Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for preventing HttpFlood attack and firewall

A technology of firewall and IP address, which is applied in the field of firewall and defense against HttpFlood attacks. It can solve the problems of firewall misidentification, increase the pressure of database server, and misinterception, etc., and achieve the effect of high judgment accuracy

Active Publication Date: 2014-07-09
OPZOON TECH
View PDF4 Cites 32 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

HttpFlood can imitate normal users' web page request behavior, and is closely related to the website business. It not only directly leads to the slow response of the attacked WEB front-end, but also indirectly attacks the business layer logic such as JAVA at the back-end and the database service at the back-end, resulting in an increase in the size of the database server. The pressure even affects the log storage server
[0003] The methods currently used to defend against HttpFlood mainly include: threshold statistics on the number of global packets and threshold statistics on the number of source IP packets, but both methods have certain limitations
According to the threshold statistics method for the number of source IP packets, when the attacker deliberately forges a certain source IP address to attack, it will cause the firewall to misidentify, thus blocking the normal access of users with this source IP address
However, the threshold statistics for the global number of packets will lead to a large number of false interceptions.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for preventing HttpFlood attack and firewall
  • Method for preventing HttpFlood attack and firewall
  • Method for preventing HttpFlood attack and firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in combination with specific embodiments and with reference to the accompanying drawings. It should be understood that these descriptions are exemplary only, and are not intended to limit the scope of the present invention. Also, in the following description, descriptions of well-known structures and techniques are omitted to avoid unnecessarily obscuring the concept of the present invention.

[0027]First, the working principle of the method for defending against HttpFlood attacks of the present invention is described. Most of the existing HttpFlood attackers do not maintain and process the reply messages for JavaScript parsing, because normal JavaScript parsing will occupy the system resources of the attacker, thus reducing the attack effect. But normal users' browsers can parse JavaScript. Based on this, th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for preventing an HttpFlood attack. The method includes the steps that a firewall generates and maintains a challenge list; the firewall establishes TCP connection with a user and judges whether a source IP address of a get message received from the user exist in the challenge list; if the source IP address of the get message received by the firewall does not exist in the challenge list, the firewall intercepts the get message and establishes a JavaScript redirection page according to the get message and adds the source IP address of the get message, the address of a get request page and the generated address of the generated JavaScript redirection page into the challenge list; when the firewall detects that an entry in the challenge list does not have a redirection access in a preset duration, the firewall adds the source IP address of the entry into a blacklist so as to prevent the subsequent traffic of the source IP address. The invention further provides the firewall for preventing the HttpFlood attack. Through the method, the firewall will not make a misjudgment, so the judgment accuracy rate is high.

Description

technical field [0001] The invention relates to the technical field of security defense, in particular to a method for defending against HttpFlood attacks and a firewall, in particular to a method for defending against HttpFlood attacks and a firewall. Background technique [0002] HttpFlood is an attack launched against the seventh layer (application layer) protocol of WEB services. It is extremely harmful, mainly manifested in the convenience of launching, the difficulty of filtering, and the far-reaching impact. HttpFlood attackers search for anonymous HTTP proxies or SOCKS proxies on the Internet through port scanners, and attackers initiate HTTP requests to attack targets through anonymous proxies. HttpFlood can imitate normal users' web page request behavior, and is closely related to the website business. It not only directly leads to the slow response of the attacked WEB front-end, but also indirectly attacks the business layer logic such as JAVA at the back-end and ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 魏经纬
Owner OPZOON TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products