragen ruwa, tashar jiragen ruwa, da nau'in yarjejeniya, DPI kuma tana ƙara nazarin aikace-aikace don gano aikace-aikace daban-daban da abubuwan da ke cikin su. Lokacin da fakitin 1P, TCP ko UDP bayanan ke gudana ta hanyar tsarin sarrafa bandwidth dangane da fasahar DPI, tsarin yana karanta abubuwan da ke cikin fakitin fakitin 1P don sake tsara bayanan Layer na aikace-aikacen a cikin ka'idar OSI Layer 7, don samun abun ciki na duk shirye-shiryen aikace-aikacen, sa'an nan kuma tsara zirga-zirga bisa ga manufofin gudanarwa da tsarin ya bayyana.

Ta yaya DPI ke aiki?

Wuraren wuta na gargajiya sau da yawa ba su da ikon sarrafawa don yin cikakken bincike na lokaci-lokaci kan ɗimbin cunkoso. Yayin da fasaha ke ci gaba, ana iya amfani da DPI don yin ƙarin hadaddun cak don duba masu kai da bayanai. Yawanci, bangon wuta tare da tsarin gano kutse galibi suna amfani da DPI. A cikin duniyar da bayanan dijital ke da mahimmanci, kowane yanki na bayanan dijital ana isar da su ta Intanet a cikin ƙananan fakiti. Wannan ya haɗa da imel, saƙonnin da aka aika ta app, gidajen yanar gizon da aka ziyarta, tattaunawar bidiyo, da ƙari. Baya ga ainihin bayanan, waɗannan fakitin sun haɗa da metadata waɗanda ke gano tushen zirga-zirga, abun ciki, makoma, da sauran mahimman bayanai. Tare da fasahar tace fakiti, ana iya ci gaba da lura da bayanai da sarrafa su don tabbatar da isar da su zuwa wurin da ya dace. Amma don tabbatar da tsaro na cibiyar sadarwa, tacewa fakitin gargajiya ya yi nisa. Wasu daga cikin manyan hanyoyin duba fakiti mai zurfi a cikin sarrafa hanyar sadarwa an jera su a ƙasa:

Yanayin Daidaitawa/Sa hannu

Ana duba kowace fakiti don daidaitawa da bayanan sanannun hare-haren hanyar sadarwa ta hanyar wuta tare da ikon gano kutse (IDS). IDS yana neman sanannun ƙirar ƙira kuma yana hana zirga-zirga lokacin da aka sami saɓo mara kyau. Rashin lahani na manufar daidaita sa hannu shine cewa ya shafi sa hannun sa hannu waɗanda ake sabuntawa akai-akai. Bugu da kari, wannan fasaha za ta iya kare kawai daga sanannun barazana ko hare-hare.

DPI

Banda Protocol

Tunda dabarar keɓancewar yarjejeniya ba ta ƙyale duk bayanan da bai dace da bayanan sa hannu kawai ba, dabarar keɓancewar ƙa'idar da IDS Tacewar zaɓi ke amfani da ita ba ta da lahani na asali/hanyar daidaita sa hannu. Madadin haka, yana ɗaukar tsarin kin amincewa da tsoho. Ta hanyar ma'anar yarjejeniya, firewalls suna yanke shawarar abin da ya kamata a ba da izinin zirga-zirga da kuma kare hanyar sadarwa daga barazanar da ba a sani ba.

Tsarin Rigakafin Kutse (IPS)

Maganin IPS na iya toshe watsa fakiti masu cutarwa dangane da abubuwan da ke cikin su, don haka dakatar da hare-haren da ake zargi a ainihin lokacin. Wannan yana nufin cewa idan fakitin yana wakiltar sanannen haɗarin tsaro, IPS za ta toshe zirga-zirgar hanyar sadarwa a hankali bisa ƙayyadadden ƙayyadaddun dokoki. Ɗayan rashin lahani na IPS shine buƙatar sabunta bayanan barazanar yanar gizo akai-akai tare da cikakkun bayanai game da sababbin barazanar, da yuwuwar abubuwan da suka dace. Amma ana iya rage wannan haɗari ta hanyar ƙirƙirar manufofi masu ra'ayin mazan jiya da ƙofofin al'ada, kafa ɗabi'a mai dacewa don abubuwan haɗin yanar gizo, da kimanta gargaɗi lokaci-lokaci da abubuwan da suka faru don haɓaka sa ido da faɗakarwa.

1- The DPI (Deep Packet Inspection) a cikin Network Packet Broker

The "zurfi" matakin ne da kwatancen fakiti na yau da kullun, "duba fakiti na yau da kullun" kawai bincike mai zuwa na Layer 4 na fakitin IP, gami da adireshin tushen, adireshin makoma, tashar tashar ruwa, tashar tashar jiragen ruwa da nau'in yarjejeniya, da DPI sai dai tare da matsayi na matsayi. bincike, kuma ya ƙãra binciken Layer na aikace-aikacen, gano nau'ikan aikace-aikace da abun ciki, don gane manyan ayyuka:

1) Binciken Aikace-aikacen -- Binciken abun da ke ciki na hanyar sadarwa, nazarin aiki, da nazarin kwarara

2) Binciken Mai amfani -- bambance-bambancen rukunin masu amfani, nazarin ɗabi'a, bincike na ƙarshe, nazarin yanayin, da sauransu.

3) Analysis Element Element -- bincike dangane da halayen yanki (birni, gunduma, titi, da sauransu) da nauyin tashar tushe.

4) Gudanar da zirga-zirga -- Iyakantaccen saurin P2P, Tabbacin QoS, tabbacin bandwidth, inganta albarkatun cibiyar sadarwa, da sauransu.

5) Tabbacin Tsaro -- hare-haren DDoS, guguwar watsa bayanai, rigakafin hare-haren ƙwayoyin cuta, da dai sauransu.

2- Gabaɗaya Rarraba Aikace-aikacen Sadarwar Sadarwa

A yau akwai aikace-aikace marasa adadi akan Intanet, amma aikace-aikacen gidan yanar gizo na gama gari na iya ƙarewa.

Kamar yadda na sani, mafi kyawun kamfanin gane app shine Huawei, wanda ke ikirarin gane apps 4,000. Binciken yarjejeniya shine ainihin tsarin na yawancin kamfanonin wuta (Huawei, ZTE, da dai sauransu), kuma yana da mahimmanci mai mahimmanci, yana tallafawa fahimtar sauran nau'o'in aiki, ingantaccen ganewar aikace-aikacen, da kuma inganta aiki da amincin samfurori. A cikin yin ƙirar ƙirar malware dangane da halayen zirga-zirgar hanyar sadarwa, kamar yadda nake yi a yanzu, daidaitattun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun tsari shima yana da mahimmanci. Ban da zirga-zirgar hanyar sadarwa na aikace-aikacen gama gari daga zirga-zirgar fitarwa na kamfanin, sauran zirga-zirgar zirga-zirgar za su yi la'akari da ƙaramin rabo, wanda ya fi dacewa don bincika malware da ƙararrawa.

Dangane da gogewa na, aikace-aikacen da aka saba amfani da su ana rarraba su gwargwadon ayyukansu:

PS: Dangane da fahimtar sirri na rarraba aikace-aikacen, kuna da kowane shawarwari masu kyau maraba don barin tsarin saƙo

1). Imel

2). Bidiyo

3). Wasanni

4). Babban darajar OA

5). Sabunta software

6). Financial (Banki, Alipay)

7). Hannun jari

8). Sadarwar Jama'a (IM software)

9). Binciken Yanar Gizo (wataƙila an fi gano shi da URLs)

10). Zazzage kayan aikin (faifan yanar gizo, zazzagewar P2P, masu alaƙa da BT)

20191210153150_32811

Sannan, yadda DPI (Deep Packet Inspection) ke aiki a cikin NPB:

1). Ɗaukar Fakiti: NPB tana ɗaukar zirga-zirgar hanyar sadarwa daga maɓuɓɓuka daban-daban, kamar su sauya, na'urori, ko famfo. Yana karɓar fakiti masu gudana ta hanyar hanyar sadarwa.

2). Fakitin Parsing: NPB ne ke rarraba fakitin da aka kama don fitar da yadudduka daban-daban da bayanai masu alaƙa. Wannan tsarin tantancewa yana taimakawa gano sassa daban-daban a cikin fakitin, kamar masu kai na Ethernet, masu kai na IP, masu kai na kai (misali, TCP ko UDP), da ka'idojin Layer na aikace-aikace.

3). Analysis na Biyan Kuɗi: Tare da DPI, NPB ya wuce binciken kai kuma yana mai da hankali kan nauyin biyan kuɗi, gami da ainihin bayanan da ke cikin fakiti. Yana bincika zurfin abun ciki na biyan kuɗi, ba tare da la'akari da aikace-aikacen ko ƙa'idar da aka yi amfani da ita ba, don fitar da bayanan da suka dace.

4). Identification Protocol: DPI yana baiwa NPB damar gano takamaiman ƙa'idodi da aikace-aikacen da ake amfani da su a cikin zirga-zirgar hanyar sadarwa. Yana iya ganowa da rarraba ladabi kamar HTTP, FTP, SMTP, DNS, VoIP, ko ka'idojin yawo na bidiyo.

5). Binciken Abun ciki: DPI tana ba NPB damar bincika abubuwan fakiti don takamaiman alamu, sa hannu, ko kalmomi. Wannan yana ba da damar gano barazanar hanyar sadarwa, kamar malware, ƙwayoyin cuta, yunƙurin kutse, ko ayyukan da ake tuhuma. Hakanan za'a iya amfani da DPI don tace abun ciki, aiwatar da manufofin hanyar sadarwa, ko gano take hakki na bayanai.

6). Haɗin Metadata: Yayin DPI, NPB tana fitar da metadata masu dacewa daga fakiti. Wannan na iya haɗawa da bayanai kamar tushe da adiresoshin IP masu zuwa, lambobin tashar jiragen ruwa, cikakkun bayanan zaman, bayanan mu'amala, ko duk wani halayen da suka dace.

7). Hanyar Hanya ko Tacewa: Dangane da binciken DPI, NPB na iya tura takamaiman fakiti zuwa wuraren da aka keɓe don ƙarin aiki, kamar na'urorin tsaro, kayan aikin sa ido, ko dandamali na nazari. Hakanan yana iya amfani da ƙa'idodin tacewa don jefar ko tura fakiti bisa ga gano abun ciki ko alamu.

ML-NPB-5660 3d


Lokacin aikawa: Juni-25-2023