Method, device and system for network interception

US 8,416,695 B2
Filed: 06/04/2009
Issued: 04/09/2013
Est. Priority Date: 06/30/2008
Status: Active Grant

First Claim

Patent Images

1. A method for network interception, comprising:

obtaining a matching rule by parsing an interception policy;

analyzing received data by adopting a deep packet inspection (DPI);

selecting an analysis result according to the matching rule so as to obtain intercept related information (IRI) of service data to be intercepted; and

obtaining content of communication (CC) corresponding to the IRI of the service data to be intercepted by associating with a unique feature identifier, and taking the IRI of the service data to be intercepted and the corresponding CC as an interception result, wherein the received data are obtained by adopting data preprocessing to filter packet data according to a service customizing rule obtained by parsing the interception policy.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, a device, and a system for network interception are provided. The method for network interception includes the following steps. A matching rule obtained by parsing an interception policy. Received data are selected by adopting a deep packet inspection (DPI) according to the matching rule so as to obtain an interception result, in which the received data are obtained by adopting data preprocessing to filter packet data according to a service customizing rule obtained by parsing the interception policy. The system for network interception includes a service probe server (SPS) and a service analyze server (SAS). Thus, various packet data services transmitted over an Internet protocol (IP) network can be intercepted.

20 Citations

View as Search Results

11 Claims

1. A method for network interception, comprising:
- obtaining a matching rule by parsing an interception policy;
  
  analyzing received data by adopting a deep packet inspection (DPI);
  
  selecting an analysis result according to the matching rule so as to obtain intercept related information (IRI) of service data to be intercepted; and
  
  obtaining content of communication (CC) corresponding to the IRI of the service data to be intercepted by associating with a unique feature identifier, and taking the IRI of the service data to be intercepted and the corresponding CC as an interception result, wherein the received data are obtained by adopting data preprocessing to filter packet data according to a service customizing rule obtained by parsing the interception policy.
- View Dependent Claims (2, 3, 4)
- - 2. The method according to claim 1, further comprising:
    - performing a service recovery on the interception result.
  - 3. The method according to claim 1, wherein the matching rule corresponds to specific information of a service to be intercepted, the specific information of the service to be intercepted comprises a user name, an account, an Email address, and a phone number.
  - 4. The method according to claim 1, wherein the service customizing rule corresponds to basic information of the service to be intercepted, the basic information of the service to be intercepted comprises a media access control (MAC) address, an IP address, a transmission control protocol (TCP)/user datagram protocol (UDP) port, and service type.

5. A service analyze server (SAS), comprising:
- an interception policy processing unit, adapted to parse an interception policy so as to obtain a service customizing rule and a matching rule; and
  
  a data selecting unit, comprising;
  
  an analyzing subunit, adapted to analyze data sent by a service probe server (SPS) by adopting a deep packet inspection (DPI);
  
  a selecting subunit, adapted to select an analysis result of the analyzing subunit according to the matching rule obtained by the interception policy processing unit so as to obtain intercept related information (IRI) of service data to be intercepted; and
  
  an interception result generating subunit, adapted to generate an interception result according to the IRI of the service data to be intercepted obtained by the selecting subunit, wherein the data sent by the SPS are obtained by the SPS by adopting data preprocessing to filter packet data according to the service customizing rule obtained by parsing the interception policy.

6. A system for network interception, comprising a service probe server (SPS) and a service analyze server (SAS), whereinthe SPS is adapted to obtain packet data of an Internet protocol (IP) network and filter the obtained packet data by adopting a data preprocessing technique according to a service customizing rule obtained by the SAS;
- andthe SAS is adapted to parse an interception policy to obtain the service customizing rule and a matching rule, and select the data filtered by the SPS by adopting a deep packet inspection (DPI) according to the matching rule so as to obtain an interception result, wherein the interception result comprises intercept related information (IRI) of service data to be intercepted by selecting the data filtered by the SPS according to the matching rule and content of communication (CC) corresponding to the IRI.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The system for network interception according to claim 6, further comprising:
    - a database, adapted to store the IRI; and
      
      a files server (DFS), adapted to store the CC corresponding to the IRI.
  - 8. The system for network interception according to claim 6, further comprising:
    - a web server (WBS), adapted to perform a service recovery on the interception result.
  - 9. The system for network interception according to claim 8, further comprising:
    - a web client (WBC), adapted to provide a user interface to the system for network interception for interception personnel to log in the WBS through the WBC so as to perform the service recovery on the interception result.
  - 10. The system for network interception according to claim 6, further comprising:
    - a web server (WBS), adapted to perform a service recovery on the interception result.
  - 11. The system for network interception according to claim 10, further comprising:
    - a web client (WBC), adapted to provide a user interface to the system for network interception for interception personnel to log in the WBS through the WBC so as to perform the service recovery on the interception result.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Inventors
Liu, Tingyong, Liu, Guoqing, Zhang, Wenda
Primary Examiner(s)
Thier, Michael
Assistant Examiner(s)
MENSAH, PRINCE AKWASI

Application Number

US12/478,307
Publication Number

US 20090323536A1
Time in Patent Office

1,405 Days
Field of Search

709/203, 709/219, 709/223, 709/230, 709/246, 709/259, 709/310, 709/312, 370/241, 370/241.1, 370/242, 370/259, 380247-250, 726/26, 726/27, 726/29, 726/30, 713/164, 713/167, 713/176, 713/177, 713/180, 713/188
US Class Current

370/241
CPC Class Codes

H04L 63/0227   Filtering policies mail mes...

H04L 63/30   for supporting lawful inter...

H04L 67/56   Provisioning of proxy servi...

Method, device and system for network interception

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Method, device and system for network interception

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links