An attack message identification method, device and core equipment

A technology of attack message and identification method, which is applied in the field of attack message identification method, device and core equipment, can solve the problems of slow identity authentication and low efficiency of authentication request processing, so as to improve processing efficiency and avoid slow identity authentication or authentication The effect of failure

Active Publication Date: 2018-05-22
RUIJIE NETWORKS CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The embodiment of the present invention provides an attack message identification method, device and core equipment, which are used to solve the problem in the prior art that when performing identity authentication, due to receiving a large number of attack messages at the entrance of the authentication request message, the identity authentication The problem of low efficiency of authentication request processing caused by slow or authentication failure

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An attack message identification method, device and core equipment
  • An attack message identification method, device and core equipment
  • An attack message identification method, device and core equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0075] figure 2 The flow chart of the attack message identification method provided in Embodiment 1 of the present invention specifically includes the following processing steps:

[0076] Step 201, the line card of the core device receives the authentication request message.

[0077] As the gateway of all network users, the core device uploads the authentication of the entire network for centralized management, and the line card of the core device receives the authentication request message.

[0078] Step 202, the line card obtains the attribute information of the authentication request message.

[0079] In this step, the attribute information of the authentication request message includes the source network protocol (IP, Internet Protocol) address, media access control (MAC, Media Access Control) address, authentication port PORT, virtual local area network (VLAN) carried in the authentication request message. Identification (VID, Virtual Local Area Network ID).

[0080] ...

Embodiment 2

[0112] image 3 The flow chart of the attack message identification method provided by Embodiment 2 of the present invention specifically includes the following processing steps:

[0113] Step 301, the line card of the core device receives the request message.

[0114] Step 302, the line card classifies the received request message.

[0115] Specifically, for each request message received at the entrance of the core device, determine whether the destination IP address in the request message is the same as the address of the authentication server, if not, determine that the request message is a message that requires a fake connection ; If they are the same, further determine whether the request message carries authentication information, that is, whether it is an authentication request message, if yes, determine that the request message is a message that requires authentication to go online, if not, determine that the request message is a redirect class message. The line car...

Embodiment 3

[0145] Based on the same inventive concept, according to the attack packet identification method provided in the above-mentioned embodiments of the present invention, correspondingly, Embodiment 3 of the present invention also provides an attack packet identification device, the structural diagram of which is as follows Figure 4 shown, including:

[0146] The first determining unit 401 is configured to determine the session duration of the authentication request message for the unauthenticated authentication request message;

[0147] The first comparison unit 402 is configured to compare the session duration of the authentication request message with a preset session aging duration;

[0148] The second determining unit 403 is configured to determine that the authentication request message is an attack message when the session duration of the authentication request message is greater than the preset session aging time.

[0149] Further, the first determining unit 401 is speci...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a recognition method and device for an attack message and a core device. The method comprises the steps of determining the length of conversation of authentication request message without being authenticated; comparing the length of the conservation of the authentication request message with the preset ageing length of the conservation; determining that the authentication request message is the attack message when the length of the conservation of the authentication request message exceeds the preset ageing length of the conservation. According to the scheme, the method has the advantage that the authentication request handling efficiency can be increased.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to an attack message identification method, device and core equipment. Background technique [0002] With the continuous escalation of international and domestic network security incidents, people are paying more and more attention to the security and credibility of the network. Especially in colleges and universities, due to the dense and active user groups, there are often deliberate attacks and damages, making the campus network a "hardest hit area" for security issues, and the management is also very complicated and difficult. [0003] In order to ensure the security of the network, when the user accesses the network, it is necessary to perform access authentication on the user, and the legitimacy of the user is determined through the authentication. Currently, web authentication is widely used in campus networks due to its easy deployment and ease of use. [000...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0236H04L63/0876H04L63/12H04L63/1441
Inventor 刘丽敏
Owner RUIJIE NETWORKS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap