Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A sip DDoS attack distributed defense system and its load balancing method

A load balancing algorithm and defense system technology, which is applied in the field of VoIP network security and IP communication, can solve the problems of increasing the processing burden of SIP proxy server, the defense system cannot be used for defense, server crashes, etc., and achieve good load balancing characteristics, high message Effect of processing power, high attack detection rate

Active Publication Date: 2016-12-14
中国科学院沈阳计算技术研究所有限公司
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

A system that achieves defense by limiting the message request rate cannot distinguish between normal messages and attack messages, and can only weaken the attack intensity; the defense efficiency of the state firewall system on the SIP network depends on the set security rules, and can only defend against known attacks; flow-based Since the distributed defense system does not consider the characteristics of SIP messages, most of the detection algorithms cannot be used and high false positives and false negatives will be generated; the self-defense system of the SIP proxy server is embedded in the SIP proxy server, which increases the processing burden, which can cause the server to crash in the face of a large number of attack messages
[0005] None of the existing SIP DDoS defense models can achieve active and proactive detection of unknown attacks while effectively defending
At the same time, some main SIP DDoS attack detection algorithms, such as the cumulative sum algorithm and the detection method based on the SIP transaction state machine, etc., have high detection accuracy, but due to the large consumption of resources and slow detection speed, etc. Cannot be used for defense in the defense system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A sip DDoS attack distributed defense system and its load balancing method
  • A sip DDoS attack distributed defense system and its load balancing method
  • A sip DDoS attack distributed defense system and its load balancing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0063] The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0064] The SIP DDoS attack distributed defense system of the present invention comprises a load balancer (Load Balacer, LB), is connected with a plurality of defense detection nodes, carries out preliminary processing to network flow and uses load balancing algorithm to distribute to each defense detection node; Defense detection node ( Defending and Detecting Node, DDN), process the SIP messages assigned to it, filter out attack messages, and send normal messages to the server.

[0065] The system of the present invention is an intrusion prevention system for defending against SIP DDoS attacks. This embodiment runs on the front end of the SIP server cluster, processes SIP messages sent to the server, defends against SIP DDoS attacks, and protects the SIP server from the harm of the attack. Such as figure 1 The load balancer in the system sh...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the fields of VoIP network security and IP communication, in particular to a SIP DDoS attack distributed defense system and a load balancing method thereof. The invention includes a defense detection node connected with a load balancer for notifying load information to the load balancer in real time and sharing a rule base; a load balancer connected with multiple defense detection nodes for distributing SIP messages to each defense The detection node updates the defense node load table according to the load information sent by the defense detection node. The invention adopts a distributed structure with high message processing capability and good scalability; based on the detection algorithm load balancing method, it has a high attack detection rate and a low false alarm rate; using a load distribution algorithm, each node It has good load balancing characteristics.

Description

technical field [0001] The invention relates to the fields of VoIP network security and IP communication, in particular to a SIP DDoS attack distributed defense system and a load balancing method thereof. Background technique [0002] With the diversification of people's communication needs, the scope of IP communication has been greatly expanded, and it has begun to evolve from a simple VoIP system (Voice Over IP) to a unified communication (EoIP, Everything Over IP). SIP (sessioninitiation protocol, a signaling control protocol of the application layer) is used to establish, modify and terminate two-party or multi-party multimedia sessions on the IP network. It has become the core protocol of VoIP, IMS, and IPTV because of its simple structure and convenient use. SIP is also used in the NGN architecture defined by ETSI and ITU-T. At the beginning of the design, the SIP protocol fully considered the ease of use and flexibility of the protocol, and did not focus on security...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 吕昕林浒李鸿彬孙建伟杨蕾张彦功
Owner 中国科学院沈阳计算技术研究所有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products