Attack positioning and assistant positioning device and method

A technology of positioning device and attacker, applied in the network field, can solve the problems of consumption, occupation of central processing unit processing resources, large network bandwidth, etc.

Active Publication Date: 2013-12-04
NEW H3C TECH CO LTD
View PDF4 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method is only a passive defense, and the attack packets are still distributed in the local area network, cons

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack positioning and assistant positioning device and method
  • Attack positioning and assistant positioning device and method
  • Attack positioning and assistant positioning device and method

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0027] In practical applications, the gateway device usually recognizes attack packets based on the packet traffic and locally stored entries. Take the ARP (Address Resolution Protocol) attack as an example. Within 5 seconds, if the number of ARP packets sent by the same source MAC (Media Access Control) address exceeds a certain threshold, it is considered to have occurred Attack, at this time, the system will add this MAC address to the attack detection table, before the attack detection table aging, filter out all the ARP packets sent by the source MAC address to avoid attacks. However, in this solution, the gateway device cannot know which host in the local area network is sending the attack message, and accordingly, the network administrator cannot take corresponding blocking measures.

[0028] In view of the problems of the above solution, the present invention provides an attack location and assisted location method. The technical solutions of the present invention will b...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an attack positioning and assistant positioning device and method. The method includes the steps: sending position detection messages carrying an MAC (media access control) address A-MAC of an attacker to interchangers in a local area network after an attack behavior in the local area network is confirmed; receiving position response messages transmitted by the interchangers in the local area network, using the position response message carrying the maximum hop count as a target position response message, and determining the position of the attacker according to an access port corresponding to the A-MAC and carried by the target position response message and according to the interchanger transmitting the target position response message. The position response messages carry access ports corresponding to the A-MAC and the hop count between each interchanger and a gateway device. By the aid of the technical scheme, the position of the attacker in the local area network can be positioned, so that the attacker is isolated, and network security is ensured.

Description

technical field [0001] The present invention relates to the field of network technology, in particular to an attack positioning and auxiliary positioning device and method. Background technique [0002] With the development of Internet technology, more and more enterprises or groups use LAN to communicate internally. LAN can realize file management, application software sharing, printer sharing and other functions, with fast transmission speed and easy management. But at the same time, network security issues are also troubling users. [0003] In the local area network, if a host is poisoned or encounters an attack, the gateway usually discards the attack packet. Specifically, the gateway identifies the attack packets according to the traffic of the packets and the table entries stored locally, and discards the attack packets after confirming the attack, or limits the rate of the attack packets. However, this method is only a passive defense, and the attack packets are sti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/24H04L29/06H04L29/12
Inventor 徐燕成王伟
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap