Flow control device and method based on flow prediction and trusted network address learning

A technology of flow control device and network address, which is applied in data exchange network, digital transmission system, electrical components, etc., can solve the problem that fixed detection threshold is difficult to set in advance, etc.

Inactive Publication Date: 2012-05-23
BEIJING VENUS INFORMATION TECH +1
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The technical problem to be solved by the present invention is to provide a flow control device and method based on flow prediction and trusted network address self-learning, which overcomes the problem that the fixed detection threshold is difficult to set in advance, and can quickly identify and forward during the flow control process Network traffic from a trusted remote host, and at the same time filter the rest of the traffic using attack packet filtering rules to truly ensure the traffic security of the target host

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Flow control device and method based on flow prediction and trusted network address learning
  • Flow control device and method based on flow prediction and trusted network address learning
  • Flow control device and method based on flow prediction and trusted network address learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The technical solutions of the present invention will be described in more detail below with reference to the accompanying drawings and embodiments.

[0045] The target host described in this paper is the object that the flow control device performs attack flow detection and flow control; the network address of the target host needs to be preset by the administrator; the method of the present invention supports simultaneous flow control of multiple target hosts.

[0046] The invention provides a flow control device based on flow prediction and trusted network address self-learning, comprising: a forwarding engine and a flow analysis unit;

[0047] The forwarding engine is used to forward network data packets, count the network traffic entering and leaving each target host, and collect trusted network addresses from the network data packets sent by each target host; The network data packets of the target host and the samples are sent to the traffic analysis unit, and the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a flow control device and a method based on flow prediction and trusted network address learning. The device comprises a forwarding engine and a flow analysis unit, wherein the forwarding engine is used for forwarding a network packet and calculating the network flow entering and leaving each target host, and reliable network addresses are collected from the network packetsent by each target host; when attack flow is detected, the network packet of the target host with attack flow is sampled, and the sample is sent to the flow analysis unit; according to the collectedreliable network address and the attack flow filtering rule returned by the flow analysis unit, flow control is carried out to the network packet sent to the target host; according to the received network packet sample, the flow analysis unit takes each TCP / IP protocol packet head field value as an item to extract a frequent item set satisfying preset minimum support to serve as an attack flow filtering rule applied to the target host corresponding to the network packet sample.

Description

technical field [0001] The invention relates to a device for realizing flow control, in particular to a flow control device and method based on flow prediction and self-learning of trusted network addresses. Background technique [0002] The network security border gateway is usually deployed at the entrance of the protected network. It checks the network data packets entering and exiting the protected network. Once a network intrusion is found, it will prevent network intrusion attempts through packet filtering and other methods to prevent network attacks. losses are minimized. The current common network attacks against the target host in the protected network can be divided into two categories: one is the vulnerability attack based on a small number of maliciously constructed packets; the other is the traffic attack based on a large number of network packets. The former includes various remote buffer overflow attacks, teardrop attacks, SQL injection attacks, etc., which c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/56H04L29/06H04L47/20
Inventor 叶润国周涛李博邓炜
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap