Unlock instant, AI-driven research and patent intelligence for your innovation.

Distributed denial of service DDOS attack resisting method and device for firewall

A distributed denial and DDOS technology, applied in the field of network communication security, can solve the problems of reducing firewall performance, reducing firewall data packet rate, increasing firewall detection burden, etc., to achieve the effect of guaranteed rate

Inactive Publication Date: 2014-10-29
OPZOON TECH
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, if the firewall has been turned on the anti-DDOS attack service, it is necessary to perform attack detection on all data packets passing through the firewall. This increases the detection burden of the firewall, which leads to a decrease in the rate of forwarding data packets by the firewall and reduces the performance of the firewall.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Distributed denial of service DDOS attack resisting method and device for firewall
  • Distributed denial of service DDOS attack resisting method and device for firewall
  • Distributed denial of service DDOS attack resisting method and device for firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in combination with specific embodiments and with reference to the accompanying drawings. It should be understood that these descriptions are exemplary only, and are not intended to limit the scope of the present invention. Also, in the following description, descriptions of well-known structures and techniques are omitted to avoid unnecessarily obscuring the concept of the present invention.

[0029] At present, the anti-DDOS attack service provided in the firewall is generally to enable the anti-DDOS attack service all the time, so as to effectively prevent the DDOS attack behavior. However, if the firewall has been enabled anti-DDOS attack service, it is necessary to perform attack detection on all received data packets, thus increasing the detection burden of network equipment, resulting in a decrease in the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDOS attack resisting method and device for a firewall and is aimed to overcome the problem of the prior art that all the transmitted data packets should be performed with DDOS detection because the DDOS attack resisting service needs to locate at an on state all the time. The DDOS attack resisting method includes that detecting the current usage rate of the firewall CPU; judging whether the current usage rate is larger than a preset safe critical value of the CPU usage rate; when the current usage rate is larger than the safe critical value, starting the DDOS attack resisting service; when the current usage rate is smaller than or equal to the safe critical value, closing the DDOS attack resisting service. By means of the DDOS attack resisting method, the DDOS attack resisting service is not started until there is DDOS attack threat, and the data transmitting speed rate is effectively guaranteed based on preventing the DDOS attack.

Description

technical field [0001] The invention belongs to the technical field of network communication security, and in particular relates to a method and a device for a firewall to resist distributed denial of service (Distributed Denial Of Service, DDOS) attacks. Background technique [0002] Denial of Service (Denial Of Service, DOS) attack is one of the most threatening attacks in the current network. DOS attacks mainly use malicious means to make the CPU of the target server fully loaded, exhausting the resources of the server, so that users cannot achieve normal access to the server. Distributed Denial of Service (Distributed Denial Of Service, DDOS) attack refers to the use of client / server technology to combine multiple computers as an attack platform to launch attacks on one or more targets, thereby multiplying the power of DOS attacks. [0003] At present, most firewall devices provide anti-DDOS attack services. In order to prevent DDOS attacks, firewall devices generally e...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 张辉
Owner OPZOON TECH