Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for preventing IGMP (Internet Group Management Protocol) from being cheated and attacked

A technology of MAC address and message, which is applied in the field of computer data communication, can solve the problems of increasing the CPU burden of multicast routers, occupying software and hardware resources, and wasting bandwidth, and achieves the effect of safe operation

Active Publication Date: 2012-07-04
北京神州数码云科信息技术有限公司
View PDF6 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If an illegal user forges the IGMP leave message of the host of the IGMP querier, after the host leaves, there will be multicast traffic flowing to the host away from the multicast group, resulting in a waste of bandwidth; if an illegal host forges the source IP to send an IGMP membership report packets, which will increase the CPU load of multicast routers on the network
In addition, even a host with a legal IP may launch an IGMP attack. The host sends a large number of IGMP membership report messages, which increases the CPU burden of the multicast router on the network and occupies a large amount of software and hardware resources.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for preventing IGMP (Internet Group Management Protocol) from being cheated and attacked
  • Method and device for preventing IGMP (Internet Group Management Protocol) from being cheated and attacked
  • Method and device for preventing IGMP (Internet Group Management Protocol) from being cheated and attacked

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to describe the technical content, achieved objectives and effects of the present invention in detail, the following will be described in detail in conjunction with the implementation methods and accompanying drawings.

[0036] figure 1It is a system block diagram of preventing IGMP spoofing and attacking under the DHCP environment of the embodiment of the present invention. The system includes a DHCP host, a switch, a multicast router, a DHCP server and a multicast source, the DHCP host is connected to the multicast router through a switch, the multicast router is connected to the multicast source, and the multicast router connects to the DHCP server; wherein, the The multicast router is used to initiate an IGMP member query and allow the nodes in need to respond; the switch is used to listen to the IP address request process of the DHCP host to establish a DHCP binding including user IP, MAC address, virtual local area network identifier and receiving port in...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for preventing an IGMP (Internet Group Management Protocol) from being cheated and attacked. The method comprises the following steps of: S1: monitoring an IP (Internet Protocol) address requesting process of a DHCP (Dynamic Host Configuration Protocol) host machine by a switchboard and establishing a DHCP binding table which contains a user IP, a MAC (Media Access Control) address, a virtual local area network identification number and receiving port information; S2: monitoring an IGMP message by the switchboard and judging the type of the message; if the message is a common group inquiry message, executing the step S3; if the message is a membership report message, executing the step S4; S3: judging the legality of the message through judging whether the receiving port information is matched with a pre-configured trusted port or not; and S4: judging the legality of the message through judging whether the message information and the information of the DHCP binding table are matched with the threshold value of the number of multicast groups which are allowed to be added by each IP. Through adoption of the method and the device provided by the invention, the problems that the inquiry cheating on the IGMP common group, the cheating on an IGMP source address and the attack against an IGMP member report message are effectively solved; and the method is simple and easy to realize and is good for safe operation of a network.

Description

technical field [0001] The invention relates to the field of computer data communication, in particular to a method and device for preventing IGMP deception and attack. Background technique [0002] With the continuous development of network broadband technology, streaming media data is widely used in many services such as video on demand, online teaching, and online live broadcast due to its intuition, practicality, and interactivity. These services have point-to-multipoint characteristics. For a service mode similar to point-to-multipoint, if a point-to-point unicast mode is used for data transmission, a large amount of network resources will be wasted. In order to save the occupation of network resources, IP multicast technology emerges in due course. Through IP multicast technology, a system can simultaneously send the same data packet to multiple hosts in the same multicast group. IGMP (Internet Group Management Protocol, Internet Group Management Protocol) is a protoc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/56H04L45/16H04L45/74
Inventor 梁小冰
Owner 北京神州数码云科信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com