Network flooding attack detection, storage and display system and method

A flood attack and display system technology, applied in transmission systems, electrical components, etc., can solve the problems of no records, network managers do not have records, etc., to achieve the effect of convenient management

Inactive Publication Date: 2016-10-12
DALIAN ROILAND SCI & TECH CO LTD
View PDF3 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When an ARP flood event occurs in the network, there is no memory in the switch to store the abnormal event as a log, causing the network administrator to have no record to check, and has the disadvantage of no record function

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network flooding attack detection, storage and display system and method
  • Network flooding attack detection, storage and display system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0011] Embodiment 1: A system for detecting, storing and displaying network flood attacks. The involved hardware device consists of the following parts: a network physical layer interface chip, a microprocessor, a memory, and a liquid crystal display. The system is connected to a network port of a network switch through a network cable.

[0012] In LAN communication, the Address Resolution Protocol (ARP, Address Resolution Protocol) is often used to obtain the MAC address through the IP address. When a computer A in the local area network needs to obtain its MAC address through the IP address of the destination computer B, this computer A broadcasts an ARP request message containing the IP address of the destination computer B to all computers in the LAN. Computer B will return the MAC address information to determine the MAC address of the target computer B; after receiving the returned message, computer A will store the IP address and MAC address in the local ARP cache and k...

Embodiment 2

[0026] Embodiment 2: A detection, storage and display system of a network flood attack, mainly composed of a network physical layer interface chip, a microprocessor, a memory, and a liquid crystal display, and the detection system is connected to a network port of a switch through a network cable above, used to receive all ARP request frames in the local area network; the microprocessor classifies the received ARP request frames according to the source MAC address, and the microprocessor records the receiving time of the frame and judges the multi-frame ARP Whether the characteristics of the request frame conform to the characteristics of a flood attack, when it is determined that the characteristics belong to the characteristics of a flood attack, the microprocessor records the receiving time of the frame and the MAC address of the source host, stores them in the memory, and saves the data in the memory ARP flooding information is output on the LCD display.

[0027] The featu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network flooding attack detection, storage and display system and method, belongs to the field of network attack detection and is used for solving the defect that in the prior art, there is no network flooding detection, display and record function. The technical essential is that a detection system is connected with a network port of a switch through a network cable and is used for receiving all ARP (Address Resolution Protocol) request frames in a local area network; a microprocessor classifies the received ARP request frames according to source MAC addresses; the microprocessor records receiving time of receiving the frames and judges whether the features of the multiple ARP request frames satisfy the features of a flooding attack or not. When it is judged that the features belong to the features of the flooding attack, the microprocessor records the receiving time and source host MAC addresses of the frames, stores the information in a memory and displaying and outputting multiple pieces of ARP flooding information in the memory in a liquid crystal display. The method and the system have the advantages of having the mobile effect, storage effect and display effect.

Description

technical field [0001] The invention belongs to the field of network attack detection, and relates to a system and method for detecting, storing and displaying network flood attacks. Background technique [0002] Existing LAN network switches only forward network data according to network standard communication protocols, and generally do not have the monitoring and detection function of network flooding, which brings hidden dangers to network communication security and is easily exploited by malware and viruses, causing network flooding. Flooding causes communication blockage, seriously affects network communication, and has the disadvantage of not having the function of detecting flooding. [0003] Existing LAN network switches generally do not have a display function. When a failure occurs in the network, the system setting page of the switch is generally checked by other computers in the LAN to access a specific IP address. However, when ARP flooding occurs in the LAN, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/145H04L63/1416
Inventor 田雨农张东辉付政国
Owner DALIAN ROILAND SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap