Inferring server state in s stateless communication protocol

US 8,051,207 B2
Filed: 06/25/2004
Issued: 11/01/2011
Est. Priority Date: 06/25/2004
Status: Active Grant

First Claim

Patent Images

1. A method for identifying server state objects among packets transmitted between a server and a client device on a network based upon a communication protocol, the method comprising:

intercepting, by a device intermediary to a client and server, a plurality of data packets transmitted between the server and the client;

computing, by the device, entropy measures for each of a plurality of data objects in the plurality of packets by concatenating the data objects having a same name field, compressing the concatenated data objects, and dividing a total size of the compressed concatenated data objects by a total number of data objects having the same name field;

selecting, by the device, candidate data objects from the plurality of data objects having higher computed entropy measures than a threshold; and

identifying, by the device, at least one of the candidate data objects as a server state object in response to the at least one candidate data object being transmitted bi-directionally between the server and the client.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Server state objects are identified by an intermediate server among packets transmitted between an application server and a client device on a network based upon a stateless communication protocol, by monitoring and analyzing the packets transmitted between the application server and the client device. The packets are parsed into a plurality of name-value pairs. The entropy of the name-value pairs having a same name field is computed, and candidate data objects that are likely to be server state objects are selected based upon the computed entropy. Candidate data objects that were transmitted bi-directionally between the application sever and the client device are identified as server state objects.

12 Citations

48 Claims

1. A method for identifying server state objects among packets transmitted between a server and a client device on a network based upon a communication protocol, the method comprising:
- intercepting, by a device intermediary to a client and server, a plurality of data packets transmitted between the server and the client;
  
  computing, by the device, entropy measures for each of a plurality of data objects in the plurality of packets by concatenating the data objects having a same name field, compressing the concatenated data objects, and dividing a total size of the compressed concatenated data objects by a total number of data objects having the same name field;
  
  selecting, by the device, candidate data objects from the plurality of data objects having higher computed entropy measures than a threshold; and
  
  identifying, by the device, at least one of the candidate data objects as a server state object in response to the at least one candidate data object being transmitted bi-directionally between the server and the client.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein each data object comprises a value field corresponding to a name field.
  - 3. The method of claim 1, wherein compressing the data objects comprises compressing value fields of the data objects.
  - 4. The method of claim 1, wherein compressing the concatenated data objects comprises compressing the concatenated data objects with an entropy-[2]based compression algorithm.
  - 5. The method of claim 1, wherein the plurality of data packets are transmitted using a communications protocol comprising one of:
    - Extensible Markup Language (XML), Simple Object Access Protocol (SOAP) and Hypertext Transfer Protocol (HTTP).
  - 6. The method of claim 1, wherein the at least one candidate data object is determined to have been transmitted bi-directionally between the server and the client device by:
    - dividing related packets under the communication protocol into a first group of packets that were transmitted from the server to the client device and a second group of packets that were transmitted from the client device to the server; and
      
      determining whether the at least one candidate data object is included in both the first group of packets and the second group of packets.
  - 7. The method of claim 6, wherein the related packets are packets that correspond to a related message under the communication protocol.

8. A method for identifying server state objects among packets transmitted between a server and a client device on a network based upon a communication protocol, the method comprising:
- intercepting by a device intermediary to a client and a server, a plurality of data packets transmitted between the server and the client;
  
  parsing, by the device, the plurality of packets to identify a plurality of name-value pairs;
  
  computing, by the device, the entropies for each of the name-value pairs by concatenating value fields of the name-value pairs having a same name field, compressing the concatenated value fields, and dividing a total size of the compressed concatenated value fields by a total number of name-value pairs having the same name field;
  
  selecting, by the device, the name-value pairs having computed entropies higher than a threshold as candidates for the server state objects;
  
  determining, by the device, whether the candidates were sent bi-directionally between the server and the client device; and
  
  determining, by the device, that at least one of the candidates is a server state object in response to determining that the at least one candidate was sent bi-directionally between the server and the client.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein each name-value pair comprises a value field and a name field.
  - 10. The method of claim 8, wherein the plurality of data packets are transmitted using a communications protocol comprising one of:
    - Extensible Markup Language (XML), Simple Object Access Protocol (SOAP) and Hypertext Transfer Protocol (HTTP).
  - 11. The method of claim 8, wherein compressing the concatenated value fields comprises compressing the concatenated value fields with an entropy-based compression algorithm.
  - 12. The method of claim 8, wherein the plurality of data packets are transmitted using a stateless communications protocol.
  - 13. The method of claim 8, wherein determining whether the candidates were sent bi-directionally between the server and the client device comprises:
    - dividing related packets under the communication protocol into a first group of packets that were transmitted from the server to the client device and a second group of packets that were transmitted from the client device to the server; and
      
      determining whether the candidates are included in both the first group of packets and the second group of packets.
  - 14. The method of claim 13, wherein the related packets are packets that correspond to a related message under the communication protocol.

15. A system for identifying server state objects among packets transmitted between a server and a client device on a network based upon a communication protocol, the system comprising:
- a device intermediary to a client and a server;
  
  a parsing module, executing on the device, which intercepts a plurality of data packets transmitted between the server and the client, and parses the plurality of packets to identify a plurality of data objects; and
  
  an analysis module, executing on the device, coupled to the parsing module which computes entropy measures for each of the data objects by concatenating the data objects having a same name field, compressing the concatenated data objects, and dividing a total size of the compressed concatenated data objects by a total number of data objects having the same name field;
  
  selects candidate data objects from the data objects having higher computed entropy measures than a threshold; and
  
  identifies at least one of the candidate data objects as a server state object in response to the at least one candidate data object being transmitted bi-directionally between the server and the client.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 16. The system of claim 15, wherein the parsing module operates as a firewall filtering the packets transmitted between the server and the client device in accordance with rules provided by the analysis module.
  - 17. The system of claim 15, wherein the parsing module collects data regarding the packets transmitted between the server and the client device in accordance with data collection parameters provided by the analysis module.
  - 18. The system of claim 15, wherein the analysis module processes the data objects to determine whether the data objects are server state objects in real time as the data objects are received from the parsing module.
  - 19. The system of claim 15, further comprising a storage module coupled to the analysis module, wherein the analysis module stores the received data objects in the storage module and processes the stored data objects in batches to determine whether the data objects are server state objects.
  - 20. The system of claim 15, wherein each data object comprises a value field corresponding to a name field.
  - 21. The system of claim 15, wherein compressing the concatenated data objects comprises compressing value fields of the data objects.
  - 22. The system of claim 15, wherein compressing the concatenated data objects comprises compressing the concatenated data objects with an entropy-based compression algorithm.
  - 23. The system of claim 15, wherein the plurality of data packets are transmitted using a communications protocol comprising one of:
    - Extensible Markup Language (XML), Simple Object Access Protocol (SOAP) and Hypertext Transfer Protocol (HTTP).
  - 24. The system of claim 15, wherein the analysis module determines that the at least one candidate data object was transmitted bi-directionally between the server and the client device by:
    - dividing related packets under the communication protocol into a first group of packets that were transmitted from the server to the client device and a second group of packets that were transmitted from the client device to the server; and
      
      determining whether the at least one candidate data object is included in both the first group of packets and the second group of packets.
  - 25. The system of claim 24, wherein the related packets are packets that correspond to a related message under the communication protocol.

26. A system for identifying server state objects among packets transmitted between a server and a client device on a network based upon a communication protocol, the system comprising:
- a device intermediary to a client and a server;
  
  a parsing module, executing on the device, which intercepts a plurality of data packets transmitted between the server and the client, and parses the plurality of packets to identify a plurality of name-value pairs; and
  
  an analysis module, executing on the device, coupled to the parsing module which computes the entropies for each of the name-value pairs having a same name by concatenating value fields of the name-value pairs having a same name field, compressing the concatenated value fields, and dividing a total size of the compressed concatenated value fields by a total number of name-value pairs having the same name field;
  
  selects the name-value pairs having computed entropies higher than a threshold as candidates for the server state objects;
  
  determines whether the candidates were sent bi-directionally between the server and the client device; and
  
  determines that at least one of the candidates is a server state object in response to determining that the at least one candidate was sent bi-directionally between the server and the client.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 27. The system of claim 26, wherein the parsing module operates as a firewall filtering the packets transmitted between the server and the client device in accordance with rules provided by the analysis module.
  - 28. The system of claim 26, wherein the parsing module collects data regarding the packets transmitted between the server and the client device in accordance with data collection parameters provided by the analysis module.
  - 29. The system of claim 26, wherein the analysis module processes the name-value pairs in real time as the name-value pairs are received from the parsing module to determine whether the name-value pairs are server state objects.
  - 30. The system of claim 26, further comprising a storage module coupled to the analysis module, wherein the analysis module stores the received name-value pairs in the storage module and processes the stored name-value pairs in batches to determine whether the name-value pairs are server state objects.
  - 31. The system of claim 26, wherein each name-value pair comprises a value field and a name field.
  - 32. The system of claim 26, wherein the plurality of data packets are transmitted using a communications protocol comprising one of:
    - Extensible Markup Language (XML), Simple Object Access Protocol (SOAP) and Hypertext Transfer Protocol (HTTP).
  - 33. The system of claim 26, wherein compressing the concatenated value fields comprises compressing the concatenated value fields with an entropy-based compression algorithm.
  - 34. The system of claim 26, wherein the plurality of data packets are transmitted using a stateless communications protocol.
  - 35. The system of claim 26, wherein the analysis module determines whether the candidates were sent bi-directionally between the server and the client device by:
    - dividing related packets under the communication protocol into a first group of packets that were transmitted from the server to the client device and a second group of packets that were transmitted from the client device to the server; and
      
      determining whether the candidates are included in both the first group of packets and the second group of packets.
  - 36. The system of claim 35, wherein the related packets are packets that correspond to a related message under the communication protocol.

37. A computer program product stored on a computer storage device and adapted to perform a method for identifying server state objects among packets transmitted between a server and a client device on a network based upon a communication protocol, the method comprising:
- intercepting, by a device intermediary to a client and a server, a plurality of data packets transmitted between the server and the client;
  
  computing, by the device, entropy measures for each of a plurality of data objects in the plurality of packets by concatenating the data objects having a same name field, compressing the concatenated data objects, and dividing a total size of the compressed concatenated data objects by a total number of data objects having the same name field;
  
  selecting, by the device, candidate data objects from the plurality of data objects having higher computed entropy measures than a threshold; and
  
  identifying, by the device, at least one of the candidate data objects as a server state object in response to the at least one candidate data object being transmitted bi-directionally between the server and the client.
- View Dependent Claims (38, 39, 40, 41)
- - 38. The computer program product of claim 37, wherein each data objects comprises a value field corresponding to a name field.
  - 39. The computer program product of claim 37, wherein compressing the data objects comprises compressing value fields of the data objects.
  - 40. The computer program product of claim 37, wherein compressing the concatenated data objects comprises compressing the concatenated data objects with an entropy-based compression algorithm.
  - 41. The computer program product of claim 37, wherein the at least one candidate data object is determined to have been transmitted bi-directionally between the server and the client device by:
    - dividing related packets under the communication protocol into a first group of packets that were transmitted from the server to the client device and a second group of packets that were transmitted from the client device to the server; and
      
      determining whether the at least one candidate data object is included in both the first group of packets and the second group of packets.

42. A computer program product stored on a computer storage device and adapted to perform a method for identifying server state objects among packets transmitted between a server and a client device on a network based upon a communication protocol, the method comprising:
- intercepting, by a device intermediary to a client and a server, a plurality of data packets transmitted between the server and the client;
  
  parsing, by the device, the plurality of packets to identify a plurality of name-value pairs;
  
  computing, by the device, the entropies for each of the name-value pairs by concatenating value fields of the name-value pairs having a same name field, compressing the concatenated value fields, and dividing a total size of the compressed concatenated value fields by a total number of name-value pairs having the same name field;
  
  selecting, by the device, the name-value pairs having computed entropies higher than a threshold as candidates for the server state objects;
  
  determining, by the device, whether the candidates were sent bi-directionally between the server and the client device; and
  
  determining, by the device, that at least one of the candidates is the server state object in response to determining that the at least one candidate was sent bi-directionally between the server and the client.
- View Dependent Claims (43, 44, 45, 46)
- - 43. The computer program product of claim 42, wherein each name-value pairs comprises a value field corresponding to a name field.
  - 44. The computer program product of claim 42, wherein compressing the concatenated value fields comprises compressing the value fields with an entropy-based compression algorithm.
  - 45. The computer program product of claim 42, wherein the plurality of data packets are transmitted using a communications protocol comprising one of:
    - Extensible Markup Language (XML), Simple Object Access Protocol (SOAP) and Hypertext Transfer Protocol (HTTP).
  - 46. The computer program product of claim 42, wherein determining whether the candidates were sent bi-directionally between the server and the client device comprises:
    - dividing related packets under the communication protocol into a first group of packets that were transmitted from the server to the client device and a second group of packets that were transmitted from the client device to the server; and
      
      determining whether the candidates are included in both the first group of packets and the second group of packets.

47. A system for identifying server state objects among packets transmitted between a server and a client device on a network based upon a communication protocol, the system comprising:
- a device intermediary to a client and a server;
  
  parsing means, executing on the device, for intercepting a plurality of data packets transmitted between the server and the client and parsing the packets transmitted to identify a plurality of data objects; and
  
  analysis means, executing on the device, coupled to the parsing means for receiving the data objects and determining whether the name-value pairs are server state objects by;
  
  computing entropy measures for each of the data objects by concatenating the data objects having a same name field, compressing the concatenated data objects, and dividing a total size of the compressed concatenated data objects by a total number of data objects having the same name field;
  
  selecting candidate data objects from the data objects having higher computed entropy measures than a threshold; and
  
  identifying at least one of the candidate data objects as a server state object in response to the at least one candidate data object being transmitted bi-directionally between the server and the client.

48. A system for identifying server state objects among packets transmitted between a server and a client device on a network based upon a communication protocol, the system comprising:
- parsing means, executing on a device intermediary to a client and a server, for intercepting a plurality of data packets transmitted between the server and the client and parsing the packets transmitted to identify a plurality of name-value pairs; and
  
  analysis means, executing on the device, coupled to the parsing means for receiving the name-value pairs and determining whether the name-value pairs are server state objects by;
  
  computing the entropies for each of the name-value pairs by concatenating value fields of the name-value pairs having a same name field, compressing the concatenated value fields, and dividing a total size of the compressed concatenated value fields by a total number of name-value pairs having the same name field;
  
  selecting the name-value pairs having computed entropies higher than a predetermined threshold as candidates for the server state objects;
  
  determining whether the candidates were sent bi-directionally between the server and the client device; and
  
  determining that at least one of the candidates is a server state object in response to determining that the at least one candidate was sent bi-directionally between the server and the client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Chauhan, Abhishek
Primary Examiner(s)
SALAD, ABDULLAHI ELMI

Application Number

US10/877,362
Publication Number

US 20060047838A1
Time in Patent Office

2,685 Days
Field of Search

709/238, 709/203, 709/230, 709246-247
US Class Current

709/246
CPC Class Codes

H04L 67/02   based on web technology, e....

H04L 67/14   Session management for real...

H04L 67/142   Managing session states for...

Inferring server state in s stateless communication protocol

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

48 Claims

Specification

Use Cases

Quick Links

Others

Inferring server state in s stateless communication protocol

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

48 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others