Unlock instant, AI-driven research and patent intelligence for your innovation.
Method and system for preventing address scanning attack based on SDN
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
An address and IP address technology, which is applied in transmission systems, electrical components, etc., can solve problems such as network interruption, affecting the smooth flow of business processes, and misjudgment, and achieve the effect of preventing address scanning attacks
Active Publication Date: 2017-02-22
杨大海
View PDF6 Cites 3 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
If the directly connected network segment is large and the attack traffic is large enough, it will consume more CPU and memory resources of the network device, which may cause network interruption.
Traditional anti-address scanning simply discards anti-address scanning packets, which will affect the smooth flow of normal business processes
The traditional anti-address scanning algorithm is based on the local, and the whole algorithm is isolated. It is only based on a certain switch to judge that the destination IP is directly connected to the network segment, which may cause misjudgment.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0040] In this embodiment, an SDN-based address scanning attack prevention system includes an SDN controller and an SDN switch (S0, S1, S2, S3), and the SDN controller has an unmatched flow table message receiving module and an address scanning message judgment module, flow table distribution module; among them,
[0041] The unmatched flow table message receiving module is used to receive the message from the unmatched flow table of the SDN switch;
[0042] The address scanning packet judging module is used to judge whether the unmatched flow table packet received by the unmatched flow table packet receiving module is an address scanning attack packet;
[0043] The flow table sending module is used to send the flow table to the SDN switch, and if it is determined that the message that does not match the flow table is an address scanning attack message, the flow table is issued to prevent subsequent messages from performing address scanning attacks;
[0044] The packets that d...
Embodiment 2
[0064] In this embodiment, a method for preventing address scanning attacks based on SDN is carried out in the following steps:
[0065] Step 1, the SDN switch reports the message that the SDN controller does not match the flow table;
[0066] Step 2, the SDN controller judges whether the packet that does not match the flow table is an address scanning attack packet;
[0067] Step 3, if step 2 determines that the packet that does not match the flow table is an address scanning attack packet, then the SDN controller issues a flow table to prevent subsequent packets from performing address scanning attacks; if step 2 determines that the packet that does not match the flow table is not For address scanning attack packets, the SDN controller issues a flow table for forwarding.
[0068] The above method is an SDN-based anti-address scanning attack algorithm, and its general flow chart is as follows figure 2 As shown, before step 1, the SDN switch needs to report the IP address a...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
PUM
Login to View More
Abstract
The invention relates to the SDN technical field and specifically provides a method and system for preventing address scanning attack based on an SDN. The system comprises an SDN controller and an SDN switch. The SDN controller comprises an unmatched flow table message reception module, an address scanning message judgment module and a flow table issue module, wherein the unmatched flow table message reception module is used for receiving an unmatched flow table message from the SDN switch; the address scanning message judgment module is used for judging whether the unmatched flow table message received by the unmatched flow table message reception module is an address scanning attack message; and the flow table issue module is used for issuing a flow table to the SDN switch, and issuing the flow table when the unmatched flow table message is judged to be the address scanning attack message to prevent a follow-up message from carrying out address scanning attack. The unmatched flow table message comprises source IP information and target IP information. The method and system are convenient to configure, efficient and accurate.
Description
technical field [0001] The invention relates to the technical field of SDN, in particular to an SDN-based method and system for preventing address scanning attacks. Background technique [0002] Address scanning attack is that the attacker sends a large number of IP packets with changing destination addresses to the target network. When an attacker scans the directly connected network segment of the network device, the network device will send an ARP message to each address under the network segment. If the address does not exist, it needs to send a destination host unreachable message. If the directly connected network segment is large and the attack traffic is large enough, more CPU and memory resources of network devices will be consumed, which may cause network interruption. Traditional anti-address scanning simply discards anti-address scanning packets, which will affect the smooth flow of normal business processes. The traditional anti-address scanning algorithm is b...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to View More 
Login to View More