Attack Detection Method Based on Spanning Tree Protocol of Trusted Switches

A technology of spanning tree protocol and attack detection, applied in the field of information security, to reduce the burden of network traffic, reduce workload, and prevent root takeover attacks

Active Publication Date: 2016-03-02
BEIJING UNIV OF TECH
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Existing technical solutions cannot solve all problems, and there are still defects

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack Detection Method Based on Spanning Tree Protocol of Trusted Switches
  • Attack Detection Method Based on Spanning Tree Protocol of Trusted Switches
  • Attack Detection Method Based on Spanning Tree Protocol of Trusted Switches

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] Attached below figure 1 , 2 , 3 specifically explain the implementation method and steps of the present invention.

[0033] The invention is an attack detection method based on the trusted exchange spanning tree protocol, which is divided into two parts: internal monitoring and external protection. After the switch successfully intervenes in the network, it first starts the state machine, executes the internal monitoring module, and regulates the internal operations of the spanning tree protocol, such as figure 1 . When a BPDU is received, the flood detection of the external protection module of the spanning tree protocol is performed to detect the flood attack behavior from the outside, such as figure 2 . Finally, perform root takeover attack detection, send verification and decide whether to replace the root bridge, such as image 3 .

[0034] First, according to figure 1 The state diagram in the Spanning Tree Protocol monitors the entire running process of th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an attack detection method of a spanning tree protocol based on a credible switchboard. An interior monitoring module is utilized to conduct monitoring for an attack behavior which is generated by the switchboard, an exterior protection module is utilized to conduct detecting for an attack threat from the exterior of the switchboard, and therefore, full attach detection of the spanning tree protocol is achieved. The method includes that firstly, according to the condition that in different stages, the switchboard waits different bridge protocol data units (BPDU), a state image is drawn, according to a state transfer condition, whole operation behavior of the switchboard is monitored so as to detect an attach behavior generated by the equipment, then the BPDU from the exterior is classified, a timer and a counting method are adopted to detect flooding attack, finally, when received BID is less than the BPDU of a current root BID, an explorer packet is sent to conduct validity checking on a target switchboard, and if the BPDU is a root bridge, whether the root bridge needs changing is decided after self-assessment so as to detect whether a root connection pipe is attached.

Description

Technical field: [0001] The invention relates to an evaluation of an attack detection method based on a trusted exchange spanning tree protocol. It belongs to the field of information security. Background technique: [0002] With the rapid development and continuous expansion of network technology, it is facing severe security challenges. As a Layer 2 forwarding device, the switch is often attacked, such as illegally obtaining the control right of the switch, causing the network to be paralyzed. Spanning tree protocol is a main protocol running on switches, which can change the loop-free physical topology into a loop-free logical topology. The attack against the spanning tree protocol is one of the main threats faced by switches at present. [0003] There are many kinds of spanning tree protocol attacks. At present, more mature protection measures include the BPDU protection and root protection mechanism proposed by Cisco. It uses manual intervention to forcibly prevent p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/26
Inventor 赖英旭潘秋月杨震李健刘静李哲
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap