Unlock instant, AI-driven research and patent intelligence for your innovation.

Safety defending installation and system of anti-attack information communication network

A security defense and information communication technology, applied in the field of anti-attack information communication network security defense devices and defense systems, can solve the problems of physical address forgery attack, physical address flooding attack, physical address forgery, etc., and achieves high practicability, The effect of solving address resolution protocol flooding attacks and resolving IP conflicts

Inactive Publication Date: 2008-06-11
张南希
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0016] In order to better solve technical problems such as physical address spoofing attacks, physical address flooding attacks, and physical address spoofing that cause IP conflicts in the prior art, the present invention provides an address resolution protocol request message sent to each terminal. Anti-attack information communication network security defense device with special processing

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety defending installation and system of anti-attack information communication network
  • Safety defending installation and system of anti-attack information communication network
  • Safety defending installation and system of anti-attack information communication network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] Embodiment 1. In this embodiment, the defense device 100 takes a switch as an example. When the defense module 102 is an encryption module, the switch control module 104 is turned on so that the encryption module is in the working state. The defense method in the anti-attack information communication network security defense system, the flow chart of this method can be referred to in Figure 4:

[0046] In the first step, the user first writes the physical address corresponding to the IP of the correct terminal device into the ARP agent part 301, and runs the ARP agent part 301;

[0047] In the second step, when all terminal devices are initially connected to the network, they will unilaterally send an address resolution protocol announcement broadcast packet to the designated port of the switch 100 in the network.

[0048] In the third step, the switch 100 detects the broadcast data packet in the entrance of the switch port, and when it is found that it is an address re...

Embodiment 2

[0060] Embodiment 2. The defense device 100 takes the switch 100 as an example in this embodiment. When the defense module 102 is a reporting module, turn on the switch control module 104 so that the reporting module is a state-switching bridging device in the working state. For the defense method in the anti-attack information communication network security defense system, the flow chart of the method can be referred to in Figure 5:

[0061] In the first step, the user first writes the physical address corresponding to the IP of the correct terminal device into the ARP agent part 301, and runs the ARP agent part 301;

[0062] In the second step, when all end devices are initially connected to the network, they will send an address resolution protocol announcement broadcast packet to the intranet.

[0063] The 3rd step, switch 100 detects the broadcast packet in the entrance of switching port, when finding to be address resolution protocol request message, address resolution p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the network security defense field, and in particular relates to an anti-attack information communication network security defense device giving special treatment to an address resolution protocol request message send by terminals and a defense system. The defense device comprises; a data exchange module, a main module and a defense module, wherein the defense module is respectively connected with the data exchange module and the main module. The defense system comprises: an address resolution protocol proxy, a security defense device with information security defense function and a communication terminal. The anti-attack information communication network security defense device of the invention is simple in structure, reasonable in design and convenient in use, and with the defense arranged in the defense system, can in the practical application well solve the technical problems of MAC address spoofing attack, MAC address flooding attack and IP conflict due to MAC address spoofing in the prior art, thereby having strong practicability.

Description

【Technical field】 [0001] The invention belongs to the field of network security defense, and in particular relates to an anti-attack information communication network security defense device and a defense system by performing special processing on address resolution protocol request messages sent by each terminal. 【Background technique】 [0002] The Ethernet protocol is a set of local area network protocols defined by a set of IEEE 802.3 standards. It is now the most commonly used LAN link layer protocol. A Layer 2 Ethernet switch is a device that performs packet switching based on the physical address of the link layer. [0003] IP protocol is currently the most widely used data communication network layer protocol standard. The IP protocol uses a 32-bit IP address to uniquely identify a device, and the propagation of data packets above the network layer is addressed based on the IP address. However, the IP address is only valid for the network layer, and the hardware de...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/56
Inventor 张南希焦润
Owner 张南希