Method and apparatus for recognizing CC attacks based on log analysis

An attack identification and log technology, which is applied in special data processing applications, instruments, electrical digital data processing, etc., can solve the problem that CC attacks cannot be identified and protected immediately

Active Publication Date: 2014-09-24
BEIJING KNOWNSEC INFORMATION TECH
View PDF6 Cites 50 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In view of this camouflage, although the current existing technology is already protecting by matching the characteristics of the access behavior of the requested IP, such methods are often used for a long time after specifying the rules at one time, and do not update the rules during the period. , so the ever-changing CC attacks cannot be identified and protected immediately

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for recognizing CC attacks based on log analysis
  • Method and apparatus for recognizing CC attacks based on log analysis
  • Method and apparatus for recognizing CC attacks based on log analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] Reference will now be made in detail to specific embodiments of the present invention, examples of which are illustrated in the accompanying drawings. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Like reference numerals refer to like elements throughout.

[0041] It will be understood that, although the terms "first", "second", etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another.

[0042] The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the singular forms "a", "an" and "the" are...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method and an apparatus for recognizing CC (Challenge Collapsar) attacks based on log analysis. The method for recognizing CC attacks based on log analysis comprises the steps of obtaining IP (Internet Protocol) request information in logs, comprehensively analyzing the IP request information based on a list and an attack characteristic library and outputting an analysis result, and carrying out recognition based on the analysis result, namely recognizing IP requests as normal requests and releasing the IP requests if the analysis result is normal, and otherwise, recognizing the IP requests as the CC attacks, and adding source IPs in the IP request information to a blacklist, intercepting requests from the source IPs and automatically extracting characteristics from the IP request information and adding the characteristics to the attack characteristic library.

Description

technical field [0001] The present invention generally relates to computer network security, in particular to a log analysis-based CC attack identification method. Background technique [0002] In recent years, with the rapid development of the Internet, various network applications and network attacks are also increasing, which makes the network environment more complicated. Moreover, the variety of network architectures and applications that provide customers with an improved experience is increasing, which is convenient for cyber attackers as well as customers. Among them, the development of CDN (full name is Content Delivery Network, that is, content distribution network) is gradually accelerating. The basic idea of ​​CDN is to avoid as far as possible the bottlenecks and links on the Internet that may affect the speed and stability of data transmission, so as to make content transmission faster and more stable. By placing a layer of intelligent virtual network based o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F17/30
Inventor 姚昌林张永波
Owner BEIJING KNOWNSEC INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap