Method and device for cleaning forged source IP in DDOS (Distributed Denial of Service) defense system

A defense system and IP address technology, applied in the field of network security, can solve the problems of large source IP, attack traffic bypassing the defense system, and small number of packets, etc., and achieve the effect of stable hop count

Pending Publication Date: 2017-03-22
GUANGZHOU HUADUO NETWORK TECH
View PDF13 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In the above DDOS defense process, if there are a large number of forged source IP attacks, the attack traffic will bypass the defense system or bring huge pressure to the defense system:
[0006] (1) If the fake source IP hits the whitelist, it may directly penetrate the DDOS defense system without being blocked;
[0007] (2) The attack characteristic of forging source IP is that there are many attack packets, but the number of packets belongi

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for cleaning forged source IP in DDOS (Distributed Denial of Service) defense system
  • Method and device for cleaning forged source IP in DDOS (Distributed Denial of Service) defense system
  • Method and device for cleaning forged source IP in DDOS (Distributed Denial of Service) defense system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to enable those skilled in the art to better understand the solutions of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention.

[0052] In some processes described in the specification and claims of the present invention and the above-mentioned drawings, a plurality of operations appearing in a specific order are contained, but it should be clearly understood that these operations may not be performed in the order in which they appear herein Execution or parallel execution, the serial numbers of the operations, such as 101, 102, etc., are only used to distinguish different operations, and the serial numbers themselves do not represent any execution order. Additionally, these processes can include more or fewer operations, and these operations can be performed sequentially or in parallel. It should be n...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a device for cleaning a forged source IP in a DDOS (Distributed Denial of Service) defense system. The method comprises steps: a message flow with an access address to be a target server is detected; when the message flow exceeds a set threshold, a preset number of messages are intercepted from the flow as to-be-detected messages; the source IP address and the survival time value of one to-be-detected message are acquired, and according to the survival time value, the hop number when the to-be-detected message passes through a network node is calculated; and a hop set corresponding to the source IP address is queried in a local data sheet, when the hop number does not belong to the hop set, the to-be-detected message is discarded, and thus, the to-be-detected message can be prevented from arriving at the target server. Thus, the forged flow can be effectively and accurately cleaned.

Description

technical field [0001] The present invention relates to the technical field of network security, more specifically, to a method and device for cleaning counterfeit source IP in a DDOS defense system. Background technique [0002] Distributed Denial of Service (DDoS, Distributed Denial of Service) attack is that the attacker makes a large amount of network traffic flow to the attack target at the same time, causing network congestion, resource exhaustion or even downtime of the target host to achieve the purpose of denial of service on the target host. [0003] DDOS attacks are usually realized by various attack software and application software on botnets and proxy servers generating a large amount of traffic. In the attack, forging the source IP attack is a very common way, the reasons are as follows: (1) can avoid supervision and traceability; (2) avoid the response of the target host to the attack data to bring pressure on the attacking host; (3) through the forged source...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1458
Inventor 王辉
Owner GUANGZHOU HUADUO NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap