Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A technology of network attack and processing method, applied in the field of network attack processing, can solve the problems of low accuracy of confirmation attack, large accidental damage of data packets, large system resources, etc.
Inactive Publication Date: 2016-05-04
HILLSTONE NETWORKS CORP
View PDF6 Cites 30 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0014] Embodiments of the present invention provide a method and device for processing network attacks, to at least solve the problem of large accidental damage to data packets of normal traff
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0034] According to an embodiment of the present invention, a method embodiment of a network attack processing method is provided. It should be noted that the steps shown in the flow charts of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.
[0035] figure 1 is a schematic flowchart of a method for processing a network attack according to an embodiment of the present invention, such as figure 1 As shown, the method includes the following steps:
[0036] Step S102, collecting data packet information in the data stream;
[0037] The data packet information in the data flow collected here may include flow information and packet characteristic information of the data packet, wherein, the flow information may be the percentage of data packe...
Embodiment 2
[0134] Figure 6 is a schematic structural diagram of a network attack processing device according to an embodiment of the present invention, such as Figure 6 As shown, the device includes: an acquisition module 61, an analysis module 62, a judgment module 63, a data update module 64, an abnormality detection module 65, a matching module 66 and an execution module 67, wherein,
[0135] Collecting module 61, is used for collecting the packet information in the data flow;
[0136] Parsing module 62, for parsing data packet information, obtain attack detection dimension data and packet feature dimension data;
[0137] Judgment module 63, used to compare the attack detection dimension data and packet feature dimension data with preset / learning data, and judge whether there is abnormality in the attack detection dimension data and packet feature dimension data;
[0138] The data updating module 64 is used for inputting the attack detection dimension data and the packet feature d...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The invention discloses a network attack processing method and device. The method comprises the following steps: collecting data packet information in data stream; analyzing the data packet information to obtain attack detection dimension data and packet characteristic dimension data; comparing the attack detection dimension data and the packet characteristic dimension data with preset/learnt data to judge whether the attack detection dimension data and the packet characteristic dimension data are abnormal; when the judgment result is positive, reporting an abnormal event, and detecting whether the packet characteristic dimension data have abnormal characteristics according to the preset/learnt data; when the judgment result is negative, matching a corresponding easing scheme according to the packet characteristic dimension data; and executing the easing scheme. The network attack processing method and device disclosed by the invention are used for solving the technical problems in the prior art that the accidental damage to a data packet with normal flow in a flooding attack easing process is large, the attach confirmation precision is low and large system resources are consumed for preventing flooding attacks.
Description
technical field [0001] The present invention relates to the technical field of computer applications, in particular to a method and device for processing network attacks. Background technique [0002] With the development of the Internet, while the Internet is convenient for people's lives, network attacks and network security have become a typical feature of the Internet era. Among them, flooding DOSFlood attack is a kind of denial of service attack. The attack principle is simple and the cost is low. It is very harmful and difficult to prevent, and it can cause serious damage to network security in a short period of time. Common DOSFlood attacks include handshake signal flood attack (Synchronous Flood, referred to as SYNFlood), reset connection flood attack (RestTheconectionFlood, referred to as RSTFlood), close connection flood attack (FinishFlood, referred to as FINFlood), confirmation signal flood attack ACKFlood, user data Packet protocol flood attack (UserDertagramPr...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more