Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Attack positioning and assistant positioning device and method

A technology of positioning device and attacker, applied in the network field, can solve the problems of consumption, occupation of central processing unit processing resources, large network bandwidth, etc.

Active Publication Date: 2013-12-04
NEW H3C TECH CO LTD
View PDF4 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method is only a passive defense, and the attack packets are still distributed in the local area network, consuming a large amount of network bandwidth and occupying a large amount of central processing unit (CPU) processing resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack positioning and assistant positioning device and method
  • Attack positioning and assistant positioning device and method
  • Attack positioning and assistant positioning device and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In practical applications, the gateway device usually identifies attack packets based on packet traffic and locally stored entries. Taking ARP (Address Resolution Protocol, Address Resolution Protocol) attack as an example, within 5 seconds, if the number of ARP packets received from the same source MAC (Media Access Control, Media Access Control) address exceeds a certain threshold, it is considered to have occurred At this time, the system will add this MAC address to the attack detection table entry, and filter out all ARP packets sent by the source MAC address before the attack detection table entry ages, so as to avoid being attacked. However, in this solution, the gateway device cannot know which host in the LAN is sending the attack message, and accordingly, the network administrator cannot take corresponding blocking measures.

[0028] In view of the problems existing in the above solutions, the present invention provides an attack positioning and auxiliary posi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an attack positioning and assistant positioning device and method. The method includes the steps: sending position detection messages carrying an MAC (media access control) address A-MAC of an attacker to interchangers in a local area network after an attack behavior in the local area network is confirmed; receiving position response messages transmitted by the interchangers in the local area network, using the position response message carrying the maximum hop count as a target position response message, and determining the position of the attacker according to an access port corresponding to the A-MAC and carried by the target position response message and according to the interchanger transmitting the target position response message. The position response messages carry access ports corresponding to the A-MAC and the hop count between each interchanger and a gateway device. By the aid of the technical scheme, the position of the attacker in the local area network can be positioned, so that the attacker is isolated, and network security is ensured.

Description

technical field [0001] The present invention relates to the field of network technology, in particular to an attack positioning and auxiliary positioning device and method. Background technique [0002] With the development of Internet technology, more and more enterprises or groups use LAN to communicate internally. LAN can realize file management, application software sharing, printer sharing and other functions, with fast transmission speed and easy management. But at the same time, network security issues are also troubling users. [0003] In the local area network, if a host is poisoned or encounters an attack, the gateway usually discards the attack packet. Specifically, the gateway identifies the attack packets according to the traffic of the packets and the table entries stored locally, and discards the attack packets after confirming the attack, or limits the rate of the attack packets. However, this method is only a passive defense, and the attack packets are sti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/24H04L29/06H04L29/12
Inventor 徐燕成王伟
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products