This invention proposes a method for identifying and classifying a protocol type of an application layer in traffic received by an access gateway or other network equipment and devices having a memory and being controlled by a processor that are in a data network such as a TCP/IP network.
Application protocol identification is intended to determine a protocol type of traffic carried over the network. This is a very important technology to provide informative characteristics of network traffic, which is indispensable in various occasions, e.g., effective network planning and designing, a security policy such as legal monitoring and network blocking, Quality of Service (QoS) enforcement such as traffic shaping and service differentiation, charging policy designing, etc.
Today's communication networks generally follow a layered model, e.g., an OSI reference model or a TCP/IP reference model. The TCP/IP reference model is adopted by most data networks and consists of five layers: Physical Layer, Data Link Layer, Network Layer, Transport Layer and Application Layer. Relay nodes, e.g., an access gateway, generally involve only transferring and relaying at the IP layer and have no knowledge of contents carried at upper layers (Transport Layer and Application Layer). However in some scenarios, for example, where a certain type of application is blocked, it is necessary for the relay nodes to find an efficient way to identify and determine a protocol type carried at the application layer.