Network attack filtering method and device

A network attack and filtering device technology, applied in the field of network security, can solve problems such as untimely detection, increased difficulty in maintenance, and impact of speed limit on normal access users, and achieve remarkable results.

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
A network attack and filtering device technology, applied in the field of network security, can solve problems such as untimely detection, increased difficulty in maintenance, and impact of speed limit on normal access users, and achieve remarkable results.

CN102739683AActive Publication Date: 2012-10-17HANGZHOU DPTECH TECH

4 Cites 25 Cited by

Image

Smart Image Click on the blue labels to locate them in the text.

Viewing Examples

Smart Image

Examples

Experimental program

Comparison scheme

Effect test

Embodiment Construction

[0019] The present invention provides an accurate network attack filtering method and device for the DNS server, and its design principle is no longer rough protection from the number of packets and rate as in the prior art, but from the user's normal access to the DNS server. Beginning with behavioral characteristics, identify normal user access and malicious attacks. Please refer to figure 1 , Taking computer program implementation as an example (the present invention does not exclude other implementations), a network attack filtering device of the present invention is applied to a security device to provide a network attack filtering service for a DNS server, and the device includes: a message distinguishing unit and Behavior Analysis Unit. The security device can adopt a popular hardware architecture, which mainly includes CPU, memory, storage, and various business hardware (not required) including business cards. In a basic implementation, please refer to figure 2 as ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

PUM

Login to View More

Abstract

The invention provides a network attack filtering method which is applied to a safety device and used for providing a service for filtering network attacks to a domain name server (DNS). The method comprises the following steps: A. judging whether the first sending is conducted when a DNS request message of a user is received, if no, transferring to a step B to process; or, abandoning the message and storing the DNS conversation information and an user behavioral parameter in a DNS conversation table; B. obtaining a user behavioral parameter corresponding to the conversation information brought by a current DNS request message from the DNS conversation table, judging whether the difference between the user behavioral parameter brought by the current message and the user behavioral parameter recorded in the DNS conversation table is in accordance with the standard of normal user behavior; if so, judging the message to be legal; and otherwise, abandoning the message. According to the behavioral characteristics of a user protocol stack, the attack to the DNS server is effectively filtered.

Description

technical field [0001] The invention relates to a network security technology, in particular to a network attack filtering method and device applied to a security device to protect a DNS server. Background technique [0002] People's work and life are benefiting from the continuous advancement of network technology. However, with the rapid expansion of the network scale, network security issues have become increasingly serious. Various attacks on the network emerge in an endless stream, and DoS (Denial of Service) attack is one of the most typical network attacks. Since DDoS (distributed denial of service) attacks first appeared in 2000, DDoS attacks have occurred every day, and they have become more and more serious. Many individual users and various corporate networks are subject to DDoS attacks. DDos attacks can cause network congestion, servers or other hosts to stop processing user requests, corporate websites go down, corporate networks don't work, and more. These p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

Application Information

Patent Timeline

17 Oct 2012

Publication

CN102739683A

IPC: H04L29/06; H04L29/12

Inventors: 李鑫