Unlock instant, AI-driven research and patent intelligence for your innovation.

Syn attack protection method and device

A message and client technology, applied in the field of network communication, can solve the problems of preventing SYN attacks, failure to establish TCP connections, and network abnormalities, etc., to reduce pressure, avoid SYN attacks, and improve efficiency

Active Publication Date: 2019-06-11
ZHEJIANG UNIVIEW TECH CO LTD
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, when using method 1, it is very likely that normal SYN request connection messages will be restricted, resulting in the failure of normal TCP connections to be established, resulting in network anomalies; The SYN attack is transferred from the server to the firewall, that is, when the client initiates a SYN attack, the CPU performance of the firewall will still be reduced and the memory resources of the firewall will be consumed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Syn attack protection method and device
  • Syn attack protection method and device
  • Syn attack protection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the present invention. Rather, they are merely examples of apparatuses and methods consistent with aspects of the invention as recited in the appended claims.

[0053] Because in the prior art, when protecting against SYN attacks, it is likely to limit normal SYN request connection messages, resulting in failure to establish normal TCP connections and causing network abnormalities; or it is impossible to protect against SYN attacks essentially. In order to effectively protect against SYN attacks and effectively avoid the occurrence of the above problems...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a SYN attack protecting method and device. The method comprises the following steps: retrieving a white name list and a black name list according to a message feature of a SYN request connecting message; if retrieving the SYN request connecting message in the white name list, forwarding the SYN request connecting message; if retrieving the same in the black name list, abandoning the SYN request connecting message; if not retrieving the SYN request connecting message in the white name list and the black name list, receiving an ACK acknowledgment connecting message, allowing establishing TCP connection between a client and a server, and adding the message feature of the SYN request connecting message in the white name list; if not receiving the ACK acknowledgment connecting message, adding the message feature of the SYN request connecting message in the black name list. Through the adoption of the method disclosed by the invention, the server can be effectively prevented from SYN attack, and the pressure born by the security equipment while resisting the SYN attack is effectively reduced, and the efficiency of the security equipment of resisting the SYN attack is improved at the same time.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to a method and device for SYN (Synchronous, synchronization) attack protection. Background technique [0002] SYN attack is a kind of DDoS (Distributed Denial of Service, Distributed Denial of Service) attack, which utilizes the TCP (Transmission Control Protocol, Transmission Control Protocol) protocol defect, by sending a large number of semi-connection requests, consuming the CPU performance and memory resources. For example, the attacker controls the client to launch a SYN attack. The client forges a large number of non-existent IP addresses in a short period of time, and continuously sends SYN request connection packets to the server. The server replies with confirmation packets and waits for the confirmation from the client. The address does not exist, and the server cannot receive the confirmation from the client, so the server needs to continuously resend the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1458
Inventor 周迪王军
Owner ZHEJIANG UNIVIEW TECH CO LTD