Method, device and system for network attack defense

A network attack and intranet technology, applied in the network field, can solve the problem of not being able to clean DNS response attacks, and achieve the effect of alleviating the impact

Active Publication Date: 2017-02-22
ALIBABA GRP HLDG LTD
View PDF7 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since the dynamic whitelist only contains IP addresses of real sources and does not contain IP addresses of fake sources, the source detection method can only clean DNS response attacks initiated by fake sources, but not DNS response attacks initiated by real sources.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for network attack defense
  • Method, device and system for network attack defense
  • Method, device and system for network attack defense

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0083] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0084] In order to clearly introduce the application scenario of this application, see figure 1 , is a network attack defense system, and the system specifically includes an external network device 100 , a routing device 200 , an internal network device 300 and a cleaning device 400 bypassing the routing device 200 .

[0085] Among them, the external network device 100 is used to send to the cleaning device 400 a DNS response message intended to be sent to the internal network devic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method, a device and a system for network attack defense. The method comprises steps that target DNS response messages sent by external network equipment to internal network equipment are received; on the condition that a dynamic white list comprises source addresses of the target DNS response messages, whether the target DNS response messages satisfy preset conditions is determined; if yes, the target DNS response messages are dumped; the preset conditions at least comprise that target domain names of the target DNS response message are not included in historical domain name records, and each historical domain name of the historical domain name records is respectively extracted from historical DNS response messages sent by the external network equipment. The method is advantaged in that actual sources in different modes attacking the DNS response messages of the internal network equipment can be filtered, and impact of DNS response attack on business and the network can be alleviated.

Description

technical field [0001] The present application relates to the field of network technology, and in particular to a method, device and system for defending against network attacks. Background technique [0002] With the continuous advancement of network technology, there are more and more network attacks in the network field. At present, among many network attacks, Distributed Denial of Service (DDoS) has become a relatively serious attack means. In the DDOS attack, the DNS response attack has become a mainstream attack type, and the DNS response attack can also be called a Domain Name System (DNS, Domain Name System) response attack. [0003] In order to prevent DNS response attacks, cleaning devices can be added to the original system to form a defense system. see figure 1 It is a structural schematic diagram of a defense system. It can be seen from the illustration that the cleaning equipment bypass is set on one side of the routing equipment. [0004] In the case of cl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L1/18H04L45/74
CPCH04L1/1858H04L63/0236H04L63/1458H04L63/1466H04L63/101H04L61/4511H04L9/40H04L63/1441
Inventor 肖洪亮张大成
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap