Method for collaboratively resisting overlay layer DDoS attack in P2P network

A P2P network and overlay technology, applied in the field of P2P network security, can solve problems such as query message flooding attacks, inability to respond to connection requests, and exhaustion of TCP connection resources.

Active Publication Date: 2012-12-26
ZHENGJIANG PUBLIC INFORMATION +1
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If a large number of nodes send such messages to the same target node, the TCP connection resources of the target node will be exhausted and cannot respond to other connection requests, thus causing a DDoS attack
[0008] (3) Flood attack based on query message
However, if the attacker cooperates with other attack methods to launch a flood attack based on query messages, under the existing technology, the nodes in the P2P network do not cooperate with other nodes, and only rely on the nodes themselves to resist or exit the network to avoid the attack. incapable of effective resistance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for collaboratively resisting overlay layer DDoS attack in P2P network
  • Method for collaboratively resisting overlay layer DDoS attack in P2P network
  • Method for collaboratively resisting overlay layer DDoS attack in P2P network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] In structured P2P networks such as Chord, Pastry, Tapestry, CAN, Kademlia, etc., the message routing process with a certain node as the destination node presents a tree-like feature with the node as the root node. With the increase of message routing hops, Messages will continue to converge and finally reach the destination node. The embodiments of the present invention are not aimed at a specific network, but are applicable to all DHT-based structured P2P networks.

[0048] figure 1 It is a schematic diagram of the P2P network structure of the present invention. The maximum number of nodes allowed by the structured P2P network is n, and the number of currently online nodes is 16. Among them, nodes 3, 14, and 15 send a large number of query messages to node 0. If node 0 detects that the number of zero-purpose messages exceeds its attack tolerance Θ in a Δt, it is considered to have suffered a DDoS attack, and node 0 is recorded as the 0th layer node. For the convenien...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for collaboratively resisting overlay layer DDoS attack in a P2P network. The existing method has poor resistance. In the method of the invention, firstly whether the quantity of zero-purpose messages received by nodes in the P2P network within a detection period excesses the attack tolerance of the nodes is detected; secondly, the nodes receiving collaborative resisting messages are allowed to read the messages and process the messages collaboratively; and if the nodes in the i layer does response within the time of 2*delta t and the attack from the nodes of the i- layer is detected by the nodes of the (i-1) layer, the nodes of the (i-1) layer disconnects with the nodes of the i layer or does not provide service for the nodes of the i layer. The node of an attack source is approached through the processes, and the nodes collaboratively detect and inhabit attack messages to ensure that the quantity of the zero-purpose messages received by the nodes of the 0 layer does not excess the attack tolerance theta. In the invention, back tracking processes are utilized stage by stage to cause the nodes close to the attack source to detect attack and inhabit the attack source, thereby reducing the quantity of influenced nodes.

Description

technical field [0001] The invention belongs to the field of P2P network security, and in particular relates to a method for cooperatively resisting overlay layer DDoS attacks in a P2P network. Background technique [0002] DDoS (Distributed Denial of Service, Distributed Denial of Service) attack is developed from DoS attack. This attack uses compromised computers on the network as puppet machines to launch intensive "denial of service" to a specific target computer. Attacks exhaust the network resources and system resources of the target computer, making it impossible to provide services to normal requesting users. DDoS attacks only need to consume less resources of the attacker, but will have a serious impact on the attacked and take a long time to recover. [0003] Due to its decentralized and distributed characteristics, P2P networks have a natural ability to resist DDoS attacks, but attackers will also use the characteristics of autonomy and large number of nodes in P...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 宋革联王茂华孙小华赵帆程陈炜陈惠芳谢磊沈佳峰陈高翔
Owner ZHENGJIANG PUBLIC INFORMATION
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap