Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for verifying TCP (transmission control protocol) connection security

A technology of security and connection request, applied in the direction of digital transmission system, electrical components, transmission system, etc., to achieve the effect of protection and security

Active Publication Date: 2014-01-22
无锡安腾软件开发有限公司
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Existing security systems such as firewalls cannot provide a solution to this requirement

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for verifying TCP (transmission control protocol) connection security
  • Method for verifying TCP (transmission control protocol) connection security
  • Method for verifying TCP (transmission control protocol) connection security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1)

[0025] This embodiment is mainly aimed at applications using the TCP protocol. For the TCP protocol, a handshake connection must be performed before data transmission. If in the process of handshake, the inspection of connection information is added, the connection is allowed only when the connection packet contains specific information, and other ordinary connection request packets are hung up, or the packet is discarded, so that the connection cannot be completed. Subsequent attacks and theft cannot be completed. Through this approach, the security of the server can be effectively protected in the first place.

[0026] See Figure 1 to Figure 4 , according to the TCP protocol, the TCP header can have an option area, and its maximum possible space is 40 bytes. In the first step of the handshake between the client and the server, the options that it may use are: MSS maximum message Segment length, Kind=2, 4 bytes. Window Scale window expansion factor, Kind=3, 3 bytes. SACK...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for verifying TCP connection security. The method comprises the steps as follows: the NDIS (Network Driver Interface Specification) is used for modifying SYN (synchronize) packet data when a client side initiates connection; additional verification information is added in an option area or a data area, and only under the conditions that a server detects the verification information and the verification information is correct, subsequent connection actions are allowed to be conducted so as to finish access; if the server does not detect the verification information or the verification information is not correct, the connection is hung up, or a packet is abandoned, so that the connection can not be finished, and subsequent attacks, stealing and the like can not be finished; and by the aid of the method, the security of the server can be protected effectively in first time.

Description

technical field [0001] The invention relates to a method for verifying the security of a TCP connection. Background technique [0002] In the existing network system (local area network, Internet), the interaction data is mainly connected through the TCP / IP protocol. When the TCP / IP protocol was established in the 1970s, it was mainly used for military purposes and used in closed networks. I didn't expect such a huge application, and of course I didn't consider the security risk at all. [0003] Existing security systems such as firewalls can effectively prevent external attacks. But for computers in the internal trust zone, more precise control cannot be made. For example, if a user wants to protect an important database system, access to the database is only allowed after anti-virus software and third-party audit software are installed in the client computer. Existing security systems such as firewalls cannot provide a solution to this requirement. Contents of the in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26
CPCH04L69/16H04L63/1441H04L63/164
Inventor 邱文乔
Owner 无锡安腾软件开发有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products