37results about How to "Avoid Denial of Service Attacks" patented technology

The invention discloses a method and a system for monitoring DDOS (distributed denial of service) attacks in small flow, solves the problems that the existing DDOS attack detection technology is high in cost, complex to implement and high in misjudgment rate, cannot respond to DDOS attacks aiming at an application layer and the like, and provides the monitoring scheme of an integrated DPI (dots per inch) technology. A baseline analysis, component analysis and similarity analysis method is used to establish a normal use model, characteristics are accurately matched to detect the attacks in small flow and the application layer attacks, deployment at one point of an operator network and complete coverage of the operator network are achieved, and detection accuracy is increased.

The invention discloses a firewall of a vehicle-mounted information system of an automobile. According to the firewall, a hardware platform is composed of a smart phone or a smart terminal connected with an external network. The firewall is an APP installed in the smart phone or the smart terminal. The firewall is the unique entry/exit for connecting the vehicle-mounted information system and the external network. Data enters a gateway in the automobile after passing through an ELM327 connected with the smart phone or terminal and then passing through an OBD-II connected with the ELC327. The data is forwarded to different intra-automobile buses by the gateway according to the features of the data. Finally the data enters corresponding ECUs for execution. The illegal data is filtered by security rules of the firewall and then is discarded. The firewall of the vehicle-mounted information system of the automobile comprises the ELM327, the OBD-II, the gateway, the ECUs and the firewall APP. According to the system, a flooding attack can be prevented and a service attack can be rejected through statistical rules; and a replay attack can be prevented through address filtration.

Provided is an RFID two-way authentication method based on a Hash function and capable of updating keys synchronously. A label key dynamic updating mechanism is introduced in the method, a self-synchronizing solution scheme is designed, and secondary authentication on an RFID label is achieved. Safety analysis and performance comparison are performed on an existing protocol, the analysis result shows that on the premise that label cost is not increased, the computing amount of the label and a rear-end database is reduced through new two-way authentication, the retrieval efficiency of the rear-end database is improved, the privacy protection and safety problem of an RFID system is effectively solved, meanwhile, the executing efficiency of RFID protocol identification is improved, and the method is more suitable for a low-cost RFID system and a large-scale electronic label system and has certain application value.

The invention relates to a method for realizing a safety model of access authentication in the mobile internet. In the method provided by the invention, an authentication server with a P2P (Peer 2 Peer) framework is arranged in the mobile internet; the access authentication safety of the mobile internet is solved by utilizing an AKA (Also Known As) authentication mechanism; the concrete flow of AKA in the mobile internet is described; the whole authentication course is realized through C knowledge programming by utilizing socket; the core framework of the mobile internet is realized by combining the distributed techniques such as a P2P technique and the like; an operator can establish a carrier-class network capacity platform capable of being expanded and providing multimedia applications and content applications; the framework based on the P2P technique can still provide the service for users under the condition of actual effects of a single node; the mobile internet can collect network bandwidth resources for the service through the P2P technique, thereby improving the throughput capacity of the service flow; and the P2P technique is the development direction of the mobile internet, thus the realization of the research for the AKA authentication mechanism based on the P2P framework extremely has reality significances.

The method comprises: receiving the management frame to be discriminated; according to the management frame to be discriminated, determining a new frame; according to the new frame, transmitting the class frame to the expected source device; wherein, if the class of the class frame is higher than its corresponding frame above new frame determining step; deciding if receiving a desired frame; wherein, the desired frame has same frame type with the management frame to be discriminated; if receiving the desired frame, the management frame is determined to be a real one.

A method is provided for preventing denial-of-service attacks on hosts attached to a subnet, where the attacks are initiated by a remote node over an external network. The method is performed by a router which forwards packets between the external network and the subnet. The router receives a packet for forwarding to a destination address in an address space of the subnet according to the IPv6 protocol and looks up the destination address in a Neighbor Discovery (ND) table. The ND table is populated by operations on the subnet that were completed prior to receipt of the packet. Entries in the ND table store address information of the hosts that have been verified by the router to be active. The router forwards the packet to the destination address if the destination address is stored in the ND table. Otherwise, the packet is discarded.

The invention discloses a service denial detection method for a large data platform. The method includes the steps that a plurality of nodes are selected in the large data platform and serve as detection nodes, and a plurality of nodes serve as calculation nodes; a user blacklist is set; secondly, a submitted application is firstly detected in the detection nodes; if any task is detected unqualified, the task and the application are both marked failed; if tasks are detected qualified, the application is allocated to the calculation nodes for continuous execution; thirdly, the nodes are detected, and when the number of the tasks marked failed on the nodes exceeds a set value P, the nodes are marked UNHEALTHY; when the number of the calculation nodes marked UNHEALTHY exceeds a set threshold, the tasks marked failed on the calculation nodes are detected, and if the tasks come from a same user or the similarity exceeds a set value, the calculation nodes are added into an exclusion list; if the ratio of the number of the nodes in the exclusion list exceeds N%, it is judged that attack of service denial exists.