Exception transmission control protocol (TCP) message processing method and device

A message processing and message technology, applied in the Internet field, can solve problems such as system crash, occupying bandwidth and system resources, improper processing of abnormal packets, etc., and achieve the effect of safe and effective work

Active Publication Date: 2013-03-27
BEIJING BAIDU NETCOM SCI & TECH CO LTD
View PDF8 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, the above-mentioned defense method has the following disadvantages: the TCP abnormal packet with a specific flag is not detected, which may cause the system to crash due to inappropriate handling of the abnormal packet by the target operating system
Different operating systems have different processing methods for unconventional TCP flag bits. If an attacker sends a large number of special TCP packets with too long length to a certain operating system, the bandwidth and system resources will be occupied, resulting in a denial of service attack. Protocol stack memory overflow system crash

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Exception transmission control protocol (TCP) message processing method and device
  • Exception transmission control protocol (TCP) message processing method and device
  • Exception transmission control protocol (TCP) message processing method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary and are intended to explain the present invention and should not be construed as limiting the present invention.

[0030] In the present invention, unless otherwise clearly specified and limited, terms such as "installation", "connection", "connection" and "fixation" should be understood in a broad sense, for example, it can be a fixed connection or a detachable connection , or integrally connected; it may be mechanically connected or electrically connected; it may be directly connected or indirectly connected through an intermediary, and it may be the internal communication of two components. Those of ordinary skill in the art can understand...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an exception transmission control protocol (TCP) message processing method and a device. The method includes the following steps of detecting whether a flag bit of a TCP message is matched or not; if the flag bit is matched, acquiring a packet length of the flag bit and comparing the packet length with a preset length threshold; determining whether the TCP message is abnormal or not according to a compared result of the length and a preset data discarding condition; and if the TCP message is abnormal, discarding the TCP message, and otherwise, forwarding the TCP message. By means of the exception TCP message processing method and the device, the TCP message with an abnormal length can be detected and filtered, and the work efficiency and safety of a server are improved.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method and device for processing abnormal TCP messages. Background technique [0002] Nowadays, there are more and more attacks on the hardware and software of the network system and the data in the system by using the loopholes and security defects in the network. Users need to take necessary precautions against these malicious attacks. However, existing defense schemes mainly prevent SYN Flood attacks, abnormal flag bit combination attacks, empty flag bit attacks, and the like. [0003] Among them, SYN Flood attack is one of the most popular methods of DoS (Denial of Service, denial of service attack) and DdoS (Distributed Denial of Service, distributed denial of service attack). SYN Flood is an attack method that uses TCP protocol flaws to send a large number of forged TCP (Transmission Control Protocol, Transmission Control Protocol) connection requests, thereby exhau...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26
Inventor 胡林吴教仁刘涛刘晓光刘宁
Owner BEIJING BAIDU NETCOM SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap