Method and apparatus for recognizing CC attacks based on log analysis

An attack identification and log technology, which is applied in special data processing applications, instruments, electrical digital data processing, etc., can solve the problem that CC attacks cannot be identified and protected immediately
CN104065644AActive Publication Date: 2014-09-24BEIJING KNOWNSEC INFORMATION TECH
6 Cites 50 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
BEIJING KNOWNSEC INFORMATION TECH
Publication Date
2014-09-24

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention relates to a method and an apparatus for recognizing CC (Challenge Collapsar) attacks based on log analysis. The method for recognizing CC attacks based on log analysis comprises the steps of obtaining IP (Internet Protocol) request information in logs, comprehensively analyzing the IP request information based on a list and an attack characteristic library and outputting an analysis result, and carrying out recognition based on the analysis result, namely recognizing IP requests as normal requests and releasing the IP requests if the analysis result is normal, and otherwise, recognizing the IP requests as the CC attacks, and adding source IPs in the IP request information to a blacklist, intercepting requests from the source IPs and automatically extracting characteristics from the IP request information and adding the characteristics to the attack characteristic library.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The present invention generally relates to computer network security, in particular to a log analysis-based CC attack identification method. Background technique

[0002] In recent years, with the rapid development of the Internet, various network applications and network attacks are also increasing, which makes the network environment more complicated. Moreover, the variety of network architectures and applications that provide customers with an improved experience is increasing, which is convenient for cyber attackers as well as customers. Among them, the development of CDN (full name is Content Delivery Network, that is, content distribution network) is gradually accelerating. The basic idea of ​​CDN is to avoid as far as possible the bottlenecks and links on the Internet that may affect the speed and stability of data transmission, so as to make content transmission faster and more stable. By placing a layer of intelligent virtual network based o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More