Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, device and system for preventing services from being attacked

A technology of being attacked and server, which is applied in the field of information security, can solve problems such as dangerous loopholes, excessive consumption, and high consumption, and achieve the effect of preventing malicious attacks, avoiding dangerous loopholes, and preventing services from being attacked

Active Publication Date: 2011-08-24
SHENZHEN TENCENT COMP SYST CO LTD
View PDF3 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The entire encryption system of the first method is very strict, and is suitable for transmission occasions with high security requirements. Because establishing a secure channel requires more consumption in identity verification and key interaction, it does not have special security requirements. In the high case, this method is too complicated and consumes too much, and it is generally applicable to the verification of the server side; the second way to verify the legitimacy of the client by adding a digital signature to the data packet requires the client's public key Publish to where the server can query it, and there are dangerous loopholes in this process

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for preventing services from being attacked
  • Method, device and system for preventing services from being attacked
  • Method, device and system for preventing services from being attacked

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0056] see figure 1 , this embodiment provides a method for preventing services from being attacked, and the method flow is as follows:

[0057] 101: Receive the service application sent by the client, and send verification information to the client;

[0058] Among them, the verification information includes at least randomly generated plaintext and user identification encrypted with a private key;

[0059] 102: Receive the signature encrypted with the public key according to the verification information returned by the client;

[0060] 103: Verify the legitimacy of the client according to the signature returned by the client. If the verification is passed, execute 104; if the verification fails, execute 105;

[0061] 104: continue to serve the client, and the process ends;

[0062] 105: Determine that the client is an illegal client, discard the data packets sent by the illegal client, and the process ends.

[0063] In the method provided by this embodiment, before provid...

Embodiment 2

[0065] This embodiment provides a method for preventing services from being attacked. In this method, before providing services to the client, the server first verifies the legitimacy of the client, and after confirming that the client is an illegal client, discards the data packets, so as to achieve the effect of preventing the service from being attacked. see figure 2 , the method flow is as follows:

[0066] 201: The client sends a service application to the server;

[0067] For this step, in order to prevent the service of the server from being attacked, the client needs to submit a service application to the server before accepting the service of the server, so that the server can verify the legitimacy of the client submitting the service application, thereby preventing the service of the server from being attacked .

[0068] 202: After receiving the service application sent by the client, the server sends verification information to the client;

[0069] Among them, ...

Embodiment 3

[0082] see image 3 , this embodiment provides a server, the server includes:

[0083] The first receiving module 301 is configured to receive the service application sent by the client;

[0084] The sending module 302 is configured to send verification information to the client after the first receiving module 301 receives the service application sent by the client, and the verification information includes at least randomly generated plaintext and a user ID encrypted with a private key;

[0085] The second receiving module 303 is used to receive the signature obtained by encrypting the verification information sent by the sending module 302 with a public key returned by the client;

[0086] The verification module 304 is configured to verify the legitimacy of the client according to the signature returned by the client received by the second receiving module 303;

[0087] The first processing module 305 is configured to continue serving the client after the client passes t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method, device and system for preventing services from being attacked, which belong to the technical field of information security. The method comprises the following steps: receiving a service request sent by a client, and issuing verification information to the client, wherein the verification information at least comprises plaintexts generated randomly and user identifications encrypted by private keys; receiving a signature which is returned by the client and encrypted by a public key for verification information; and verifying the legality of the client according to the signature returned by the client, if passing the verification, continuing to serve the client, otherwise, determining that the client is an illegal client, and discarding a data packet sent by the illegal client. The method, device and system disclosed by the invention have the advantages that because the client is subjected to legality verification before being provided with services, no excessive spending is added in the process of verification, and the secret key interaction between a server and a client is not required, the risk vulnerabilities existing in secret key interaction can be avoided, and then the effect of preventing services from being attacked can be achieved.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a method, device and system for preventing services from being attacked. Background technique [0002] In order to facilitate users' access, many servers are directly exposed to the public network, so they are vulnerable to attacks by hackers. Hackers generally attack servers by constructing or tampering with data packets after scanning the ports of network services. When the server is attacked, the source of the data packets cannot be identified, resulting in incorrect services to illegal users, causing the system to be busy. [0003] In order to enable the server to effectively identify the source of the data packet when receiving the data packet, so as to protect the normal service of the server. The first approach taken by the prior art to prevent services from being attacked is to encrypt data packets and use a secure data channel to transmit the encry...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L9/28H04L9/14H04L29/06
Inventor 王志华陈谦
Owner SHENZHEN TENCENT COMP SYST CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com