公开(公告)号：US20100223455A1

公开(公告)日：2010-09-02

申请号：US12659069

申请日：2010-02-24

Applicant: Shingo Ata ,  Go Hasegawa ,  Yoshihiro Nakahira ,  Nobuyuki Nakamura

Inventor： Shingo Ata ,  Go Hasegawa ,  Yoshihiro Nakahira ,  Nobuyuki Nakamura

IPC: H04L9/00

CPC classification number: H04L63/0428 ,  H04L47/2441

Abstract: An encrypted-traffic discrimination device includes an input interface, a flow discrimination section, a data accumulation section, a selective data calculation section, a calculation result determination section, and an output interface. The flow discrimination section discriminates the input traffic into separate flows based on at least a transmission origin address and a transmission destination address. The data accumulation section accumulates characteristic amount data of the traffic for each of the separate flows. The selective data calculation section executes an evaluation computation utilizing specific data from the characteristic amount data. The calculation result determination section that, based on a calculated evaluation computation value, executes threshold value determination to determine whether or not the traffic is encrypted, and, if the traffic is determined to be encrypted, which encryption format the traffic is encrypted with.

Abstract translation: 加密流量判别装置包括输入接口，流量鉴别部，数据存储部，选择性数据计算部，计算结果判定部，输出接口。 流检测部分至少基于发送源地址和发送目的地地址将输入业务区分为单独的流。 数据累积部累积各流量的流量的特征量数据。 选择性数据计算部使用来自特征量数据的特定数据来执行评价计算。 计算结果确定部，其基于计算出的评价运算值，执行阈值判定，判定是否加密了业务，并且，如果确定要加密的业务，则加密业务的加密格式。

公开(公告)号：US09021252B2

公开(公告)日：2015-04-28

申请号：US12659069

申请日：2010-02-24

Applicant: Shingo Ata ,  Go Hasegawa ,  Yoshihiro Nakahira ,  Nobuyuki Nakamura

Inventor： Shingo Ata ,  Go Hasegawa ,  Yoshihiro Nakahira ,  Nobuyuki Nakamura

IPC: H04L29/06 ,  H04L12/851

CPC classification number: H04L63/0428 ,  H04L47/2441

Abstract: An encrypted-traffic discrimination device includes an input interface, a flow discrimination section, a data accumulation section, a selective data calculation section, a calculation result determination section, and an output interface. The flow discrimination section discriminates the input traffic into separate flows based on at least a transmission origin address and a transmission destination address. The data accumulation section accumulates characteristic amount data of the traffic for each of the separate flows. The selective data calculation section executes an evaluation computation utilizing specific data from the characteristic amount data. The calculation result determination section that, based on a calculated evaluation computation value, executes threshold value determination to determine whether or not the traffic is encrypted, and, if the traffic is determined to be encrypted, which encryption format the traffic is encrypted with.

Abstract translation: 加密流量判别装置包括输入接口，流量鉴别部，数据存储部，选择性数据计算部，计算结果判定部，输出接口。 流检测部分至少基于发送源地址和发送目的地地址将输入业务区分为单独的流。 数据累积部累积各流量的流量的特征量数据。 选择性数据计算部使用来自特征量数据的特定数据来执行评价计算。 计算结果确定部，其基于计算出的评价运算值，执行阈值判定，判定是否加密了业务，并且，如果确定要加密的业务，则加密业务的加密格式。