Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and apparatus for preventing DDos attack

A technology for equipment and connection requests, applied in digital transmission systems, electrical components, transmission systems, etc., can solve the problems that network equipment cannot respond to new service network equipment crashes, inconvenience and complexity, and achieve effective security defense and facilitate promotion. Easy to apply and operate

Inactive Publication Date: 2008-08-20
北京九合创胜网络科技有限公司
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0016] 1. When the number of offensive SYN packets reaches the defense peak value of the network device, the protected network device may still occupy a large amount of resources, which will also cause the network device to fail to respond to new services or the network device to exist. machine risk;
[0017] 2. Users are required to know their own network conditions very well, and configure different detection rule parameters according to the network status. Inconvenience to users

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for preventing DDos attack
  • Method and apparatus for preventing DDos attack
  • Method and apparatus for preventing DDos attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] In the embodiment of the present invention, before the protected network device (i.e., the server) receives the TCP connection request SYN message, it needs to complete the verification of the validity of the TCP connection request SYN message, and only forward the legal and valid TCP connection request SYN message For the server side, the aggressive TCP connection request SYN message that occupies system resources is discarded, thereby reducing the risk that the server bears due to the exhaustion of system resources caused by TCP semi-connections.

[0032] First, it introduces how to verify the validity of the TCP connection request SYN message from the client, and how to realize the process of forwarding the legal and valid TCP connection message to the server.

[0033] In the embodiment of the present invention, when the client sends a TCP connection request SYN message to the server, that is, when the first handshake request is made, it is detected whether the user n...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method and apparatus for preventing DDos attack, which belongs to transmit technology field of digital information. The method includes: before protected network appliance (namely server) receives TCP connection ask SYN message, server need complete validity checking for TCP connection ask SYN message, and only transmits legality valid TCP connection ask SYN to server terminal, discards attacking TCP connection ask SYN message of occupation system resources, and server will not take on any system resources exhausted risks caused by TCP semi- connection, thereby implementing network appliance attacking convenient, valid safe defense, avoiding affect to user because can not responding new service or down, and is convenient for technology spreading application because of simple operation.

Description

technical field [0001] The invention relates to the technical field of digital information transmission, in particular to a method and equipment for preventing DDos attacks in a network serial connection module. Background technique [0002] As the importance of the Internet (Internet) in daily life and business activities becomes more and more prominent, network security also becomes extremely important. Currently, network attacks, especially Denial of Service (DoS) attacks are also increasing. Due to the extensive sharing and rapid information exchange of the Internet, it is also easier to launch a small-scale or even medium-scale DDoS (Distributed Denial of Service, distributed denial of service). For example, it is easy to use the tool software downloaded from the Internet Malicious attacks on legitimate websites are launched, making network users face the dangers brought by the network while enjoying the convenience brought by the network. [0003] At present, SYN Flo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L12/56H04L29/06
Inventor 唐文亮
Owner 北京九合创胜网络科技有限公司