Method and system for defending distributed denial of service (DDoS) attack

A denial of service attack, distributed denial technology, applied in the field of network security, can solve problems such as failure of defense methods and server downtime

Active Publication Date: 2016-05-25
BEIJING LOCOJOY TECH
View PDF9 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] First, after the hacker attack is identified in the above scheme, only the illegal IP address is blocked, and no further operation is performed
However, if a hacker conducts a test attack to find out the defense method of the target server, and th

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for defending distributed denial of service (DDoS) attack
  • Method and system for defending distributed denial of service (DDoS) attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0054] see figure 1 Shown is a specific embodiment of a method for defending against distributed denial-of-service attacks described in this application, including:

[0055] Step 101, detecting the IP address that accesses the network within the set time slice, and comparing the detected IP address with the legally permitted access IP address stored in the legal IP records of the database to determine the rate of increase in the number of new IP addresses per unit time;

[0056] Step 102, perform further operations according to the increase rate of the number of new IP addresses per unit time:

[0057] When the increase rate of the number of new IP addresses per unit time is less than the set first speed threshold, it is determined that there is no attack, and the processing method when not under attack is executed, and the service is normally provided;

[0058] When the increase rate of the number of new IP addresses per unit time is greater than the set first speed threshol...

Embodiment 2

[0070] On the basis of Embodiment 1, the present invention also provides a system for defending against distributed denial-of-service attacks capable of implementing the method of Embodiment 1 above, the system comprising:

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a system for defending a distributed denial of service attack. The method comprises the following steps: detecting an IP address of an access network within a set time slice, comparing the detected IP address with a legal IP address which is allowed to be accessed and saved in a legal IP record set of a database, and determining an increasing rate of a number of new IP addresses within unit time; and executing further operation according to the increasing rate of the new IP addresses within the unit time: executing an attack-free processing way, and normally providing services; executing a processing way under a feeler flooding DDoS attack; or executing a processing way under a formal flooding DDoS attack. Through adoption of the method and the system, defensive power can be dynamically adjusted according to an attack type of a hacker, so that an attack source of the hacker is directly denied.

Description

technical field [0001] The present application relates to the technical field of network security, in particular, to a method and system for defending against distributed denial of service attacks. Background technique [0002] Distributed denial of service attack (DistributedDenialofService, DDoS) is one of the major threats to network security. This kind of attack once paralyzed the sites of several famous e-commerce providers in the world (such as Yahoo, eBay, Amazon, etc.) for several hours or even several days, causing huge economic losses. Denial of service attacks are very easy to launch, and do not require a certain technical foundation like other attacks. [0003] The fundamental reason why the denial of service attack is easy to implement is the vulnerability of the TCP / IP protocol. The TCP / IP protocol is the cornerstone of the Internet. It is designed to be used in an open and mutually trusting group. It strives for efficiency in implementation without consideri...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1458
Inventor 马思玄
Owner BEIJING LOCOJOY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap