Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security accessing and sealing method based on FPGA (field programmable gate array)

A processing method and network security technology, which is applied in the field of FPGA-based network security connection blocking processing, can solve problems such as increasing costs, and achieve the effect of increasing processing speed and improving security performance

Active Publication Date: 2011-06-15
曙光网络科技有限公司
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the control of the bypass needs to add an additional unit, which increases additional costs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security accessing and sealing method based on FPGA (field programmable gate array)
  • Network security accessing and sealing method based on FPGA (field programmable gate array)
  • Network security accessing and sealing method based on FPGA (field programmable gate array)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] The present invention uses FPGA to realize the method of blockage processing of secure connection in the network protocol, which can liberate the CPU, thereby improving the performance of the host computer. The method mainly detects the source-destination IP address, source-destination port and protocol of the network data packet, and monitors the message For the data packets that are consistent with the set source-destination IP address, source-destination port, and protocol, the hit data packets are filtered according to the rules, analyze the header information and filtering actions, and determine whether to send blocking packets and what kind of packets to send. Type of blocking packets. By sending forged data packets to interrupt a TCP connection, it can effectively interrupt the connection of some illegal websites, so as to protect the security performance of the network.

[0017] The generated blocked packets are grouped according to the filtering results of the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a network security accessing and sealing method and device based on an FPGA (field programmable gate array). The device comprises a network data memory, a user rule memory and a characteristic comparator. The method comprises the steps of receiving an external network data packet, and momentarily memorizing the data packet in a network data memorizer; detecting the characteristic value of the network data packet, wherein the characteristic value comprises a source directory IP (internet protocol) address, a source directory port and a protocol, and monitoring the control bit of a message; querying a corresponding action of the hit data packet with the characteristic value which is coincident with the set source directory IP address, the set source directory port and the set protocol, analyzing the packet header information and the filtration action according to a rule filtering result, and judging whether to transmit the sealing packets and which types of the sealing packets to be transmitted; and transmitting the data packet forged by the construction of the packet transmitting action, and interrupting the network access. After the method is used, the security accessing and sealing are realized, and the ping pang operation is adopted when the data packet is written and read, so that the processing speed of the data flow is increased. The illegal TCP (transmission control protocol) access is interrupted by transmitting the forged data packet, and the access of some illegal networks can be effectively interrupted, so that the safety performance of the network is improved.

Description

technical field [0001] The invention relates to the field of network security, in particular to an FPGA-based network security connection blocking processing method. Background technique [0002] At present, in the internal office network of an enterprise, it is necessary to monitor network usage in the fields of network access control, content filtering, content auditing, and network security. Generally, the bypass monitoring method is used to reduce the burden on the gateway or router. However, the control of the bypass needs to add an additional unit, which increases additional costs. Contents of the invention [0003] The invention provides a method for realizing the blockage processing of the secure connection in the network protocol by adopting the FPGA, which can liberate the utilization rate of the CPU, thereby improving the performance of the host computer. [0004] An FPGA-based network security connection blocking processing method, including a network data me...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 白宗元张磊李静张英文纪奎
Owner 曙光网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com