Processing method, apparatus, and system for TCP connection

A processing method and technology for responding to packets, applied in the Internet field, can solve problems such as low protection performance and connection response delay, and achieve the effect of improving protection performance

Active Publication Date: 2016-04-20
CHINANETCENT TECH
View PDF5 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] The embodiment of the present invention provides a TCP connection processing method, device and system to at least solve the technical problems of low protection performance and delayed connection response due to the need to re-establish the connection after verifying the TCP connection sent by the client

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Processing method, apparatus, and system for TCP connection
  • Processing method, apparatus, and system for TCP connection
  • Processing method, apparatus, and system for TCP connection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0036] Before describing further details of the various embodiments of the present application, reference will be made to figure 1 to describe one suitable computing architecture that can be used to implement the principles of the present application. In the following description, unless indicated otherwise, various embodiments of the present application are described with reference to acts and symbolic representations of operations that are performed by one or more computers. It will thus be appreciated that such acts and operations, which are sometimes referred to as computer-implemented, include the manipulation of electrical signals representing data in a structured form by the processing unit of a computer. This manipulation transforms the data or maintains it at a location in the computer's memory system, which reconfigures or changes the operation of the computer in a manner well understood by those skilled in the art. A data structure that maintains data is a physical...

Embodiment 2

[0057] According to an embodiment of the present invention, a method for processing a TCP connection is also provided, and the method is applied to a protection device. Figure 4 is a schematic flowchart of a method for processing a TCP connection according to an embodiment of the present application.

[0058] Such as Figure 4 As shown, the processing method of the above-mentioned TCP connection comprises the following steps:

[0059] Step S102, receiving a connection message sent by the client for establishing a TCP connection with the server.

[0060] Step S104, determining the message type of the received connection message, wherein the message type of the connection message at least includes: a synchronization message and a response message.

[0061] Step S106, when the message type of the connection message is a response message, verify the response message by using the connection verification information, wherein the connection verification information is generated acco...

Embodiment 3

[0090] According to an embodiment of the present invention, a TCP connection processing device is also provided, and the device is applied to a protection device. Figure 6 is a schematic diagram of a device for processing a TCP connection according to an embodiment of the present application.

[0091] Such as Figure 6 As shown, the device may include: a first receiving module 12 , a first judging module 14 , a first checking module 16 and a first forwarding module 18 .

[0092] Wherein, the first receiving module 12 is used to receive the connection message sent by the client for establishing a TCP connection with the server; the first judging module 14 is used to judge the message type of the received connection message, wherein, The message type of the connection message includes at least: a synchronization message and a response message; the first verification module 16 is used to check the response message by using the connection verification information when the messag...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a processing method, apparatus, and system for TCP connection. The method comprises: a connection message that is sent by a client and is used for establishing TCP connection with a server side is received; a message type of the received connection message is determined, wherein the message types of connection messages at least include a synchronization message and a response message; when the message type of the connection message is the response message type, the response message is verified by using connection verification information, wherein the connection verification information is generated based on a synchronization message; and when the response message verification is done successfully, the response message is forwarded to the server side. Therefore, technical problems that the protection performance is poor and the connection response is delayed because connection needs to be established again after the TCP connection message sent by the client is verified can be solved.

Description

technical field [0001] The present invention relates to the field of the Internet, in particular to a method, device and system for processing a TCP connection. Background technique [0002] SYNFLOOD attack is a very important method in DDoS distributed denial of service attack. It has the characteristics of simple activation method and obvious effect, which can quickly consume the performance of the server and cause the service of the server to be unavailable. [0003] The SYNFLOOD attack takes advantage of the vulnerability of the protocol in the three-way handshake process when establishing a TCP connection, sends a large number of forged TCP connection requests, and makes the server maintain a large number of half-open connections, thereby exhausting the resources of the attacked server and affecting normal connections of establishment. [0004] During the normal process of establishing a connection through TCP, the server will create a connection entry in the kernel p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L1/16
CPCH04L1/1657H04L63/1458H04L69/161H04L69/163H04L1/16H04L69/16H04L69/00H04L9/40H04L67/01H04L1/1607H04L63/0236H04L63/101
Inventor 洪珂欧怀谷马涛陈文生
Owner CHINANETCENT TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap