Flow control method and device
阅读说明:本技术 一种流量控制的方法及装置 (Flow control method and device ) 是由 胡昆智 于 2019-09-09 设计创作,主要内容包括:本申请提供了一种流量控制的方法及装置,涉及通信技术领域,可以避免对物联网平台处理资源的浪费。本申请的方案包括:接收终端发送的第一上行报文,确定传输第一上行报文的通道对应的第一协议;获取第一协议对应的过滤规则;若第一上行报文满足过滤规则,则丢弃第一上行报文;若第一上行报文不满足过滤规则,且物联网平台的当前总流量值小于物联网平台的最大流量阈值,则根据物联网平台的业务处理范围处理第一上行报文。(The application provides a flow control method and device, relates to the technical field of communication, and can avoid waste of processing resources of an Internet of things platform. The scheme of this application includes: receiving a first uplink message sent by a terminal, and determining a first protocol corresponding to a channel for transmitting the first uplink message; acquiring a filtering rule corresponding to a first protocol; if the first uplink message meets the filtering rule, discarding the first uplink message; and if the first uplink message does not meet the filtering rule and the current total flow value of the Internet of things platform is smaller than the maximum flow threshold value of the Internet of things platform, processing the first uplink message according to the service processing range of the Internet of things platform.)
1. A flow control method is applied to an Internet of things platform and comprises the following steps:
receiving a first uplink message sent by a terminal, and determining a first protocol corresponding to a channel for transmitting the first uplink message;
acquiring a filtering rule corresponding to the first protocol;
if the first uplink message meets the filtering rule, discarding the first uplink message;
and if the first uplink message does not meet the filtering rule and the current total flow value of the Internet of things platform is smaller than the maximum flow threshold value of the Internet of things platform, processing the first uplink message according to the service processing range of the Internet of things platform.
2. The method according to claim 1, wherein before processing the first uplink packet according to a service processing range of the internet of things platform, the method further comprises:
judging whether the current total flow value of the Internet of things platform is larger than a buffer flow threshold value of the Internet of things platform;
if the current total traffic value is larger than the buffer traffic threshold, caching the first uplink message, and executing a step of processing the first uplink message according to a service processing range of the internet of things platform when the total traffic value of the internet of things platform is reduced to be lower than the buffer traffic threshold;
and if the current total flow value is not greater than the buffer flow threshold value, executing the step of processing the first uplink message according to the service processing range of the Internet of things platform.
3. The method of claim 1, further comprising:
if it is determined that the filtering rule corresponding to the first protocol does not exist and the current total flow value of the internet of things platform is smaller than the maximum flow threshold value, processing the first uplink message according to the service processing range of the internet of things platform;
if it is determined that the filtering rule corresponding to the first protocol does not exist and the current total flow value of the internet of things platform is greater than the maximum flow threshold value, processing the first uplink message according to the service processing range of the internet of things platform, and reducing the number of messages corresponding to other protocols except the first protocol and capable of being accessed to the internet of things platform.
4. The method according to any one of claims 1-3, further comprising:
monitoring a plurality of second uplink messages sent by the terminal, and determining a protocol corresponding to a channel for transmitting each second uplink message;
respectively counting the flow values of second uplink messages belonging to the same protocol in a specified time period;
if the flow value of a second uplink message belonging to a second protocol is larger than the flow threshold corresponding to the protocol, adjusting the flow threshold included in the filtering rule corresponding to the second protocol; and/or the presence of a gas in the gas,
and if the total flow value of the second uplink messages of each protocol is greater than the maximum flow threshold value, adjusting the buffer flow threshold value and the maximum flow threshold value.
5. The method according to claim 4, wherein after counting the number of second uplink packets belonging to the same protocol, respectively, the method further comprises:
if the flow value of the second uplink message belonging to the third protocol is larger than the early warning flow threshold value, determining the message characteristics of the second uplink message belonging to the third protocol in the specified time period;
the method further comprises the following steps:
and when the Internet of things platform is monitored to receive the message which belongs to the third protocol and meets the message characteristics, pushing an early warning message.
6. The utility model provides a flow control's device, its characterized in that, the device is applied to thing networking platform, the device includes:
the receiving module is used for receiving a first uplink message sent by a terminal and determining a first protocol corresponding to a channel for transmitting the first uplink message;
the acquisition module is used for acquiring the filtering rule corresponding to the first protocol;
a discarding module, configured to discard the first uplink packet if the first uplink packet meets the filtering rule;
and the message processing module is used for processing the first uplink message according to the service processing range of the Internet of things platform if the first uplink message does not meet the filtering rule and the current total flow value of the Internet of things platform is smaller than the maximum flow threshold value of the Internet of things platform.
7. The apparatus according to claim 6, wherein the message processing module is specifically configured to:
judging whether the current total flow value of the Internet of things platform is larger than a buffer flow threshold value of the Internet of things platform;
if the current total traffic value is larger than the buffer traffic threshold, caching the first uplink message, and when the total traffic value of the internet of things platform is reduced to be lower than the buffer traffic threshold, processing the first uplink message according to the service processing range of the internet of things platform;
and if the current total flow value is not greater than the buffer flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform.
8. The apparatus of claim 6, wherein the message processing module is further configured to:
if it is determined that the filtering rule corresponding to the first protocol does not exist and the current total flow value of the internet of things platform is smaller than the maximum flow threshold value, processing the first uplink message according to the service processing range of the internet of things platform;
if it is determined that the filtering rule corresponding to the first protocol does not exist and the current total flow value of the internet of things platform is greater than the maximum flow threshold value, processing the first uplink message according to the service processing range of the internet of things platform, and reducing the number of messages corresponding to other protocols except the first protocol and capable of being accessed to the internet of things platform.
9. The apparatus according to any one of claims 6-8, further comprising:
the monitoring module is used for monitoring a plurality of second uplink messages sent by the terminal and determining a protocol corresponding to a channel for transmitting each second uplink message;
the statistical module is used for respectively counting the flow values of the second uplink messages belonging to the same protocol in a specified time period;
the adjusting module is used for adjusting the flow threshold value included in the filtering rule corresponding to the second protocol if the flow value of the second uplink message belonging to the second protocol is greater than the flow threshold value corresponding to the protocol; and/or if the total flow value of the second uplink messages of each protocol is greater than the maximum flow threshold value, adjusting the buffer flow threshold value and the maximum flow threshold value.
10. The apparatus of claim 9, further comprising:
the determining module is used for determining the message characteristics of the second uplink message belonging to the third protocol in the specified time period if the flow value of the second uplink message belonging to the third protocol is greater than the early warning flow threshold value;
and the pushing module is used for pushing the early warning message when the Internet of things platform is monitored to receive the message which belongs to the third protocol and meets the message characteristics.
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method and an apparatus for controlling traffic.
Background
The Internet of things (IoT) is a technology for connecting an object to a network through an information sensing device so that the object can exchange and communicate information through an information propagation medium. With the development of the Internet of Things, the number of terminals accessing the IOT platform will continue to increase in the future, and the IOT platform supports terminal access of multiple protocols, such as Message Queue Telemetry Transport (MQTT) Protocol, long range Radio (LoRa) Protocol, narrowband Band Internet of Things (NBIoT) Protocol, restricted Application Protocol (COAP), and the like.
When the flow accessed to the IOT platform is monitored to be large, the terminal can be generally controlled to access the IOT platform only by a human, if the flow received by the IOT platform has a transient flow peak value, the flow may exceed the processing capability of the IOT platform, in this case, the IOT platform is generally expanded to enable the IOT platform to concurrently process more flows, however, actually, the flow processed by the IOT may have an attack packet, which results in the waste of processing resources of the IOT platform.
Disclosure of Invention
In view of this, the present application provides a method and an apparatus for flow control to avoid waste of processing resources of the IOT platform. The specific technical scheme is as follows:
in a first aspect, the present application provides a method for controlling traffic, where the method is applied to an internet of things platform, and the method includes:
receiving a first uplink message sent by a terminal, and determining a first protocol corresponding to a channel for transmitting the first uplink message;
acquiring a filtering rule corresponding to a first protocol;
if the first uplink message meets the filtering rule, discarding the first uplink message;
and if the first uplink message does not meet the filtering rule and the current total flow value of the Internet of things platform is smaller than the maximum flow threshold value of the Internet of things platform, processing the first uplink message according to the service processing range of the Internet of things platform.
In a possible implementation manner, before processing the first uplink packet according to the service processing range of the internet of things platform, the method further includes:
judging whether the current total flow value of the Internet of things platform is larger than a buffer flow threshold value of the Internet of things platform;
if the current total flow value is larger than the buffer flow threshold value, caching the first uplink message, and executing the step of processing the first uplink message according to the service processing range of the Internet of things platform when the total flow value of the Internet of things platform is reduced to be lower than the buffer flow threshold value;
and if the current total flow value is not greater than the buffer flow threshold value, executing the step of processing the first uplink message according to the service processing range of the Internet of things platform.
In one possible implementation, the method further includes:
if it is determined that the filtering rule corresponding to the first protocol does not exist and the current total flow value of the Internet of things platform is smaller than the maximum flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform;
and if the filtering rule corresponding to the first protocol does not exist and the current total flow value of the Internet of things platform is larger than the maximum flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform, and reducing the number of messages corresponding to other protocols except the first protocol and capable of being accessed to the Internet of things platform.
In one possible implementation, the method further includes:
monitoring a plurality of second uplink messages sent by the terminal, and determining a protocol corresponding to a channel for transmitting each second uplink message;
respectively counting the flow values of second uplink messages belonging to the same protocol in a specified time period;
if the flow value of the second uplink message belonging to the second protocol is greater than the flow threshold corresponding to the protocol, adjusting the flow threshold included in the filtering rule corresponding to the second protocol; and/or the presence of a gas in the gas,
and if the total flow value of the second uplink messages of each protocol is greater than the maximum flow threshold value, adjusting the buffer flow threshold value and the maximum flow threshold value.
In a possible implementation manner, after counting the number of second uplink packets belonging to the same protocol, the method further includes:
if the flow value of the second uplink message belonging to the third protocol is larger than the early warning flow threshold value, determining the message characteristics of the second uplink message belonging to the third protocol in the specified time period;
the method further comprises the following steps:
and when the Internet of things platform is monitored to receive the message which belongs to the third protocol and meets the message characteristics, pushing the early warning message.
In a second aspect, the application provides a flow control device, which is applied to an internet of things platform, and includes:
the receiving module is used for receiving a first uplink message sent by a terminal and determining a first protocol corresponding to a channel for transmitting the first uplink message;
the acquisition module is used for acquiring a filtering rule corresponding to a first protocol;
the discarding module is used for discarding the first uplink message if the first uplink message meets the filtering rule;
and the message processing module is used for processing the first uplink message according to the service processing range of the Internet of things platform if the first uplink message does not meet the filtering rule and the current total flow value of the Internet of things platform is smaller than the maximum flow threshold value of the Internet of things platform.
In a possible implementation manner, the message processing module is specifically configured to:
judging whether the current total flow value of the Internet of things platform is larger than a buffer flow threshold value of the Internet of things platform;
if the current total flow value is larger than the buffer flow threshold value, caching a first uplink message, and processing the first uplink message according to the service processing range of the Internet of things platform when the total flow value of the Internet of things platform is reduced to be lower than the buffer flow threshold value;
and if the current total flow value is not greater than the buffer flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform.
In a possible implementation manner, the message processing module is further configured to:
if it is determined that the filtering rule corresponding to the first protocol does not exist and the current total flow value of the Internet of things platform is smaller than the maximum flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform;
and if the filtering rule corresponding to the first protocol does not exist and the current total flow value of the Internet of things platform is larger than the maximum flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform, and reducing the number of messages corresponding to other protocols except the first protocol and capable of being accessed to the Internet of things platform.
In one possible implementation, the apparatus further includes:
the monitoring module is used for monitoring a plurality of second uplink messages sent by the terminal and determining a protocol corresponding to a channel for transmitting each second uplink message;
the statistical module is used for respectively counting the flow values of the second uplink messages belonging to the same protocol in a specified time period;
the adjusting module is used for adjusting the flow threshold value included in the filtering rule corresponding to the second protocol if the flow value of the second uplink message belonging to the second protocol is greater than the flow threshold value corresponding to the protocol; and/or if the total flow value of the second uplink messages of each protocol is greater than the maximum flow threshold value, adjusting the buffer flow threshold value and the maximum flow threshold value.
In one possible implementation, the apparatus further includes:
the determining module is used for determining the message characteristics of the second uplink message belonging to the third protocol in a specified time period if the flow value of the second uplink message belonging to the third protocol is greater than the early warning flow threshold value;
and the pushing module is used for pushing the early warning message when the Internet of things platform is monitored to receive the message which belongs to the third protocol and meets the message characteristics.
In a third aspect, the present application provides an internet of things device, including: a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: a method of implementing flow control as described in the first aspect.
In a fourth aspect, the present application further provides a computer-readable storage medium having a computer program stored therein, where the computer program is executed by a processor to implement the method for flow control as described in the first aspect.
In a fifth aspect, the present application also provides a computer program product containing instructions which, when run on a computer, cause the computer to perform the method of flow control as described in the first aspect above.
According to the scheme, by adopting the flow control method and the flow control device, the Internet of things platform receives the first uplink message sent by the terminal, determines the first protocol corresponding to the channel of the first uplink message, and then acquires the filtering rule corresponding to the first protocol. And if the first uplink message meets the filtering rule, discarding the first uplink message, and if the first uplink message does not meet the filtering rule and the current total flow value of the platform of the internet of things is smaller than the maximum flow threshold value of the platform of the internet of things, processing the first uplink message according to the service processing capacity of the platform of the internet of things. Therefore, the internet of things equipment can limit the number of processed messages according to the filtering rules and the maximum flow threshold value of the internet of things equipment, and the internet of things platform can limit the number of the messages, so that resource expansion caused by transient flow peak values can be avoided, and waste of processing resources of the internet of things platform is reduced.
Of course, not all advantages described above need to be achieved at the same time in the practice of any one product or method of the present application.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a method for controlling flow according to an embodiment of the present application;
fig. 2 is an exemplary diagram of a token bucket provided in an embodiment of the present application;
fig. 3 is a flowchart of another flow control method provided in an embodiment of the present application;
fig. 4 is a schematic structural diagram of a flow control device according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of an internet of things device provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In order to implement flow control on flow received by an internet of things platform, the application provides a flow control method, which is applied to the internet of things platform, and as shown in fig. 1, the method includes:
s101, receiving a first uplink message sent by a terminal, and determining a first protocol corresponding to a channel for transmitting the first uplink message.
In the embodiment of the application, the terminal completes authentication according to a preset authentication mode, accesses the Internet of things platform, and then sends the first uplink message to the Internet of things platform. It can be understood that the internet of things platform supports multiple protocols, and the internet of things platform receives messages of different protocols through different transmission channels, and after receiving the first uplink message, the internet of things platform can determine a channel through which the first uplink message is transmitted, and then determine that the first protocol corresponding to the channel is the protocol to which the first uplink message belongs.
Illustratively, the protocols supported by the platform of the internet of things include an MQTT protocol, an LoRa protocol, an NBIoT protocol, a COAP, etc., and a protocol access layer of the platform of the internet of things may determine a transmission channel of a received uplink packet, thereby determining a protocol corresponding to the channel, and processing the uplink packets of different protocols according to different methods.
Optionally, in this embodiment of the application, the platform of the internet of things may serve as a server, and the terminal may serve as a client. If the terminal is a wireless terminal, the terminal can communicate with the Internet of things platform in a WiFi mode. Or, the terminal in the embodiment of the application communicates with the internet of things platform through an MQTT protocol, an LoRa protocol, an NBIoT protocol, a COAP, and other protocols.
S102, obtaining a filtering rule corresponding to the first protocol.
In the embodiment of the application, the platform of the internet of things sets different filtering rules for different protocols. Optionally, the parameters in the filtering rule include a maximum size of a single packet, a maximum throughput parameter of a single terminal, and a maximum throughput parameter of a single gateway. For example, the filtering rules are: and if the size of the uplink message is larger than the maximum size of the single message, or the number of the messages sent to the Internet of things platform by the terminal sending the uplink message in a preset time period is larger than the maximum passing flow parameter of the single terminal, determining that the message is not allowed to pass.
S103, if the first uplink message meets the filtering rule, discarding the first uplink message.
It can be understood that, if the first uplink packet satisfies the filtering rule, that is, it is determined by the filtering rule that the first uplink packet is not allowed to pass through, the first uplink packet is discarded.
And S104, if the first uplink message does not meet the filtering rule and the current total flow value of the Internet of things platform is smaller than the maximum flow threshold value of the Internet of things platform, processing the first uplink message according to the service processing range of the Internet of things platform.
If the first uplink message does not meet the filtering rule, the internet of things platform determines that the first uplink message is allowed to pass through according to the filtering rule corresponding to the first protocol. Further, the internet of things platform needs to perform flow control on the first uplink message which does not meet the filtering rule. In a first implementation manner, if the first uplink message does not satisfy the filtering rule and the current total traffic value of the platform of the internet of things is smaller than the maximum traffic threshold of the platform of the internet of things, the first uplink message is directly processed according to the service processing range of the platform of the internet of things.
In a second implementation manner, before processing the first uplink packet according to the service processing range of the internet of things platform, the internet of things platform further needs to determine whether the current total flow value of the internet of things platform is greater than the buffer flow threshold value of the internet of things platform.
If the current total flow value is larger than the buffer flow threshold value, caching a first uplink message, and processing the first uplink message according to the service processing range of the Internet of things platform when the total flow value of the Internet of things platform is reduced to be lower than the buffer flow threshold value; and if the current total flow value is not greater than the buffer flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform.
Wherein the buffered flow threshold is less than the maximum flow threshold. If the current total flow value is larger than the buffer flow threshold value, the current internet of things platform still has the residual processing capacity, but the residual processing capacity is weaker. The total flow value of the platform of the internet of things is changed in real time, so that the platform of the internet of things can judge whether the total flow value of the platform of the internet of things is reduced below the buffer flow value in real time, if so, the platform of the internet of things has enough processing capacity to process the first uplink message, and the first uplink message of the buffer can be processed.
In a third implementation manner, if the first uplink packet does not satisfy the filtering rule and the current total traffic value is smaller than the buffer traffic threshold, the first uplink packet is processed according to the service processing range of the internet of things platform.
According to the scheme, by adopting the flow control method provided by the embodiment of the application, the platform of the internet of things receives the first uplink message sent by the terminal, determines the first protocol corresponding to the channel of the first uplink message, and then acquires the filtering rule corresponding to the first protocol. And if the first uplink message meets the filtering rule, discarding the first uplink message, and if the first uplink message does not meet the filtering rule and the current total flow value of the platform of the internet of things is smaller than the maximum flow threshold value of the platform of the internet of things, processing the first uplink message according to the service processing capacity of the platform of the internet of things. Therefore, the internet of things equipment can limit the number of processed messages according to the filtering rules and the maximum flow threshold value of the internet of things equipment, and the internet of things platform can limit the number of the messages, so that resource expansion caused by transient flow peak values can be avoided, and waste of processing resources of the internet of things platform is reduced.
In addition, the embodiment of the application can realize the classification processing of the messages of different protocols, so that when the internet of things platform receives the message belonging to the new protocol, the flow control environment does not need to be loaded for the new protocol again, the filtering rule corresponding to the new protocol can be set, and the deployment cost is low.
In a possible implementation manner, after it is determined that the first uplink packet does not satisfy the filtering rule, the traffic may be further limited specifically by using a token bucket method.
As shown in fig. 2, the token fills the token bucket with a Packet Per Second (PPS) rate, and when a packet a arrives, if the packet a is smaller than the maximum size of a single-time-passing packet identified by a Maximum Pass Size (MPS), the packet a is input into the token bucket, and meanwhile, a token having a size identical to that of the packet a is deleted from the token bucket, and the packet a is transmitted to the processing module of the internet of things platform through the token bucket.
In fig. 2, the Committed Burst Size (CBS) is set to 80% of the maximum processing capacity of the internet of things platform in the embodiment of the present application, and if the current total traffic value of the internet of things platform is smaller than the CBS, the processing module of the internet of things platform may process the received message. Optionally, the buffer traffic threshold above may be set to CBS.
The Excess Burst Size (EBS) is set to 90% of the maximum processing capacity of the internet of things platform in the embodiment of the present application, and if the current total traffic value of the internet of things platform is greater than CBS, the internet of things platform discards the received packet. Alternatively, the maximum traffic threshold above may be set to EBS.
In another implementation manner of the embodiment of the application, the internet of things device can flexibly set the filtering rules for each protocol, and the filtering rules may not be set for the protocols with higher importance and/or urgency.
Therefore, if the internet of things device determines that the filtering rule corresponding to the first protocol does not exist and the current total traffic value of the internet of things platform is smaller than the maximum traffic threshold value, the first uplink message is processed according to the service processing range of the internet of things platform.
And if the filtering rule corresponding to the first protocol does not exist and the current total flow value of the Internet of things platform is larger than the maximum flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform, and reducing the number of messages corresponding to other protocols except the first protocol and capable of being accessed to the Internet of things platform.
Specifically, the number of messages corresponding to other protocols processed by the platform of the internet of things can be reduced by adjusting the filtering rules corresponding to the other protocols except the first protocol.
For example, if the filtering rule corresponding to each protocol includes the protocol priority, the protocol with the lowest protocol priority may be determined, and then the number of packets allowed to pass through the protocol in the filtering rule corresponding to the protocol is reduced. Or, setting the filtering rule corresponding to the protocol as: and forbidding the message of the protocol to pass through.
By adopting the method, the dynamic control on the flow can be realized, the message corresponding to the protocol with higher importance degree and/or emergency degree is preferentially ensured, and the utilization of the processing resource of the platform of the Internet of things is more reasonable.
In order to dynamically adjust the filtering rules and the traffic limiting parameters of the internet of things platform for each protocol message, a traffic monitoring system is deployed in the internet of things platform in the embodiment of the application, and the work flow of the traffic monitoring system is shown in fig. 3, and specifically includes the following steps:
s301, monitoring a plurality of second uplink messages sent by the terminal, and determining a protocol corresponding to a channel for transmitting each second uplink message.
S302, in a specified time period, respectively counting the flow values of the second uplink messages belonging to the same protocol.
Wherein, the appointed time period can be set according to actual requirements. For example, the flow value of the second uplink message belonging to the MQTT protocol, the flow value of the second uplink message belonging to the LoRa protocol, and the flow value of the second uplink message belonging to the NBIoT protocol, which are received by the internet of things platform within 30 minutes, may be counted.
S303, if the flow value of the second uplink message belonging to the second protocol is greater than the flow threshold corresponding to the protocol, adjusting the flow threshold included in the filtering rule corresponding to the second protocol.
In an embodiment, if the flow value of the second uplink packet belonging to the second protocol is greater than the flow threshold corresponding to the protocol, the flow threshold included in the filtering rule corresponding to the second protocol may be increased to avoid a phenomenon that too many packets belonging to the second protocol cannot be processed by the internet of things platform.
For example, if the statistical traffic value of the second uplink packet belonging to the MQTT protocol is greater than the traffic threshold corresponding to the MQTT protocol, the traffic threshold included in the filtering rule corresponding to the MQTT protocol may be increased.
In another implementation manner, if the traffic value of the second uplink packet belonging to the second protocol is greater than the traffic threshold corresponding to the second protocol, a filtering rule corresponding to the second protocol may be set as: and increasing the flow threshold corresponding to the second protocol to a specified flow value in a specified application scene or a specified time period. And the specified application scenario is the application scenario of the specified time period, namely, the flow value of the second uplink message of the second protocol is greater than the flow threshold corresponding to the second protocol.
S304, if the total flow value of the second uplink messages of each protocol is larger than the maximum flow threshold value, adjusting the buffer flow threshold value and the maximum flow threshold value.
Specifically, the buffer traffic threshold and the maximum traffic threshold may be adjusted according to a total traffic value of the second uplink packet of each protocol. If the total flow value of the second uplink messages of each protocol is greater than the maximum flow threshold value, the buffer flow threshold value and the maximum flow threshold value can be increased.
It should be noted that both of S303 and S304 may be executed, or alternatively, in the case that both of S303 and S304 are executed, the embodiment of the present application does not limit the execution sequence between S303 and S304.
Therefore, by adopting the method of the embodiment of the application, the platform of the internet of things adjusts the filtering rule and/or adjusts the buffer flow threshold and the maximum flow threshold according to the flow value of the second uplink message belonging to the same protocol, so that the platform of the internet of things can reasonably utilize resources, and the problem of resource waste caused by resource expansion due to transient occurrence of a flow peak is avoided.
In another embodiment of the present application, the characteristics of the attack packet may also be determined by a flow value of a second uplink packet belonging to the same protocol.
Specifically, if the flow value of the second uplink packet belonging to the third protocol is greater than the early warning flow threshold, the packet characteristics of the second uplink packet belonging to the third protocol within the specified time period are determined.
The message characteristic may be a quintuple of the second uplink message belonging to the third protocol or a source of the second uplink message belonging to the third protocol. For example, in a specified time period, 80% of second uplink messages belonging to the third protocol and received by the internet of things platform all come from the same terminal, and it can be determined that the message characteristics are as follows: the source IP address of the message is the IP address of the terminal.
After the message characteristics are determined, when the Internet of things platform is monitored to receive the message which belongs to the third protocol and meets the message characteristics, the early warning message is pushed.
Under the condition, the internet of things equipment can determine that the message which belongs to the third protocol and meets the message characteristics is the attack message, so that operation and maintenance personnel or the internet of things platform can process the attack message in a manner of pushing the early warning message, and the safety of the internet of things platform is improved.
Corresponding to the above method embodiment, an embodiment of the present application further provides a flow control device, where the flow control device is applied to an internet of things platform, and as shown in fig. 4, the flow control device includes: a receiving
A receiving
an obtaining
a discarding
the
Optionally, the
judging whether the current total flow value of the Internet of things platform is larger than a buffer flow threshold value of the Internet of things platform;
if the current total flow value is larger than the buffer flow threshold value, caching a first uplink message, and processing the first uplink message according to the service processing range of the Internet of things platform when the total flow value of the Internet of things platform is reduced to be lower than the buffer flow threshold value;
and if the current total flow value is not greater than the buffer flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform.
Optionally, the
if it is determined that the filtering rule corresponding to the first protocol does not exist and the current total flow value of the Internet of things platform is smaller than the maximum flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform;
and if the filtering rule corresponding to the first protocol does not exist and the current total flow value of the Internet of things platform is larger than the maximum flow threshold value, processing the first uplink message according to the service processing range of the Internet of things platform, and reducing the number of messages corresponding to other protocols except the first protocol and capable of being accessed to the Internet of things platform.
Optionally, the apparatus further comprises:
the monitoring module is used for monitoring a plurality of second uplink messages sent by the terminal and determining a protocol corresponding to a channel for transmitting each second uplink message;
the statistical module is used for respectively counting the flow values of the second uplink messages belonging to the same protocol in a specified time period;
the adjusting module is used for adjusting the flow threshold value included in the filtering rule corresponding to the second protocol if the flow value of the second uplink message belonging to the second protocol is greater than the flow threshold value corresponding to the protocol; and/or if the total flow value of the second uplink messages of each protocol is greater than the maximum flow threshold value, adjusting the buffer flow threshold value and the maximum flow threshold value.
Optionally, the apparatus further comprises:
the determining module is used for determining the message characteristics of the second uplink message belonging to the third protocol in a specified time period if the flow value of the second uplink message belonging to the third protocol is greater than the early warning flow threshold value;
and the pushing module is used for pushing the early warning message when the Internet of things platform is monitored to receive the message which belongs to the third protocol and meets the message characteristics.
The embodiment of the present application further provides an internet of things platform, as shown in fig. 5, including a
a
the
The communication bus mentioned in the above internet of things platform may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus, etc. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the Internet of things platform and other equipment.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component.
In yet another embodiment provided by the present application, a computer-readable storage medium is further provided, in which a computer program is stored, and the computer program, when executed by a processor, implements the steps of any of the above flow control methods.
In yet another embodiment provided by the present application, there is also provided a computer program product containing instructions that, when run on a computer, cause the computer to perform any of the flow control methods of the above embodiments.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the application to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only for the preferred embodiment of the present application, and is not intended to limit the scope of the present application. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application are included in the protection scope of the present application.