Detecting method of DDOS (distributed denial of service) attacks

A technology for attack detection and data packets, applied in digital transmission systems, electrical components, transmission systems, etc.

Active Publication Date: 2010-06-16
RUN TECH CO LTD BEIJING
View PDF0 Cites 83 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] So far, there is no good technology to thoro...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detecting method of DDOS (distributed denial of service) attacks
  • Detecting method of DDOS (distributed denial of service) attacks
  • Detecting method of DDOS (distributed denial of service) attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0123] The present invention will be further described in detail below in conjunction with the drawings and specific embodiments:

[0124] 1. Connect network traffic to the monitoring equipment in bypass mode.

[0125] According to the different protection objectives, the access location can have the following two options.

[0126] (1) Bypass the network data at the connection between the protected LAN and the external Internet.

[0127] (2) At the exit of the inter-provincial network, the bypass detection device detects the network traffic. At this time, because the network data volume is very large, multiple detection devices can be used for distributed detection.

[0128] 2. First, the network data stream flows into the "network data detection subsystem", and the processing methods for the network data stream are as follows: image 3 Shown:

[0129] (1) The "data packet interception module" subsystem of the "network data detection subsystem" analyzes the data packets connected by the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a detecting method of DDOS (distributed denial of service) attacks, belonging to the field of computer network safety and comprising the steps that, (1) a data packet interception module is used for analyzing accessed network data packet information; (2) a data packet feature statistic module is used for counting the analyzed network data packet information; (3) a statistical data processing module is used for computing the proportional distribution of all kinds of data packets relative to the total number of the data packets at unit time; (4) a data analyzing module is used for computing an alarm threshold of network data according to stored historical data computed in the steps (2) and (3); (5) the data analyzing module is used for judging whether a network data value at the current unit time exceeds the alarm threshold of the corresponding network data or not; if exceeds, the network data is submitted to an attack analyzing module; and (6) the attack analyzing module is used for generating a detection report according to the received network data value. Compared with the prior art, by integrating the historical data transmitted by a network, the invention carries out further analysis on the current network data, and can identify various ddos attacks.

Description

Technical field [0001] The invention belongs to the field of computer network security, and specifically relates to a DDOS attack detection method. Background technique [0002] Denial of service attack, English Denial of Service (DOS), as an attack method on the Internet, has a long history, mainly using the flaws of the TCP / IP protocol to exhaust the resources of the service network, leading to Failure to provide normal services is a malicious attack that is harmful to the network. Some denial-of-service attacks consume bandwidth, some consume CPU and memory of network equipment, and some cause system crashes. Representative attacks include SYN. flood, ICMP flood, UDP flood, etc. [0003] Initially, attacks were generally based on a single computer attacking the target, which is what we often call DOS attacks. With the development of technology, the current attack technology has developed from DOS mode to DDOS mode, that is, multiple computers under unified control. , Using dis...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26H04L29/08
CPCH04L63/1416H04L43/16H04L63/1458
Inventor 安丙春
Owner RUN TECH CO LTD BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap