Method and device for defending against denial-of-service attacks

A denial of service attack and attack feature technology, applied in secure communication devices, computer security devices, instruments, etc., can solve problems such as denial of service attacks, inability to fully detect and block abnormal traffic attacks, and lack of effective integration of technologies. achieve the effect of ensuring safety

Inactive Publication Date: 2010-01-20
BEIJING VENUS INFORMATION TECH +1
View PDF0 Cites 53 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For the technologies in these three directions, their advantages are that the technology is relatively mature, easy to implement, and can effectively detect and block denial of service attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for defending against denial-of-service attacks
  • Method and device for defending against denial-of-service attacks
  • Method and device for defending against denial-of-service attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] The core of the method of the present invention is to overcome the shortcomings of the prior art, and provide a device for defending against denial of service attacks in a TCP / IP network, so that the denial of service attacks can be effectively detected and blocked, so as to ensure the security of network applications and provide A secure network application environment for network users.

[0049] The general workflow for defending against denial of service attacks is:

[0050] The initialization stage includes initializing the threshold and traffic ratio feature detection buffer, initializing the traffic distribution feature detection buffer, initializing the black and white list buffer, and initializing the DoS attack feature table buffer;

[0051] Preprocessing stage, including capturing network packets and performing protocol analysis;

[0052] The detection stage includes detecting the threshold and traffic ratio characteristics, authenticating the identity of the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for defending against denial-of-service attacks in TCP/IP networks. The method comprises: randomly sampling TCP, UDP and ICMP flow; counting and calculating the rate of each flow; detecting flow proportion characteristics and flow distribution characteristics; verifying the credibility of corresponding source host computers; self-learning black-white lists and DoS-attack characteristic tables according to detection result and source-host-computer identity authentication result and utilizing the black-white lists and the DoS-attack characteristic tables to filter the flow, release normal flow and blocking denial-of-service attacks. By utilizing the invention, the denial-of-service attacks can be detected and blocked so as to guarantee network availability, prevent network denial of service attacks from occurring and provide network users with a secure network environment.

Description

technical field [0001] The invention relates to the technical field of network and information security, in particular to a method and device for defending denial of service attacks in a TCP / IP network. Background technique [0002] At present, with the rapid development of the Internet and network applications, people can conduct e-commerce, resource sharing and entertainment activities through the network, and the network has gradually become an indispensable part of people's work, life and study. The demand for high security is getting stronger and stronger. The market demand for network security products is also becoming stronger and stronger. Currently, in the network and information security market, firewall products, intrusion detection products and antivirus products are still the mainstream products. [0003] The method and device for defending denial of service attacks of the present invention mainly involve the following technologies: random sampling technology,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/36G06F21/00
Inventor 华东明叶润国鲁文忠邓炜
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap