Distributed service attack refusing defense method, apparatus and system

A distributed denial and attack source technology, applied in the network field, can solve the problem of low cleaning accuracy, and achieve the effect of improving the cleaning accuracy
CN101309150AActive Publication Date: 2008-11-19CHENGDU HUAWEI TECH
0 Cites 38 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Applications(China)
Current Assignee / Owner
CHENGDU HUAWEI TECH
Publication Date
2008-11-19

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention embodiment discloses a defense method, a device and a system for the DDos attack, which relate to the network technology and aim to solve the problem of low cleaning accuracy caused by the cleaning of the unidirectional data flow obtained by the network cleaning device found in the prior art. The defense method of the DDos attack in the invention embodiment includes that the data flow in the network is acquired and detected to obtain the attack information; the upstream data flow in the network is acquired and filtered to obtain the upstream data information of the protected host; the downstream data flow with the target of the protected host is processed with conduction, supplement and cleaning according to the attack information and the upstream data flow from the protected host. The invention embodiment also provides a measurement-control device, a cleaning device and a defense system for the DDos attack. The defense method, the device and the system for the DDos attack are applicable to the detection and defense of the DDos attack in the network technology.
Need to check novelty before this filing date? Find Prior Art

Description

Technical field

[0001] The present invention relates to network technology, in particular to the defense of distributed denial of service (DDoS: Distributed Denial of Service) attacks. Background technique

[0002] DDOS attack means that the attacker uses the master control host (possibly multi-level and multi-layer) to control a large number of infected and controlled hosts to form an attack network to carry out a large-scale denial of service attack on the victim host. This kind of attack can often amplify the attack of a single attacker in a series. Under the attack of high-speed data packets, the key resources of the victim's host, such as bandwidth, buffers, and CPU resources, are quickly exhausted. The victim's host may crash or spend a lot of time processing the attack packet and cannot provide normal services to the victim and user. Causes serious economic losses, so effective detection and defense of DDoS attacks is an important part of building a secure network. [0003...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More