Malicious website protection method based on OpenFlow protocol

An openflow protocol, malicious website technology, applied in transmission systems, electrical components, etc., can solve the problem of protection and protection schemes, not taking into account the active access to malicious websites, etc., to achieve the effect of preventing deception

Inactive Publication Date: 2015-12-02
NANJING UNIV OF SCI & TECH
View PDF2 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the above-mentioned security protection schemes are all active protection security schemes, which do not take into account the situation when users actively visit malicious websites without knowing it, nor do they protect the access process of general network users at the SDN application level. Protection scheme

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious website protection method based on OpenFlow protocol
  • Malicious website protection method based on OpenFlow protocol
  • Malicious website protection method based on OpenFlow protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0044] to combine figure 1 , the user accesses the www.1cbc.com.cn malicious website, in the malicious website protection method based on the OpenFlow protocol, the steps are as follows:

[0045] The first step is to monitor the OpenFlow packets in the network. Use the interface of the controller to obtain SDN network information, and monitor all OpenFlow messages reported to the controller node in the network. Process the received message, extract the port number in the message transport layer, analyze the message with port number 53, extract the domain name information of the application layer, and finally obtain the core domain name of "1cbc"; 53 packets are forwarded normally.

[0046] The second step is to match the domain name information with the black and white lists in the controller node, such as Figure 4 As shown, according to the matching result, it is judged whether the domain name is trustworthy. The specific steps are divided into three steps:

[0047] (1...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

This invention discloses a malicious website protection method based on an OpenFlow protocol. The method comprises the following steps: based on the structure and the characteristic of SDN (Self-Defending Network), domain name resolution messages sent by an end system are transmitted to a controller through the OpenFlow protocol; performing security check to the messages in a controller module and making a processing decision. The method provided by the invention can be mainly applied to the environments such as SDN structured enterprise network and campus network. Domain names in the domain name resolution messages are firstly extracted from the controller end; then the domain names are compared with a blacklist and a whitelist in the controller by applying the domain name fuzzy matching algorithm; and a specific processing operation is performed to a domain name resolution request by using the comparing result. By adopting the method of the invention, the visit of a terminal to the malicious website can be examined and separated effectively, and simultaneously, a phishing website with similar domain name also can be detected; furthermore, the security policy of the controller can be conveniently changed in the SDN-based network structure.

Description

technical field [0001] The invention belongs to malicious website protection technology, in particular to a malicious website protection method based on OpenFlow protocol. Background technique [0002] Phishing attack is a typical attack in network attacks. This attack method allows users to visit malicious websites and disclose their private information by implanting malicious codes or deceptive links in web pages or emails. The attack method is characterized by strong concealment and deception, It is tempting and is a network attack method with a relatively high success rate. Traditional protection methods for such malicious websites are limited by the network architecture, and the protection effect is not satisfactory. [0003] At present, the security protection scheme under the SDN architecture is still in the initial research stage. Most of the research work is devoted to strengthening the security of the controller in the SDN architecture. On the basis, modules suc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0236H04L63/1408H04L63/1483
Inventor 陆一飞谭晓楠
Owner NANJING UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap