Attack protection method and device

A legal, source address technology, applied in the field of network security, can solve the problems of maintaining a large amount of data, complex implementation, server impact, etc., to achieve the effect of ensuring normal operation, significant prevention effect, and wide application range

Inactive Publication Date: 2008-12-10
HUAWEI DIGITAL TECH (CHENGDU) CO LTD
View PDF0 Cites 44 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For the case of all discarding, the DNS requests of some normal users are affected, and the attack purpose is indirectly achieved; while only filtering part, it will still have a great impact on the server and cannot protect the server well
It can be seen that these two technologies cannot identify the attack of forged source ip very well, so they cannot effectively prevent DNS flood attacks
[0015] For the second technology, since the establishment of the domain name reputation mechanism requires a long period of learning, and the accuracy of the learning results largely depends on the precondition that there is no attack during the learning period; and the domain name reputation mechanism needs to maintain a large amount of data, The reputation evaluation algorithm is relatively complex, and the evaluation results directly affect the effectiveness of defense
It can be seen that the implementation of this technology is complicated, which is not conducive to the effective implementation of DNS flood attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack protection method and device
  • Attack protection method and device
  • Attack protection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0037] In an embodiment of the attack prevention method of the present invention, when the detection device detects a DNS flood attack, it enters the prevention process: for the domain name resolution request sent by the client, first verify that the domain name resolution request comes from a real source, and then send the domain name resolution request to the DNS server Forward the domain name resolution request and respond to the terminal. The detection device may be a special detection device or the firewall itself, depending on the networking.

[0038] refer to figure 1 , an embodiment of the attack defense method of the present invention mainly includes the following steps:

[0039] S101: Receive a domain name resolution request from the client, and obtain the source address of the domain name resolution request;

[0040] S10...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an attack preventing method and a device thereof, in one embodiment of the attack preventing method, comprising: entering a preventing flow when a detecting device detects the DNS flood, first validating the domain name resolution request from a real source aiming at the domain name resolution request transmitted by the client-side, then transmitting the domain name resolution request to the DNS server and responding to the terminal. The embodiment of the invention effectively prevents DNS flood, effectively ensures the normal operation of the DNS server with the advantages of simple implement and wide application.

Description

technical field [0001] The invention relates to the field of network security, in particular to an attack prevention method and device. Background technique [0002] DNS (Domain Name System, Domain Name System) is a distributed database for TCP / IP applications, providing conversion between host names and IP addresses and routing information about e-mail. The DNS server plays an important role in internet applications. Once the DNS server is attacked by DDOS, it will seriously affect people's normal network applications. [0003] DNS flood is a UDP flood based on a specific application protocol. The attacker sends a large number of domain name resolution requests to the DNS server, causing the DNS server to be seriously overloaded and cannot continue to respond to DNS requests from normal users, thereby achieving the purpose of the attack. Generally, the DNS request sent by the attacker is a randomly generated domain name that does not exist in the network. When the DNS serv...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/00H04L29/06
Inventor 肖洪亮毛世峰张进军
Owner HUAWEI DIGITAL TECH (CHENGDU) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap