Gateway attack prevention method and device

A Gateway, Saturation Technology

Active Publication Date: 2017-06-20
BEIJING BAIDU NETCOM SCI & TECH CO LTD
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of this method is: if the threshold is set too small, normal frequent requests from a certain visitor address may be regarded as attacks; if the threshold is set too large, when faced with attacks from multiple visitor addresses, it is easy to cause service unavailable, or even down
This practice req

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Gateway attack prevention method and device
  • Gateway attack prevention method and device
  • Gateway attack prevention method and device

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0025] Before discussing the exemplary embodiments in more detail, it should be mentioned that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although the flowchart describes the operations as sequential processing, many of the operations can be implemented in parallel, concurrently, or simultaneously. In addition, the order of operations can be rearranged. The processing may be terminated when its operation is completed, but may also have additional steps not included in the drawings. The processing may correspond to methods, functions, procedures, subroutines, subroutines, and so on.

[0026] In the context, "computer equipment", also known as "computer", refers to an intelligent electronic device that can execute predetermined processing procedures such as numerical calculations and / or logical calculations by running predetermined programs or instructions. It can include a processor and In the memory, the processor executes the pre-s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a gateway attack prevention method and device. The method comprises the steps: obtaining the number of access requests received by each interface of a gateway in a unit time; determining an unsafe interface based on the comparison of the obtained number of access requests received by the interface of the gateway in a unit time with the threshold value of the number of access requests received by the interface in a unit time, wherein the threshold value is determined in advance based on the maximum number of load access requests of the interface in a unit time and the proportion of the counted mean load saturation degree of the interface to the sum of the mean load saturation degrees of all interfaces of the gateway; and determining the address of an unsafe visitor at the unsafe interface based on the number of requests of the visitor, visiting the unsafe interface, for access to the unsafe interface in the unit time. The method reduces the possibility of taking the frequent visit of a normal user as the attack while recognizing the address of the unsafe visitor more accurately.

Description

technical field [0001] The invention relates to network security, in particular to a gateway attack prevention method and device. Background technique [0002] In computer networks, gateways are often used. The main function of the gateway is to prevent attacks and limit traffic, so as to ensure network security. For example, if a gateway is set up in an enterprise, messages to access the intranet of the enterprise must first enter the gateway. The gateway recognizes malicious attacks, thereby denying access, and restricting the traffic when the traffic entering the gateway is too large, so as to ensure the security of the enterprise intranet. At present, the main method of gateway attack prevention is: the number of requests entering the gateway through a certain visitor address (such as IP address) per unit time. When the number of times reaches the predetermined threshold, it is considered that the visitor address has an attack behavior, and it is pulled into the black...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/66
CPCH04L12/66H04L63/1416H04L63/20
Inventor 杨延超
Owner BEIJING BAIDU NETCOM SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap