Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DDos (distributed denial of service) attack defensive system based on network trap

An attack defense system and network trap technology, applied in the field of distributed denial of service attack (DDoS) defense system, can solve the problem that normal users cannot access network resources, etc., and achieve the effect of fast reflection and timely response to attacks

Inactive Publication Date: 2012-11-21
CHANGZHOU UNIV
View PDF2 Cites 63 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, traditional network traps simply discard data packets for DDoS attacks, resulting in the result that normal users cannot access network resources.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDos (distributed denial of service) attack defensive system based on network trap
  • DDos (distributed denial of service) attack defensive system based on network trap
  • DDos (distributed denial of service) attack defensive system based on network trap

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] figure 1 The shown system structure diagram of the present invention is physically composed of a honeypot console, multiple honeypot systems, an alarm agent and a data distribution server. These honeypot systems deployed in the network can form a security defense system. Each honeypot system is a deceiving host, and its external characteristics can attract attackers to invade. The honeypot system can establish multiple operating system camouflage environments, and its operating system is the same as the host operating system. Attackers can enter the honeypot system in two ways. One is that the attacker finds sensitive information or system vulnerabilities on the honeypot system and enters through attack tools; The address diversion function of the SIPF diverts suspicious data into the honeypot system.

[0040] In the actual networking, the honeypot system and the honeypot console are deployed in different places and separated by a firewall. The connection between them...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDos (distributed denial of service) attack defensive system based on a network trap. The system comprises a honey pot console, a plurality of honey pot systems, an alarm agent and a data shunt, wherein the honey pot system is a cheat host with the same operating system and host operating system; the external characteristics of the cheat host can be used for attracting intrusion of a attacker; and the attack data can be introduced to the data shunt by the honey pot console for protecting the network. With the aadoption of the system, known DDos attack can be defended and the attacker is attracted to enter the trap system, thereby the harm to other systems in the network by the attacker is reduced, and shunting process is simultaneously carried out on the data flow in the network to separate normal flow from DDos attack flow and filter DDos attack flow, so that the normal flow visits a target host according to a source route.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a network trap-based distributed denial of service attack (DDoS) defense system, which is used to quickly respond to the attack when a DDoS attack occurs in an autonomous area network or a local area network. Respond, induce attacks into network traps, and effectively separate legitimate and attack data streams. Background technique [0002] With the rapid development of the Internet, network security has become a concern, and people are paying more and more attention to the detection and prevention of network attacks. Among many network attacks, distributed denial of service (DDoS) is a simple and effective attack method that is difficult to defend against. DDoS attack is a distributed and cooperative large-scale denial of service attack, which has the characteristics of wide attack range and strong concealment. At present, there is no fully effective prev...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/56H04L12/26
Inventor 倪彤光顾晓清汪巍丁辉
Owner CHANGZHOU UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com