公开(公告)号：US20160080236A1

公开(公告)日：2016-03-17

申请号：US14485644

申请日：2014-09-12

Applicant: Cisco Technology, Inc.

Inventor： Ivan Nikolaev ,  Martin Grill ,  Jan Jusko

IPC: H04L12/26 ,  H04L12/24

CPC classification number: H04L43/026 ,  H04L63/14

Abstract: Detecting network services based on network flow data is disclosed. Using a networking device, network flow data is obtained for a plurality of endpoints of a telecommunications network. Each endpoint of the plurality of endpoints is uniquely described by data comprising an IP address, a port, and a communication protocol. For each endpoint of a set of at least one endpoint selected from the plurality of endpoints, a plurality of peers of the endpoint is determined by detecting communication between the endpoint and the plurality of peers based on the network flow data. For each peer of a set of peers selected from the plurality of peers, a difference between a number of peers of the endpoint and a number of peers of said each peer is determined based on the network flow data. It is determined if the endpoint is a service based on the difference determined for each peer of the set of peers. Network management is performed based on the determination of whether the endpoint is a service.

Abstract translation: 公开了基于网络流数据检测网络服务。 使用网络设备，获得电信网络的多个端点的网络流数据。 多个端点的每个端点由包括IP地址，端口和通信协议的数据唯一地描述。 对于从多个端点中选择的至少一个端点的集合的每个端点，通过基于网络流数据检测端点与多个对等体之间的通信来确定端点的多个对等端。 对于从多个对等体中选择的一组对等体的每个对等体，基于网络流数据确定端点的对等端的数量与所述每个对等体的对等体的数量之间的差。 基于为对等体集合中的每个对等体确定的差异来确定端点是否是服务。 基于确定端点是否是服务来执行网络管理。