公开(公告)号：US20240406089A1

公开(公告)日：2024-12-05

申请号：US18696905

申请日：2021-11-09

Applicant: Nippon Telegraph and Telephone Corporation

Inventor： Saki Hatta ,  Hiroyuki Uzawa ,  Shuhei Yoshida ,  Yusuke Sekihara ,  Shoko Oteru ,  Yuko Iinuma ,  Namiko Ikeda

IPC: H04L43/0894 ,  H04L43/0823

Abstract: An embodiment is a traffic monitoring device configured to acquire traffic statistical information of a flow in the monitoring target network, determine whether the acquired traffic statistical information satisfies a predetermined reference for failure detection, capture packets of the flow determined to satisfy the predetermined reference as packets at the time of failure occurrence in the flow, and dynamically update the predetermined reference while the device is still acquiring traffic statistical information of the flow in the monitoring target network.

公开(公告)号：US20240356825A1

公开(公告)日：2024-10-24

申请号：US18683713

申请日：2021-09-14

Applicant: Nippon Telegraph and Telephone Corporation

Inventor： Hiroyuki Uzawa ,  Saki Hatta ,  Shuhei Yoshida ,  Yusuke Sekihara ,  Shoko Oteru ,  Namiko Ikeda

IPC: H04L43/026 ,  H04L43/04

CPC classification number: H04L43/026 ,  H04L43/04

Abstract: A packet capturing device includes: a normal capturing function unit that accumulates packets that match conditions of a target flow registered in a flow table in response to an instruction to start capturing from outside and converts the accumulated packets into a captured file, from among packets flowing through a network that is a monitoring target; and a short-term capturing function unit that accumulates the packets received from the network during a period needed by the conditions of the target flow to be registered in the flow table from arrival of the instruction to start capturing and converts the accumulated packets into a captured file

公开(公告)号：US20230198870A1

公开(公告)日：2023-06-22

申请号：US17925698

申请日：2020-05-26

Applicant: Nippon Telegraph and Telephone Corporation

Inventor： Namiko Ikeda ,  Hiroyuki Uzawa ,  Koyo Nitta ,  Yuta Ukon ,  Shuhei Yoshida ,  Yusuke Sekihara ,  Shoko Oteru

IPC: H04L43/028 ,  H04L43/04 ,  H04L47/125

CPC classification number: H04L43/028 ,  H04L43/04 ,  H04L47/125

Abstract: A packet capture apparatus includes a hardware processing unit including a filter that filters packets input from a network and an NIC and a packet storage that stores packets input from the hardware processing unit. The filter includes a packet input that receives packets input from the network, a header analysis unit that analyzes a header structure of each packet input to the packet input unit and extracts a field value of a header of the packet, a rule table in which rules including a field value of a flow to be captured are recorded, a flow identification unit that identifies a flow in which the field value extracted by the header analysis unit matches a rule in the rule table and/or does not match the rule, and a packet output that outputs a packet of the flow identified by the flow identification unit to the NIC.

公开(公告)号：US20240283721A1

公开(公告)日：2024-08-22

申请号：US18570022

申请日：2021-06-23

Applicant: Nippon Telegraph and Telephone Corporation

Inventor： Shuhei Yoshida ,  Hiroyuki Uzawa ,  Namiko Ikeda ,  Saki Hatta ,  Yusuke Sekihara ,  Shoko Oteru

IPC: H04L43/0823 ,  H04L41/06

CPC classification number: H04L43/0823 ,  H04L41/06

Abstract: An embodiment packet capture method includes steps of imparting a flag for each data of a received and divided packet, a step of writing the data in a ring buffer, steps of issuing a failure detection trigger when a cumulative value of the number of bytes of the packet within a period of failure detection exceeds a failure detection threshold value, steps of stopping writing to the ring buffer when writing to the ring buffer reaches or exceeds a writing stop address determined on the basis of the failure detection trigger, a step of reading data sequentially from the writing stop address, and steps of outputting a packet capture depending on the result determined based on the flags of the read data.

公开(公告)号：US20240235974A1

公开(公告)日：2024-07-11

申请号：US18573730

申请日：2021-06-30

Applicant: Nippon Telegraph and Telephone Corporation

Inventor： Hiroyuki Uzawa ,  Yusuke Sekihara ,  Saki Hatta ,  Shuhei Yoshida ,  Namiko Ikeda

IPC: H04L43/0876 ,  H04L43/022 ,  H04L43/026

CPC classification number: H04L43/0876 ,  H04L43/026 ,  H04L43/022

Abstract: A traffic monitoring device includes an identification unit that identifies a flow of a packet received from a monitoring target network into a flow of a first flow group and a second flow group other than the first flow group on the basis of a rule table in which a predetermined rule is registered, a traffic aggregation unit that aggregates a traffic amount of the first flow group for each flow, an occurrence probability calculation unit that calculates an occurrence probability of each flow on the basis of a result of sampling at least some of the flow of the packet received, and a traffic estimation unit that estimates a traffic amount of each flow of the second flow group by multiplying the occurrence probability of each flow by the total value of the traffic amount of the second flow group.