A method for defending against denial of service attacks based on cloud computing platform

A denial of service attack and cloud computing platform technology, applied in the field of information security, can solve the problems of high harm, low attack rate, and few attack launching nodes

Active Publication Date: 2011-12-21
NANJING UNIV OF POSTS & TELECOMM
View PDF3 Cites 38 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] This kind of attack is characterized by low attack rate and few attack launching nodes, but the damage caused by each attack is very large, and it is not easy to be detected by detection tools

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for defending against denial of service attacks based on cloud computing platform
  • A method for defending against denial of service attacks based on cloud computing platform
  • A method for defending against denial of service attacks based on cloud computing platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] Method of the present invention is:

[0033] Step 1. Monitor the server to obtain the current system performance (CPU, memory utilization, network throughput) information and performance growth rate;

[0034] Step 2. Start the defense system when the system performance threshold or growth threshold is higher than the highest threshold;

[0035] Step 3. After the client establishes a TCP connection with the server, the defense system intercepts its GET request to the URL sent by the server;

[0036] Step 4. The defense system returns to the client a packet containing a cookie redirected to the URL. And define the redirection times num=0;

[0037] Step 5. In the case of the number of redirections num<3, if the client is a legal host, it will respond to the redirection data packet according to the rules of the HTTP protocol; if the client is a zombie host, it cannot respond to this Redirect data packets to respond or respond to errors; redirection times num++;

[0038]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for defending against a denial of service attack based on a cloud computation platform, which solves the problem of the HTTP (HyperText Transfer Protocol) denial of service attack on a concrete application. A CPU (Central Processing Unit), a network throughput rate and the like are analyzed to determine whether the denial of service attack exists, and after the existence of an attack behavior is determined, access data is first intercepted; access users are subjected to redirected accesses, and identifying code technology with 4-digit random numbers/letters plus mathematical problems with fixed answers is adopted at Cookie; meanwhile, the number of the redirected accesses is defined to discriminate a legal user from an attacker, and therefore, the IP of the attacker is added to a blacklist, and is banned from accessing so as to filter the attacker; as for the attacks which are disguised as the legal user and continue to attack a server, the inherent elastic performance of the cloud computation platform is utilized to dynamically increase a network bandwidth and the number of virtual servers; and after a system is stabilized, an original system state is recovered, the bandwidth is recovered, and the virtual servers are removed so as to effectively defending against the denial of service attack.

Description

technical field [0001] The invention is a solution for processing denial-of-service attacks based on a cloud computing platform, which is mainly used for defending against denial-of-service attacks in a cloud computing environment and belongs to the field of information security. [0002] Background technique [0003] With the development of Internet network technology and the continuous improvement of computer technology, the ability of data transmission and processing in the network has increased linearly. People hope to obtain a direct and convenient way of computing and processing, without installing application software, as long as they are connected to the Internet, they can use the idle computer resources connected to the network to process tasks. [0004] In this context, cloud computing emerges as the times require. The so-called cloud computing is to connect a cloud computing platform composed of a large number of servers and storage device clusters through a comp...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 王汝传宋筱宁付雄孙力娟韩志杰蒋凌云
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap