Attack defense method and device

A technology of attack characteristics and access traffic, applied in the field of data communication, can solve the problems of inability to achieve the effect of protection, attack, and inability to intercept attack traffic

Active Publication Date: 2016-07-13
NEW H3C TECH CO LTD
View PDF4 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At this time, if the attacker constructs attack traffic by operating a client such as a personal computer to attack the server, and the WAF device does not detect any access traffic, the attack traffic cannot be intercepted, that is, the attack traffic is rel

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack defense method and device
  • Attack defense method and device
  • Attack defense method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0015] In order to make the above objects, features and advantages of the present application more obvious and comprehensible, the present application will be further described in detail below in conjunction with the accompanying drawings and specific implementation methods.

[0016] Usually, a web application firewall is used to detect user traffic (ie, access traffic) accessing a website server, thereby intercepting attack traffic attacking the website server. However, the WAF device needs to consume device performance by detecting whether the access traffic matches the attack characteristics; if the access traffic reaches a certain amount, the WAF device will enter the traffic overpressure state, which will trigger the bypass function to release all traffic, resulting in the inability to intercept the attack traffic .

[0017] One of the core concepts of the embodiment of the present application is that the WAF device triggers the trust scoring function in the traffic overp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides an attack defense method and device, and the method comprises the steps: when access flow is monitored, the performance state of equipment is determined; when the performance state is a target state, a score value corresponding to the access flow is determined; calculation is performed according to the present performance data, and a trust threshold value of the equipment is determined; when the score value is lower than the trust threshold value, whether the access flow matches with a preset attack characteristic is determined; and when the access flow matches with the attack characteristic, the access flow is cut. According to the embodiment, a trust score function of WAF equipment is triggered under a flow excess pressure state, whether the score value corresponding to the access flow is lower than the trust threshold value is judged to determine if the access flow needs to be subjected to a deep attack detection, so that attack flow can be detected and intercepted, safety of web server can be ensured, which means, the protecting effect is reached.

Description

technical field [0001] The present application relates to the technical field of data communication, in particular to an attack defense method and an attack defense device. Background technique [0002] With the prevalence of e-commerce, online banking, and e-government, the business value carried by the website (Web) server is getting higher and higher, and the security threats faced by the Web server are also increasing. Therefore, the defense against the Web application layer It has become an inevitable trend, and Web Application Firewall (WAF) has become popular. Among them, the Web Application Firewall is a product that provides protection for Web applications by implementing a series of security policies for HTTP / HTTPS. [0003] Usually, when the performance resources of the WAF device are idle, if the access traffic sent by the client (Client) wants to access the server (Server) at the back end of the firewall (Firewall), it needs to pass the detection of the WAF dev...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L63/145
Inventor 房辉
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap