Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Gateway attack prevention method and device

A Gateway, Saturation Technology

Active Publication Date: 2017-06-20
BEIJING BAIDU NETCOM SCI & TECH CO LTD
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of this method is: if the threshold is set too small, normal frequent requests from a certain visitor address may be regarded as attacks; if the threshold is set too large, when faced with attacks from multiple visitor addresses, it is easy to cause service unavailable, or even down
This practice requires human intervention
[0004] The existing technology lacks a more reasonable way to identify unsafe visitor addresses so as to achieve the purpose of gateway attack prevention. While more accurately identifying unsafe visitor addresses, it reduces the risk of frequent visits by normal users as attacks. possibility

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Gateway attack prevention method and device
  • Gateway attack prevention method and device
  • Gateway attack prevention method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Before discussing the exemplary embodiments in more detail, it should be mentioned that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although the flowcharts describe operations as sequential processing, many of the operations may be performed in parallel, concurrently, or simultaneously. In addition, the order of operations can be rearranged. The process may be terminated when its operations are complete, but may also have additional steps not included in the figure. The processing may correspond to a method, function, procedure, subroutine, subroutine, or the like.

[0026] The term "computer equipment" in this context, also referred to as "computer", refers to an intelligent electronic device that can perform predetermined processing procedures such as numerical calculations and / or logic calculations by running predetermined programs or instructions, which may include a processor and The memory is realized by the processor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a gateway attack prevention method and device. The method comprises the steps: obtaining the number of access requests received by each interface of a gateway in a unit time; determining an unsafe interface based on the comparison of the obtained number of access requests received by the interface of the gateway in a unit time with the threshold value of the number of access requests received by the interface in a unit time, wherein the threshold value is determined in advance based on the maximum number of load access requests of the interface in a unit time and the proportion of the counted mean load saturation degree of the interface to the sum of the mean load saturation degrees of all interfaces of the gateway; and determining the address of an unsafe visitor at the unsafe interface based on the number of requests of the visitor, visiting the unsafe interface, for access to the unsafe interface in the unit time. The method reduces the possibility of taking the frequent visit of a normal user as the attack while recognizing the address of the unsafe visitor more accurately.

Description

technical field [0001] The invention relates to network security, in particular to a gateway attack prevention method and device. Background technique [0002] In computer networks, gateways are often used. The main function of the gateway is to prevent attacks and limit traffic, so as to ensure network security. For example, if a gateway is set up in an enterprise, messages to access the intranet of the enterprise must first enter the gateway. The gateway recognizes malicious attacks, thereby denying access, and restricting the traffic when the traffic entering the gateway is too large, so as to ensure the security of the enterprise intranet. At present, the main method of gateway attack prevention is: the number of requests entering the gateway through a certain visitor address (such as IP address) per unit time. When the number of times reaches the predetermined threshold, it is considered that the visitor address has an attack behavior, and it is pulled into the black...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/66
CPCH04L12/66H04L63/1416H04L63/20
Inventor 杨延超
Owner BEIJING BAIDU NETCOM SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products