Unlock instant, AI-driven research and patent intelligence for your innovation.

A cleaning method and system for ack flood attack

A technology for cleaning systems and messages, which is applied in the field of computer networks, can solve problems such as discarding or passing, little effect, and inability to effectively deal with cleaning methods, so as to achieve maximum performance, reduce performance consumption, and prevent the possibility of connection forgery sexual effect

Active Publication Date: 2020-01-31
GUANGDONG EFLYCLOUD COMPUTING CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The above two methods have obvious disadvantages. The first method of limiting ACKs, whether normal or attacking ACK packets, may be discarded or passed. This method of cleaning ACK attacks has little effect and can only be used to Ensure that other adjacent servers are not affected; while the second type simply verifies whether there is an active connection in the ACK 5-tuple, and can only deal with relatively simple and random ACK attacks. If the attacker sends the same 5-tuple of SYN and ACK packet attack, or frequently use the same 5-tuple ACK packet to attack, this cleaning method cannot effectively deal with it

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A cleaning method and system for ack flood attack
  • A cleaning method and system for ack flood attack
  • A cleaning method and system for ack flood attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] refer to figure 1 , the cleaning method of a kind of ACK FLOOD attack of the present invention, comprises the following steps:

[0057] A. Establish an identification status array;

[0058] B. When a message is received, obtain the total length of the message and the quintuple information of the message;

[0059] C, judge whether the type of the message is a SYN message and whether the total length of the message is greater than a preset length threshold, if so, discard the message; otherwise, perform step D;

[0060] D. Determine whether the message is the first message, if so, execute step E; otherwise, execute step F;

[0061] E, judge whether the type of this message is a SYN message, if so, then set the connection status as connection establishment, set the number of repeated establishments as 0, set the last connection time as the current time, and discard the message; otherwise , the message is discarded;

[0062] F. Determine whether the type of the message ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a cleaning method for ACK FLOOD attacks and the system discards the SYN connection authentication method of the first message, without sending any data to the source address, which simplifies network deployment, reduces the performance consumption of cleaning equipment, and increases The restriction on the SYN retransmission time and the number of retransmissions effectively prevents the possibility of the attacker forging the connection. On this basis, the ACK message is filtered, and only the ACK message with the legal connection identifier is allowed to pass through. , so that it can be accurate and can achieve the maximum performance effect. The invention can be widely used in ACK attack defense technology.

Description

technical field [0001] The invention relates to the technical field of computer networks, in particular to a cleaning method and system for ACK FLOOD attacks. Background technique [0002] Denial of Service attack (DoS, Denial of Service) refers to using various service requests to exhaust the system resources of the attacked network, so that the attacked network cannot process the requests of legitimate users. With the rise of botnets, and due to the characteristics of simple attack methods, large impact, and difficulty in tracing, distributed denial of service attacks (DDoS, Distributed Denial of Service) have grown rapidly and become increasingly rampant. A botnet composed of tens of thousands of hosts provides the required bandwidth and hosts for DDoS attacks, forming a huge attack and network traffic, causing great harm to the attacked network. [0003] With the continuous improvement and development of DDoS attack technology, operators such as ISPs, ICPs, and IDCs fac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1458H04L63/1466
Inventor 梁润强叶梅霞黄燕飞杨燕清李坤祥
Owner GUANGDONG EFLYCLOUD COMPUTING CO LTD