Description:TECHNICAL FIELD
The present disclosure relates generally to USB (Universal Serial Bus) based network management system, and more specifically relates to analyzing data packets passing via a network.

BACKGROUND ART
[0001] A network packets is a small data unit that are used to transmit data through networks and the internet. The header, or control information, and the payload, or user data, are the two main parts of these packets. Layer 2-3 data such as Ethernet ll segments, where the DMAC and SMAC addresses are defined, whether or not there is a VLAN, and IPv4 or IPv6 protocols, where the Source IP and destination IP address are defined, are examples of information that is contained in the header.

[0002] A network monitoring tool called a packet analyzer, commonly referred to as a packet sniffer or a network analyzer, are responsible for enhancing the end-user experience and a company's productivity by analysis of network performance problems that may cause traffic jams, network outages, and other typical performance problems.

[0003] Packet analyzers can be compared to the gatekeepers and security scanners in the data transportation process, continuing our analogy from before with shipping. They operate in the background to make sure your network functions properly.

[0004] Nowadays, there are techniques that exists which can help analyze data packets. For example, reference can be made to US10078694B2 which discloses analyzing the mobile media data record to determine a settlement arrangement. Further, reference can be made to US8532124B2 which discloses providing a packet conversion between a Serial Wide Area Network (WAN) protocol and an Ethernet network protocol.
OBJECTS OF THE INVENTION
[0005] The principal object of the present invention is to provide USB (Universal Serial Bus) based techniques for analyzing data packets passing via a network traffic.

[0006] Another object of the present invention is to provide USB (Universal Serial Bus) based techniques for detecting suspected network intrusions.

[0007] Another object of the present invention is to provide USB (Universal Serial Bus) based techniques for examining network performance inconsistencies, strange data patterns and usage peaks.

[0008] Another object of the present invention is to provide USB (Universal Serial Bus) based techniques for identifying various characteristics of a network.

SUMMARY OF THE INVENTION

[0009] In one embodiment, a USB (Universal Serial Bus) based system for examining data packets passing via a network is provided. The system comprises a server, a plurality of user devices configured to send data packets via the network. The network comprises a data collection unit configured to receive data packets from the plurality of user devices, a data analysis unit configured to analyse the received data packets, wherein the analysis of the received data packets include a number of data packets entering the network, a number of data packets exiting from the network. The network further comprises a policy store configured to compare the data packets with a set of policies to identify inconsistencies in the data packet and a notification unit configured to provide notify about the inconsistencies and the analysis of the received data.

[0010] In another embodiment, a method for examining data packets passing via a network is disclosed. The method comprises sending, by a plurality of user devices, data packets via the network to a server, receiving data packets from the plurality of user devices, analysing the received data packets, wherein the analysis of the received data packets include: number of data packets entering the network, number of data packets exiting from the network. The method further comprises comparing the data packets with a set of policies to identify inconsistencies in the data packet and notifying about the inconsistencies and the analysis of the received data.

BRIEF DESCRIPTION OF DRAWINGS
[0011] Figure 1 illustrates a USB (Universal Serial Bus) based system for examining data packets via a network, in accordance with one embodiment of the present invention.

[0012] Figure 2 illustrates various components of a network, in accordance with one embodiment of the present invention.

[0013] Figure 3 illustrates various characteristics of a network traffic, in accordance with one embodiment of the present invention.

[0014] Figure 4 illustrating a flowchart of a method for examining data packets, in accordance with the present invention.

DETAILED DESCRIPTION OF THE INVENTION
[0015] While the present invention is described herein by way of example using embodiments and illustrative drawings, those skilled in the art will recognize that the invention is not limited to the embodiments of drawing or drawings described and are not intended to represent the scale of the various components. Further, some components that may form a part of the invention may not be illustrated in certain figures, for ease of illustration, and such omissions do not limit the embodiments outlined in any way. It should be understood that the drawings and the detailed description thereto are not intended to limit the invention to the particular form disclosed, but on the contrary, the invention is to cover all modifications, equivalents, and alternatives falling within the scope of the present invention as defined by the appended claim.

[0016] As used throughout this description, the word "may" is used in a permissive sense (i.e. meaning having the potential to), rather than the mandatory sense, (i.e. meaning must). Further, the words "a" or "an" mean "at least one” and the word “plurality” means “one or more” unless otherwise mentioned. Furthermore, the terminology and phraseology used herein are solely used for descriptive purposes and should not be construed as limiting in scope. Language such as "including," "comprising," "having," "containing," or "involving," and variations thereof, is intended to be broad and encompass the subject matter listed thereafter, equivalents, and additional subject matter not recited, and is not intended to exclude other additives, components, integers, or steps. Likewise, the term "comprising" is considered synonymous with the terms "including" or "containing" for applicable legal purposes. Any discussion of documents, acts, materials, devices, articles, and the like are included in the specification solely for the purpose of providing a context for the present invention. It is not suggested or represented that any or all these matters form part of the prior art base or were common general knowledge in the field relevant to the present invention.
[0017] In this disclosure, whenever a composition or an element or a group of elements is preceded with the transitional phrase “comprising”, it is understood that we also contemplate the same composition, element, or group of elements with transitional phrases “consisting of”, “consisting”, “selected from the group of consisting of, “including”, or “is” preceding the recitation of the composition, element or group of elements and vice versa.

[0018] The present invention is described hereinafter by various embodiments with reference to the accompanying drawing, wherein reference numerals used in the accompanying drawing correspond to the like elements throughout the description. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiment set forth herein. Rather, the embodiment is provided so that this disclosure will be thorough and complete and will fully convey the scope of the invention to those skilled in the art. In the following detailed description, numeric values and ranges are provided for various aspects of the implementations described. These values and ranges are to be treated as examples only and are not intended to limit the scope of the claims. In addition, several materials are identified as suitable for various facets of the implementations. These materials are to be treated as exemplary and are not intended to limit the scope of the invention.

[0019] Referring to FIG. 1, a USB (Universal Serial Bus) based system 100 for examining data packets via a network is shown. The system 100 comprises a plurality of user devices 102, the server 104, a network 106. The data from the plurality of user devices 102 is routed to the server 104 via the network 106. In one embodiment, the system 100 may be placed in an organization where the plurality of user devices 102 may be placed. In other words, the system 100 is placed in an organization where a set of policies may be defined. The set of policies may be defined for the organization for routing of data traffic from the user devices 102 to the server 104.

[0020] The plurality of user devices 102 may include any computing device which can route the data traffic via the network 104. For example, the computing device may include, but not limited to, computer device, laptop, mobile device, iPad, tablets, etc. The data from each of the user devices 102 may be sent in the form of data packets. The format of the data packet will be described later.

[0021] Referring to FIG. 2 now, a block diagram showing various components of the network 106 is shown. The network 106 comprises a data collection unit 202, a data analysis unit 204, a policy store 206, a notification unit 208. The components are not limited to the one mentioned here and can include any more components which can help to determine the quality of the data entering the network 106.

[0022] The data collection unit 202 receives data from each of the plurality of user devices 102. In other words, the data collection unit 202 receives data requests bound for the server to receive content. As described above, the data from each of the plurality of user devices 102 is received in the form of data packets. The network 106 receives each and every packet entering the network and examines the data packet for quality and inconsistencies.

[0023] Each data packet may have two components- control portion and a payload or data portion. The control portion may be a header portion of the data packet. The control portion provides details about the data present in the data packet. For example, the control portion may include the source destination i.e., the address from which the data packet is sent, the destination address, i.e., the addresses to which the data is intended for. In one embodiment, the source address may include source internet protocol (IP) address and the destination internet protocol (IP) address for which the packet is intended for.

[0024] The data packet may have reached the network 106 via a plurality of access points present in between the user devices and the network 106. Further, there may be access points between the network 106 and the server 104. In one embodiment, the control portion may include details about all the access points between the user devices 102 and the network 106 and network 106 and the server 104. The details about the access points may include addresses of each of the access points.

[0025] In one embodiment, the control portion may include details regarding data portion. For example, the details may include number of bits of data present in the data portion. The details may also include the type of data present in the data portion. The details may include any other information which may describe the data portion present in the data packet.

[0026] The data analysis unit 204 analysis the data received from the data collection unit 202. The analysis of the data includes identifying the number of data packets entering the network 106, the number of data packets exiting from the network 106, the number of data packets lost from the network 106, the outrages in the network 106.

[0027] In one embodiment, the data analysis unit 204 also keeps a track of response times, application response times (Time to First Byte), traffic categories, and risk levels on the NPM dashboard, where network sniffing is handled. By keeping a track of all these parameters, the data analysis unit 204 keeps a track of quality of experience of the network 106. In one embodiment, the data analysis unit 204 also keeps a track of Mac Address and EPOCH time.

[0028] To calculate the quality of experience of the network 106, the data analysis unit 204 creates a copy of data present in the network. For example, it may be difficult to analyze the data packets entering the network 106 and leaving from the network, and hence to accurately determine the quality of experience of the network 106, the copy helps to perform detailed analysis at a later time. The copy of data packets is an exact duplicate of data packets to be examined for analysis and inconsistencies.

[0029] The organization where the system 100 is installed may set some rules for routing of data traffic to the server 104 via the network 106. In one embodiment, the organization may set certain policies for each user device 102. The set of policies are stored in the policy store 206. The set of policies may list down the type of data packets allowed to be transmitted from the user device 102. The set of policies may include type of applications allowed to transmit data packets to the network 106.

[0030] In one embodiment, the set of policies may also include a type of users present in the organization. The organization may set different levels of the users. The different levels of the users may be provided access to certain type of data while the other type of data may be restricted to be accessed by certain users. Thus, a level 1 user may be senior management and may be allowed to access all the websites while a level 2 user may have restrictions to certain websites. Similarly, level 3 and level 4 users may have further restrictions to certain websites. Thus, if the level 3 user tries to access the website restricted by the organization, the data packet is said to contain inconsistency. Thus, when such data packet with inconsistency is routed to the network 106, the data analysis unit 204 may not allow the routing of such inconsistent data packet and keeps a track of such inconsistency to be flagged to organization later via the notification unit 208. Thus, the policy store 206 can compare the data packets with the set of policies stored in the policy store 206 to identify inconsistencies in the data packet.

[0031] The notification unit 208 can flag any inconsistency identified in the network 106. In one embodiment, a number of capabilities are offered by notification unit 208 includes customized alarms, automatically creating intelligent maps, monitoring SDN environments, computing dynamic baselines, and Network InsightTM visibility across Cisco Nexus, Cisco ASA, and F5 BIG-IP.

[0032] Referring to FIG. 3 now, various characteristics of a network traffic entering and leaving the network 106 is shown. The FIG. 3 can also be considered to be information presented to a user such as a network administrator. In one embodiment, the information may be presented in a tabular format which can also be customized by a network administrator. The network administrator can analyze all the information/characteristics relating to the network traffic. The characteristics of the data traffic may include, but not limited to, a report on a number of packets entering the network 106, a report on a number of packets leaving from the network 106, a quality of experience report defining overall level of customer satisfaction. The level of satisfaction may be experienced when there is no inconsistency or latency detected at the network 106. If the level of satisfaction is low, the network administrator may provide ways to improve the quality of experience.

[0033] Referring to FIG. 4 now, a flowchart of a method for examining data packets is disclosed. At step 402, the method comprises receiving data packets from a plurality of user devices. At step 404, the method comprises creating a copy of the data packets. At step 406, the method comprises analyzing the copy of the data packets. At step 408, the method comprises identifying inconsistencies in the data packets based on the analysis. The inconsistencies may be identified based on the analysis of the number of data packets entering the network, the number of data packets leaving the network, inconsistency due to violation of policies set by an organization.

[0034] The various actions, acts, blocks, steps, or the like in the flow diagram may be performed in the order presented, in a different order or simultaneously. Further, in some embodiments, some of the actions, acts, blocks, steps, or the like may be omitted, added, modified, skipped, or the like without departing from the scope of the invention.

[0035] Although particular embodiments of the invention have been described in detail for purposes of illustration, various modifications and enhancements may be made without departing from the spirit and scope of the invention.
, Claims:I/We Claim:
1. A USB (Universal Serial Bus) based system (100) for examining data packets passing via a network, the system comprising:
a server (104);
a plurality of user devices (102) configured to send data packets via the network;
the network (106) comprising:
a data collection unit (202) configured to receive data packets from the plurality of user devices,
a data analysis unit (204) configured to analyse the received data packets, wherein the analysis of the received data packets include:
number of data packets entering the network,
number of data packets exiting from the network,
a policy store (206) configured to compare the data packets with a set of policies to identify inconsistencies in the data packet
a notification unit (208) configured to provide notify about the inconsistencies and the analysis of the received data.

2. The USB (Universal Serial Bus) based system as claimed in claim 1, wherein the data packets contain a header portion and a data portion.

3. The USB (Universal Serial Bus) based system as claimed in claim 1, wherein the set of policies is defined by an organization.

4. The USB (Universal Serial Bus) based system as claimed in claim 1, wherein the data analysis unit provides a quality of experience report of the network.

5. The USB (Universal Serial Bus) based system as claimed in claim 1, wherein the data analysis unit provides a source IP address, a destination IP address of the data packet.

6. A method for examining data packets using a USB (Universal Serial Bus) based system (100) as claimed in claim 1, the method comprising:
receiving data packets from the plurality of user devices (402),
creating a copy of the data packets (404),
analysing the received data packets (406), wherein the analysis of the received data packets include:
number of data packets entering the network,
number of data packets exiting from the network,
comparing the data packets with a set of policies to identify inconsistencies in the data packet (408), and
notifying about the inconsistencies and the analysis of the received data.

7. The method as claimed in claim 6, wherein the data packets contain a header portion and a data portion.

8. The method as claimed in claim 6, wherein the set of policies is defined by an organization.

9. The method as claimed in claim 6, wherein analysing the data packet further comprises providing a quality of experience report of the network.

10. The method as claimed in claim 6, wherein the analysing the data packets further comprises providing a source IP address, a destination IP address of the data packet.

Dated this 22 Sept, 2022