Unlock instant, AI-driven research and patent intelligence for your innovation.

Network attack identification method and device

A network attack and identification method technology, applied in the field of network attack identification methods and devices, can solve problems such as data packets failing to pass, network data packets being easily forged, network security hidden dangers, etc., and achieving the effect of avoiding inability to communicate smoothly

Active Publication Date: 2014-12-24
RUIJIE NETWORKS CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although this implementation method is simple, it also brings corresponding hidden dangers, making it easy for attackers to forge network data packets with legal IP and ports, so that they can enter the internal network through state detection, so there is a great security risk in the network. Hidden danger
However, if an attacker forges a data packet to make the connection transition to an abnormal state, the connection will be deleted, so that legitimate data packets cannot pass through.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack identification method and device
  • Network attack identification method and device
  • Network attack identification method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] Embodiment 1 of the present invention provides a method for identifying a network attack. Specifically, a network device for identifying a network attack is taken as an example for description. The steps of the method can be as follows image 3 shown, including:

[0048] Step 101, the router receives the data packet.

[0049] In this step, the router may receive the N+1th TCP data packet sent by the first device to the second device, where N is a positive integer. Wherein, the first device may be a client, and the second device may be a server. Of course, it is also possible that the first device is a server and the second device is a client.

[0050] Step 102, the router determines the serial number.

[0051] After the router receives the N+1th transmission control protocol data packet, before forwarding the data packet to the second device, the router may check the legality of the data packet.

[0052] In the process of using the TCP serial number to attack, the ...

Embodiment 2

[0075] Embodiment 2 of the present invention provides a network attack identification device, the device can be integrated in the firewall of the router, and the structure of the device can be as follows Figure 7 shown, including:

[0076] The receiving module 11 is used to receive the N+1th transmission control protocol TCP data packet sent by the first device to the second device, where N is a positive integer; the determination module 12 is used to receive the N+1th transmission control protocol at the receiving module When the data packet is sent, determine the difference between the acknowledgment sequence number returned by the second device receiving the Nth transmission control protocol data packet sent by the first device and the sending sequence number of the Nth transmission control protocol data packet sent by the first device; legitimacy The detection module 13 is used to determine whether the N+1th transmission control protocol data packet is a legal data packet...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a network attack identification method and device. The network attack identification method comprises the following steps that: when network equipment receives a N+1st transmission control protocol packet which is sent by first equipment and is transmitted to second equipment, a transmission sequence number generated when the first equipment transmits a Nth transmission control protocol packet to the second equipment is confirmed and a confirmation sequence number returned by the second equipment when the second equipment receives the Nth transmission control protocol packet is confirmed, and then the N+1st transmission control protocol packet is defined to be legal or illegal according to the definition of a relationship between a set window length and a difference between the confirmation sequence number and the transmission sequence number.

Description

technical field [0001] The invention relates to the communication field, in particular to a network attack identification method and device. Background technique [0002] For a server that must be accessed by an authorized user, in the process of establishing a Transmission Control Protocol (TCP, Transmission Control Protocol) connection between client A and server B, the TCP modules of client A and server B use their own Initial sequence number (ISN, initial sequence number). The process of establishing a TCP connection between client A and server B can be as follows figure 1 Shown: [0003] First, client A sends a data packet carrying a handshake signal (SYN) flag to server B to request to establish a connection, and the data packet carries its own initial sequence number (ISNa); [0004] Then, after receiving the data packet carrying the SYN flag sent by the client A, the server B sends a response data packet carrying the SYN flag to the client A, the data packet carri...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 黄志忠钟岳林
Owner RUIJIE NETWORKS CO LTD