Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Attack detection method and device based on IP and HOST

A technology of IP-HOST and IP address, which is applied in the field of network security and can solve problems affecting the normal use of network services, interception, and overloading of target servers

Inactive Publication Date: 2015-03-25
BEIJING QIHOO TECH CO LTD +1
View PDF3 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The attacker's machine sends a large number of requests to the target machine to consume the system resources and bandwidth resources of the target machine, causing the target server to be overloaded and the network to be congested, thus affecting the normal use of network services
[0003] At present, most Internet server defense methods are based on IP (Internet Protocol, Internet Interconnection Protocol) address to intercept. Carry out targeted interception
[0004] For example, when a user attacks some specific network servers due to reasons such as Trojan horse infection, and the user himself, the network access to the rest of the The access to the network server is also easily mistaken for a network attack and intercepted by the network security server
[0005] Or, in the prior art, multiple users in the local area network often share the same gateway and egress IP. When some users in the local area network attack specific network servers, other users in the local area network attack the rest of the Internet servers. Normal access will also be blocked

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack detection method and device based on IP and HOST
  • Attack detection method and device based on IP and HOST
  • Attack detection method and device based on IP and HOST

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure, and to fully convey the scope of the present disclosure to those skilled in the art.

[0032] The technical idea of ​​the present application is mainly to obtain the IP and HOST by analyzing the obtained network access data packets, count the first number of network access data packets for the designated HOST for the designated IP within a predetermined period of time, and the first number is the resolution Obtain the number of network access data packets of the IP and the HOST; if the first number reaches a predeter...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an attack detection method and device based on an IP and a HOST, and an attack intercepting method and device based on the IP and the HOST. The attack detection method based on the IP and the HOST comprises the following steps that a network access data packet is obtained, the IP and the HOST are analyzed out of the network access data packet, wherein the IP is a source IP address of the network access data packet, and the HOST is a target website domain name of the network access data packet; statistics is carried out on the first number of the network access data packet of the specified IP on the specified HOST within a preset time period; if the first number reaches a preset threshold value, the network access including the IP and the HOST is determined as a network attack. Therefore, according to the technical scheme, network access data packets sent when a single host of the specified IP or part of hosts of a local area network carry out network access on remaining internet servers corresponding to the HOST cannot be wrongly intercepted.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an attack detection method and device based on IP and HOST, and an attack interception method and device based on IP and HOST. Background technique [0002] With the development of the Internet, there are more and more attacks on the Internet, which bring many adverse effects to Internet servers. Among them, DOS (Denial Of Service, denial of service) and information bomb are two relatively common attack methods. The attacker's machine sends a large number of requests to the target machine to consume the system resources and bandwidth resources of the target machine, causing the target server to be overloaded and the network to be congested, thereby affecting the normal use of network services. [0003] At present, most Internet server defense methods are based on IP (Internet Protocol, Internet Interconnection Protocol) address to intercept. Carry out targeted intercep...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1416H04L63/1425H04L63/1466
Inventor 陈建陈振昌
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com