Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for preventing semi-join attack

A technology of semi-connection and number of connections, which is applied in the field of network communication and can solve problems such as occupation, memory exhaustion of network equipment, and system crash of network equipment

Inactive Publication Date: 2015-12-02
OPZOON TECH
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For semi-connection attacks on the network (for example, user datagram protocol udp or transmission control protocol tcp, etc., the situation that only a request message is sent without a response message is called a semi-connection attack), this connection is valid on the network device. If the number of resources is limited, a large number of semi-connections will occupy the upper limit of the global semi-connection, resulting in the exhaustion of the memory of the network device, which will cause the system of the network device to crash

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for preventing semi-join attack
  • Method and system for preventing semi-join attack
  • Method and system for preventing semi-join attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. The following examples are used to illustrate the present invention, but are not intended to limit the scope of the present invention.

[0032] figure 1 It is a flowchart of a method for preventing semi-join attacks according to an embodiment of the present invention; refer to figure 1 , the method includes:

[0033] S101: Obtain the maximum number of connections M supported by the network device (the network device may be a firewall, a router, a switch, etc.), where the M is a positive integer greater than 0;

[0034] S102: Divide the intranet nodes of the network device, and respectively set maximum connection upper limit values ​​for the division results.

[0035] The present invention can adopt two kinds of division methods, one is to divide the intranet ip address, and the other is to divide the int...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and system for preventing semi-joint attack, relating to the technical field of network communication. The method comprises the following steps of: obtaining the maximum connection number M supported by network equipment, wherein M is a positive integer which is more than 0; and dividing internal network nodes of the network equipment, and respectively arranging a first maximum connection upper limit values for dividing results. With the adoption of the method provided by the invention, the internal network nodes of the network equipment are divided, and the first maximum connection upper limit values are respectively set for the dividing results, so that resources of an internal memory of the network equipment can be prevented from being consumed when one internal network node is subjected to the semi-joint attack.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to a method and system for preventing semi-connection attacks. Background technique [0002] Currently, most network devices quickly process packets in a connection manner. For example, the firewall divides the message into different connections (also called different flows) through the five-tuple of ip (internet protocol, internet protocol), and matches all the messages of the same five-tuple to the same connection , do the same process. For semi-connection attacks on the network (for example, user datagram protocol udp or transmission control protocol tcp, etc., the situation where only request packets are sent without response packets is called a semi-connection attack), this connection is valid on the network device. If the number of resources is limited, a large number of semi-connections will occupy the upper limit of the global semi-connection, resulting in th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 陈海滨
Owner OPZOON TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com