Flow control device and method based on flow prediction and trusted network address learning

A technology of flow control device and network address, which is applied in the direction of data exchange network, digital transmission system, electrical components, etc., and can solve the problems such as the difficulty of setting the fixed detection threshold in advance

Inactive Publication Date: 2010-06-09
BEIJING VENUS INFORMATION TECH +1
View PDF2 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The technical problem to be solved by the present invention is to provide a flow control device and method based on flow prediction and trusted network address self-learning, which overcomes the problem that the fixed detection threshold is difficult to set...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Flow control device and method based on flow prediction and trusted network address learning
  • Flow control device and method based on flow prediction and trusted network address learning
  • Flow control device and method based on flow prediction and trusted network address learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The technical solution of the present invention will be described in more detail below with reference to the drawings and embodiments.

[0045] The target host described in this article is the target of the flow control device for attack flow detection and flow control; the network address of the target host needs to be preset by an administrator; the method of the invention supports flow control for multiple target hosts at the same time.

[0046] The present invention provides a traffic control device based on traffic prediction and trusted network address self-learning, including: a forwarding engine and a traffic analysis unit;

[0047] Described forwarding engine is used for forwarding network data packet, counts the network flow of entering and leaving each target host computer, collects credible network address from the network data packet that each target host computer sends; Network data packets of the target host and send samples to the traffic analysis unit, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a flow control device and a method based on flow prediction and trusted network address learning. The device comprises a forwarding engine and a flow analysis unit, wherein the forwarding engine is used for forwarding a network packet and calculating the network flow entering and leaving each target host, and reliable network addresses are collected from the network packet sent by each target host; when attack flow is detected, the network packet of the target host with attack flow is sampled, and the sample is sent to the flow analysis unit; according to the collected reliable network address and the attack flow filtering rule returned by the flow analysis unit, flow control is carried out to the network packet sent to the target host; according to the received network packet sample, the flow analysis unit takes each TCP/IP protocol packet head field value as an item to extract a frequent item set satisfying preset minimum support to serve as an attack flow filtering rule applied to the target host corresponding to the network packet sample.

Description

technical field [0001] The invention relates to a device for realizing flow control, in particular to a flow control device and method based on flow prediction and trusted network address self-learning. Background technique [0002] The network security border gateway is usually deployed at the entrance of the protected network. It checks the network data packets entering and leaving the protected network. Once a network intrusion is found, it prevents network intrusion attempts through message filtering and other methods, so as to prevent network attacks from occurring. Losses are minimized. The current common network attacks against target hosts in the protected network can be divided into two categories: one is vulnerability attacks based on a small amount of maliciously constructed packets; the other is traffic attacks based on a large number of network packets. The former includes various remote buffer overflow attacks, teardrop attacks, SQL injection attacks, etc. Thi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L29/06H04L47/20
Inventor 叶润国周涛李博邓炜
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap