Application level DDoS defense method and system

A defense system and application layer technology, applied in the network field, can solve problems such as accidental injury of legitimate users, failure to achieve defense effects, failure to establish models, etc., to achieve the effect of ensuring normal operation

Active Publication Date: 2016-05-18
CHINA UNIONPAY
View PDF7 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When the business website is relatively large and the visiting users are relatively complex, using this method cannot est

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application level DDoS defense method and system
  • Application level DDoS defense method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Illustrative examples of the invention will now be described with reference to the accompanying drawings. The same reference numerals denote the same elements. The embodiments described below are intended to help those skilled in the art to fully understand the present invention, and are intended to be illustrative rather than limiting. Unless defined otherwise, the terms (including scientific, technical and industry terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. In addition, the sequence of the steps in the flowchart is not limited to the sequence shown in the illustration.

[0025] figure 1 It is a flowchart of an application layer DDoS defense method according to an example of the present invention. The method is performed in an application environment including a client and a server, wherein the client and the server are communicatively connected. The client can initiate a requ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides an application level DDoS defense method. The method comprises: a) an information collection module arranged at a client collects user motion information of a client web browser: b) the client sends a first web request to a server to require a secret key; c) the server determines whether the first web request is legal or not, and if the first web request is legal, the secret key is transmitted to the client; d) the client initiates a second web request to the server, and the second web request is encrypted by the secret key and includes collected user motion information fields; e) the server receives the second web request and determines whether the second web request includes the user motion information yield or not; f) if the second web request includes the user motion information yield, it is determined whether the user motion accords with a preset condition; and g) the second web request is processed in the condition that it is determined the user motion is in the preset range. The present invention further provides an application level DDoS defense system.

Description

technical field [0001] The present invention relates to network technology, more specifically, relates to application layer DDoS defense technology. Background technique [0002] With the development of the Internet, most enterprises will provide services to users through Web sites. Therefore, the application layer distributed denial of service (DDoS) attack against the web server will threaten the normal operation of the website, and even cause loss of users and loss of profits. Different from traditional DDoS attacks, application-layer DDoS attacks will use real IP to establish a normal TCP connection with the server, and the data packets have the same format as normal data packets. Therefore, traditional feature matching methods for data packets are difficult to deal with application-layer DDoS attacks. [0003] At present, there are three main defense methods for application layer DDoS: 1. Verify the request subject. The problem with this type of method is that verifica...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0876H04L63/1458H04L63/1466H04L67/02
Inventor 朱浩然华锦芝杨阳
Owner CHINA UNIONPAY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap