Method and system for preventing refusal service attack

A technology of denial of service attack and attack signature, applied in the field of network information security

Active Publication Date: 2011-10-26
ZTE CORP
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Preventing denial of service attacks is an important function of existing network switching equipment. Currently, there are clear requirements on the standards and specifications of switching equipment. However, due to the lack of current protocol stacks, the industry can only prevent denial of service attacks When an attack occurs, stop working and enter the closed state. When the attack stops, it will return to the normal working state. When the switching device is under attack, it can prevent denial of service attacks in the normal working state, and the forwarding of normal packets will not be affected.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for preventing refusal service attack
  • Method and system for preventing refusal service attack
  • Method and system for preventing refusal service attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] In order to make the purpose, technical solution and advantages of the present invention clearer, a method and system for preventing denial of service attacks of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0042]This paper describes a method and system for preventing denial-of-service attacks. By establishing an attack packet signature database and comparing the packet with the signature database, the attack packets are controlled from the bottom layer of the protocol stack to solve the problem that the attack packets exhaust the CPU resources of the device. problem; further, by establishing a virtual connection in the protocol stack to check whether the message is a normal message or an attack message, so as to solve the problem that th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a system for preventing the attack of a denial service. The method includes the following steps: step A, before a connection request is processed normally, a message transmitted from an initiator to a target terminal is intercepted and captured and the message content of the message is analyzed; step B, the attack of the denial service is judged according to the message content and treatment for preventing the attack of the denial service is carried out. The invention can effectively prevent the attack of denial service in a normal working state.

Description

technical field [0001] The invention relates to the field of network information security, in particular to a method and system for preventing denial of service attacks. Background technique [0002] Denial of Service attack (Denial of Service, DOS) is an attack on servers and switching devices on the existing Internet. They attack the defects or weak points of existing servers, causing the devices to crash and stop working, so as to affect the normal operation of the server. business purpose. Flood (also called flood attack, which is a type of denial of service attack) attack is a typical DOS attack. They send a large number of messages in a short period of time to exhaust the device memory resources and CPU resources to achieve the attack. Purpose. This kind of attack has strong destructive power, and includes many new types, such as SYN Flood, UDP Flood, ICMP Flood and so on. [0003] SYN Flood attack (flood attack), its principle is mainly to send a large number of TC...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/24H04L12/56
Inventor 缪伟
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap