Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for preventing Dos aggression of business support system

A business support and business request technology, applied in the field of network communication security, can solve the problems of flexible response, ineffectiveness, and difficulty in fast and flexible adjustment of traffic, so as to achieve the effect of improving security.

Active Publication Date: 2009-04-22
CHINA MOBILE GROUP SICHUAN
View PDF1 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The above-mentioned prior art's strategy and method for dealing with anti-DoS (denial of service) attacks start from the abnormal flow of the network, and it is easy to block the normal request of the user by mistake while preventing the attack, and for distributed anti-DoS (denial of service) service) attacks, because it is difficult to distinguish between normal user requests and attack requests, these strategies and methods are even more difficult to work, and the above-mentioned technical solutions design the anti-attack system from the network level rather than from the application level, so some temporary activities caused by Abnormal traffic is difficult to adjust quickly and flexibly, and it is even more difficult to flexibly respond to the actual situation of users using services

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0025] Methods for preventing DoS (Denial of Service) attacks on the interface of telecom online business halls:

[0026]1. Within a day, when the user logs in to the online business hall for the first time, if the password passes the verification, the interface will generate a session random code, send the session random code back to the client, and save the phone number (user ID) and the corresponding random code, and establish the user's transaction index counter.

[0027] 2. The online business hall website (a client of the business support system) saves the session random code generated in the first step during the session, and sends the random code as a parameter to the interface to call the relevant business handling service when the user handles business each time The business request of the program.

[0028] 3. When the interface receives the random code sent by the client in the second step, it finds the indicator counter of the user according to the phone number an...

Embodiment 2

[0032] Methods for preventing DoS (Denial of Service) attacks on the website of the telecom online business hall:

[0033] 1. Within a day, when a user logs in to the online business hall for the first time, the user's handling index counter is established according to the phone number (user ID).

[0034] 2. Every time a user handles business, find out the index counter of the user according to the phone number, and add 1. If the counter count exceeds the threshold value of the handle index counter, reject the request to call the interface service of the telecommunications service support system; if not If the threshold value is exceeded, the request is allowed to call the corresponding business handling service program through the interface.

[0035] 3. At the end of the day, clear all metric counters.

[0036] Among them, the index counter is implemented by reading and writing the field value of the database record corresponding to the user's phone number through the progra...

Embodiment 3

[0039] A method for preventing DoS attacks in a business support system. When a user initiates a service processing request, the user ID is used to generate a user processing behavior indicator counter in the upstream link of the service support system request processing. In a counting period, when the user passes the service When the support system handles a business, it first counts the corresponding user handling behavior index counter, and then compares it with the user handling behavior threshold. If the counter count has exceeded the threshold, the business request will be blocked at this link. If not If the threshold is exceeded, the business request is allowed to continue to be processed in the downstream link of the business support system; or it can be compared with the user's handling behavior threshold first, and if the counter count has exceeded the threshold, the service is blocked at this link If the request does not exceed the threshold, it is allowed to counter...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method of a service supporting system used for preventing Dos attack; when the user initiates service transaction request, the user ID is used to generate a user transaction behavior index counter at the upstream link of request disposal of the service supporting system; during one counting period, when the user transacts the service once by the service supporting system, the corresponding user transaction behavior index counter is counted and then compared with the user transaction behavior threshold; if the count of the counter exceeds the allowance of the threshold, the service request is refused in the link; if the count of the counter does not exceed the allowance of the threshold, the service request is allowed to continue to be processed in the downstream link of the service supporting system. The method starts from the application layer, analyses the normal operation index of the user, utilizes the unusual threshold to judge the attack behavior at the upstream link of the service supporting system, blocks the attack request to be transmitted to the downward request processing system when the Dos attack occurs, thus achieving the purpose of preventing the Dos attacks.

Description

technical field [0001] The invention relates to the technical field of network communication security, in particular to a method for preventing a DoS attack of a business support system. Background technique [0002] With the development of computer technology, the company's business began to gradually integrate with computer software and hardware. According to the company's business model, with the computer system as the core, combined with other software and hardware facilities, the company's business support system was customized. Such as the billing system of the communication industry, the transaction management system of the bank, the transaction and payment system of the website, etc., are all typical business support systems. The security of the business support system is crucial to the company's daily production and business development. [0003] At present, hacker attacks are one of the biggest threats to network security, and DoS (denial of service) attacks are t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26G06Q40/00
Inventor 徐苛杰胡鹏
Owner CHINA MOBILE GROUP SICHUAN
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products