Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DDoS(Distributed Denial of Service)attack defensive system for application layer based on multiple feature recognition

An attack defense system and multiple features technology, applied in the field of comprehensive DDoS defense algorithms, can solve the problems of inability to prevent application layer attacks, limited computing resources, single firewall detection mechanism, etc.

Inactive Publication Date: 2016-05-25
SHENZHEN YIKAYI NETWORK TECH
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] The detection mechanism of the traditional firewall is relatively simple, and the attack detection ability of the upper layer protocol is insufficient, and it cannot prevent the attack from the application layer. Its computing resources are limited, the detection depth is insufficient, and the detection efficiency is slow. Diversified, fully simulating normal browser access by real business users, which cannot be detected by traditional firewalls, so it will become a network bottleneck
[0003] With the complex and changeable characteristics of Internet applications, more complex attack methods are derived, and users can only upgrade with manufacturers; the traditional firewall interception strategy still adopts a relatively crude one-size-fits-all approach or an isolation network mechanism, such as attached figure 2 As shown, there is a serious deficiency in the detection and analysis of upper-layer traffic, the false positive rate is too high, and the normal access of users is often filtered and intercepted, and users are interrupted, which is unacceptable to enterprises and users.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS(Distributed Denial of Service)attack defensive system for application layer based on multiple feature recognition
  • DDoS(Distributed Denial of Service)attack defensive system for application layer based on multiple feature recognition
  • DDoS(Distributed Denial of Service)attack defensive system for application layer based on multiple feature recognition

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014] The technical scheme of the patent of the present invention will be described in further detail below in conjunction with specific embodiments.

[0015] see figure 1 and Figure 4 , an application layer DDoS attack defense system based on multiple feature recognition, the technical solution of this patent will be further described in detail below in conjunction with specific implementation methods.

[0016] When a user initiates a request, the system stores the user data packet information into the net-node network flow table, analyzes and processes the user data packet, and records its last access time, source address, destination address, destination port, and sending data. and the size of the received data packet to determine whether the source is authentic and reliable; insert a verification data when returning data to the user, and check whether the source is authentic and reliable again. After confirming that the source is authentic, add the user to the white li...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDoS(Distributed Denial of Service) attack defensive system for an application layer based on multiple feature recognition. When a user initiates a request, the system stores information of a user data packet in a net-node network flow table, analyzes the user data packet, and judges whether the source of the user data packet is real and reliable or not; verification data is inserted when data is returned to the user; whether the source is real and reliable or not is detected again; afterthe fact that the source is real is determined, the credibility of the user is a threshold value credibility; the system distributes a cookie identity identifier to the source; then, a data database for recording the cookie identity identifier is established; access information of the cookie identity identifier within a certain time period is recorded and stored; the access information is used as the basis of identity verification management; and corresponding dispatching is carried out through analysis and treatment of a feature library. According to the invention, whether the long-term access behaviour of the user is normal or illegal can be analyzed and judged by establishing a blacklist and a whitelist ofaccess feature detection analysis; and the normal flow of the user cannot be intercepted when a DDoS attack occurs.

Description

technical field [0001] The invention relates to a comprehensive DDoS defense algorithm, in particular to an application layer DDoS attack defense system based on multiple feature recognition. Background technique [0002] The detection mechanism of the traditional firewall is relatively simple, and the attack detection ability of the upper layer protocol is insufficient, and it cannot prevent the attack from the application layer. Its computing resources are limited, the detection depth is insufficient, and the detection efficiency is slow. Diversified, fully simulating the access of normal browsers and real business users, which cannot be detected by traditional firewalls, so it will become a network bottleneck. [0003] With the complex and changeable characteristics of Internet applications, more complex attack methods are derived, and users can only upgrade with manufacturers; the traditional firewall interception strategy still adopts a relatively crude one-size-fits-al...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0218H04L63/0807H04L63/101H04L63/1425H04L63/1458H04L63/16
Inventor 蒙重安
Owner SHENZHEN YIKAYI NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com