Method and device for tracing attack message

An attack packet and attack source technology, which is applied in the field of attack packet source tracing methods and devices, and can solve problems such as difficulty in determining the attack source.

Inactive Publication Date: 2017-03-01
HANGZHOU DPTECH TECH
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

As a result, the source IP address obtained from the attack packet in the above method may be a false source address forged by the attack source, which makes it difficult to determine the attack source

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for tracing attack message
  • Method and device for tracing attack message
  • Method and device for tracing attack message

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0045] The terminology used in this application is for the purpose of describing particular embodiments only, and is not intended to limit the application. As used in this application and the appended claims, the singular forms "a", "the", and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It should also be understood that the term...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and a device for tracing an attack message. The method comprises the steps of acquiring an attack message to be traced; determining a quintuple and an attack time period of the attack message; querying identifiers of routers by which the attack message passes in a netflow log acquired in advance according to the quintuple and the attack time period; arranging the queried identifiers of the routers according to a forwarding sequence of the attack message; determining a router corresponding a first router identifier in an acquired arrangement result to be an attack source of the attack message. According to the method provided by the invention, the netflow log is utilized, no matter whether a source IP address carried by the captured attack message is true or not, a forwarding path of the known attack message can be analyzed through the netflow log, and thus the true source of the attack message is determined.

Description

technical field [0001] The present application relates to the field of communication technology, and in particular to a method and device for tracing the source of an attack message. Background technique [0002] There are attack packets in the network environment, and the attack packets will threaten and affect resources such as services and links. Although most attack packets can be defensively processed at the attack end, the forwarding of attack packets in the network will still occupy and waste link resources of operators. [0003] In order to defend against attack packets at the source, it is often necessary to query the source of the attack packets (hereinafter referred to as the attack source). This process is called source tracing of the attack packets. [0004] One source tracing method is to capture attack packets at the attack end, and use an analysis tool to find the source Internet Protocol (IP) address of the attack packets, and the found source IP address is...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L2463/146
Inventor 佟立超
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap