Method and equipment for obtaining attack message

An attack packet and acquisition method technology, applied in the field of attack packet acquisition, can solve the problems that the distance cannot be guaranteed for the attack packet to pass through the IDS device, the network performance is affected, and the IDS device is expensive.

Inactive Publication Date: 2011-11-02
NEW H3C TECH CO LTD
View PDF3 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] (1) IDS equipment is generally expensive and cannot be widely deployed in the network. It is generally deployed at the egress of the network, and is often powerless against internal attacks on large networks.
[0009] (2) The distance between the IDS device and the attacked device will also have a great impact on the function of the IDS device. If the distance is too far, it cannot guarantee that the attack message can pass through the IDS device and be accurately recorded by the IDS device.
[0011] (4) For high-speed networks, too many IDS devices often affect the performance of the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and equipment for obtaining attack message
  • Method and equipment for obtaining attack message
  • Method and equipment for obtaining attack message

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] As described in the background, the existing attack packet capture technology has problems such as high cost of capture equipment and impact on network performance.

[0057] Based on the above problems, the present invention proposes a method for obtaining attack packets, which accurately and efficiently records the packets that attack the network equipment without affecting the processing performance of the network equipment itself and without reducing the overall performance of the network. .

[0058] like figure 1As shown, it is a schematic flow chart of a method for obtaining attack messages proposed by the present invention. The method establishes a circular queue in the network device to record the storage of the recently received preset number of messages in the storage medium. location information, and save the message corresponding to the storage location information recorded in the circular queue in the storage medium, that is, as long as the storage location...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and equipment for obtaining an attack message. According to the technical scheme provided by the invention, a circular queue recording the storage position information of messages which are recently received is established in network equipment; a storage medium stores the messages recording the position information in the circular queue; thus, when an attack occurs, the messages which are recently received before the attack occurs are obtained according to the information which is recorded in the circular queue, and the attack message is identified from the messages; and under the condition that the normal message processing course of the network equipment is not influenced, the messages which are recently received are stilled stored, thus, when the attack occurs, the attack message is guaranteed to be stored in the storage medium, the complete content of the attack message can be accurately obtained, and the capturing of the attack message is finished under the condition that the network performance is not influenced.

Description

technical field [0001] The invention relates to the field of communication technology, in particular to a method and equipment for acquiring attack messages. Background technique [0002] At present, on the one hand, with the continuous increase in the number of network users and the rapid development of network applications, the number of network devices running on the network continues to increase; The complexity is also increasing. More and more network devices need to analyze the content of different layers of the message and take corresponding forwarding actions. [0003] As the forwarding decision of network devices depends more on packet content, the probability of devices being attacked will inevitably increase. Looking at the various attacks suffered by network devices, the most difficult to defend and analyze and locate is the DOS (Disk Operating System, Disk Operating System) attack. Attackers often send carefully constructed special packets to network devices, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/56H04L12/863
Inventor 吕磊
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap