Method and device for preventing igmp deception and attack

A legality and MAC address technology, applied in digital transmission systems, electrical components, transmission systems, etc., can solve the problems of increasing the CPU burden of multicast routers, wasting bandwidth, occupying software and hardware resources, etc., and achieving the goal of safe operation Effect

Active Publication Date: 2016-04-27
北京神州数码云科信息技术有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If an illegal user forges the IGMP leave message of the host of the IGMP querier, after the host leaves, there will be multicast traffic flowing to the host away from the multicast group, resulting in a waste of bandwidth; if an illegal host forges the source IP to send an IGMP membership report packets, which will increase the CPU load of multicast routers on the network
In addition, even a host with a legal IP may launch an IGMP attack. The host sends a large number of IGMP membership report messages, which increases the CPU burden of the multicast router on the network and occupies a large amount of software and hardware resources.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for preventing igmp deception and attack
  • Method and device for preventing igmp deception and attack
  • Method and device for preventing igmp deception and attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to describe the technical content, achieved goals and effects of the present invention in detail, the following will be described in detail in conjunction with the implementation manners and accompanying drawings.

[0036] figure 1It is a system block diagram of preventing IGMP spoofing and attacking under the DHCP environment of the embodiment of the present invention. The system includes a DHCP host, a switch, a multicast router, a DHCP server and a multicast source, the DHCP host is connected to the multicast router through a switch, the multicast router is connected to the multicast source, and the multicast router connects to the DHCP server; wherein, the The multicast router is used to initiate an IGMP member query and allow the nodes in need to respond; the switch is used to listen to the IP address request process of the DHCP host to establish a DHCP binding including user IP, MAC address, virtual local area network identifier and receiving port informa...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for preventing IGMP spoofing and attacking, comprising: S1: a switch monitors the IP address request process of a DHCP host to establish a DHCP binding table including user IP, MAC address, virtual local area network identification and receiving port information; S2: The switch listens to the IGMP message and determines the type of the message. If it is a general group query message, execute step S3. If it is a membership report message, execute step S4; S3: According to the receiving port information and the pre-configured trusted port Whether it matches, judge the legitimacy of the message; S4: judge the legitimacy of the message according to whether the message information matches the DHCP binding table information and the threshold value of the number of multicast groups that each IP is allowed to join. The invention effectively solves the problems of IGMP general group query deception, IGMP source address deception and IGMP member report message attack. The method is simple and easy to implement, and is beneficial to safe operation of the network.

Description

technical field [0001] The invention relates to the field of computer data communication, in particular to a method and device for preventing IGMP deception and attack. Background technique [0002] With the continuous development of network broadband technology, streaming media data is widely used in many services such as video on demand, online teaching, and online live broadcast due to its intuition, practicality, and interactivity. These services have point-to-multipoint characteristics. For a service mode similar to point-to-multipoint, if a point-to-point unicast mode is used for data transmission, a large amount of network resources will be wasted. In order to save the occupation of network resources, IP multicast technology emerges in due course. Through IP multicast technology, a system can simultaneously send the same data packet to multiple hosts in the same multicast group. IGMP (Internet Group Management Protocol, Internet Group Management Protocol) is a protoc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/741H04L12/761H04L45/16H04L45/74
Inventor 梁小冰
Owner 北京神州数码云科信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap