Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for defending distributed denial of service attack

A distributed denial-of-service and security service technology, applied in the field of defense against distributed denial-of-service attacks, can solve problems such as unprotected end protection and inability to update protection strategies in time, so as to improve the ability to defend against DDOS attacks and reduce manual intervention.

Inactive Publication Date: 2017-01-25
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF5 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The embodiment of the present application provides a method and device for defending against DDOS attacks, which are used to solve the problem that the traffic cleaning device in the prior art cannot update the protection strategy in time and cannot effectively protect the protected end in real time when encountering a DDOS attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for defending distributed denial of service attack
  • Method and device for defending distributed denial of service attack
  • Method and device for defending distributed denial of service attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0074] In the embodiment of the present application, the cloud security service center can judge whether the traffic cleaning device is receiving a DDOS attack according to the status of the protected end detected in real time and the traffic statistics data reported by the traffic cleaning device; after determining that the traffic cleaning device is receiving a DDOS attack , instructing the traffic cleaning device to capture packets and send them to itself during the process of being attacked, and then, after receiving the packets, it can generate an updated protection strategy for the traffic cleaning device according to the attack characteristics of these packets. This application implements In the example, the cloud security service center can intelligently update the protection parameters for the traffic cleaning device when the traffic cleaning device is under DDOS attack, so that the protected end can be effectively protected in real time. In addition, in a preferred em...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of network safety and especially relates to a method and a device for defending distributed denial of service (DDOS) attack. The method and device are used for solving the problem in the prior art that a protected terminal can not be effectively protected in real time when a flow cleaning device encounters with DDOS attack. The method provided by the embodiment of the invention comprises the following steps: judging if the flow cleaning device encounters with DDOS attack according to a flow statistic data reported by the flow cleaning device corresponding to the protected terminal when a cloud security service center detects that the state of the protected terminal meets a preset fault condition; sending an instruction for capturing the message to the flow cleaning device after confirming that the flow cleaning device encounters with DDOS attack; receiving the message sent by the flow cleaning device and generating an updating defense strategy for the flow cleaning device by analyzing the attack features of the received message; and sending the generated updating defense strategy to the flow cleaning device, so that the flow cleaning device defends the DDOS attack.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method and device for defending against distributed denial of service (Distributed Denial of Service, DDOS) attacks. Background technique [0002] At present, network security issues are becoming increasingly prominent, and DDOS attacks have become one of the most common attack methods on the Internet. [0003] In the prior art, a traffic cleaning device is mainly used for protection against DDOS attacks launched on the network, and the operation mode of the traffic cleaning device is as follows. [0004] The attack and defense personnel manually configure the protection strategy of the traffic cleaning device in advance according to the customer's business characteristics and network environment. The pre-configured protection strategy directly affects the protection effect of the traffic cleaning device. However, due to the complex and changeable characteris...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1458H04L67/10
Inventor 周士钦叶晓虎何坤张磊陈俊
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products