Link type DDoS defense method and system based on migration of forward path

A forwarding path and link technology, applied in transmission systems, digital transmission systems, advanced technologies, etc., can solve problems such as hindering network or service management efficiency

Inactive Publication Date: 2017-07-18
INST OF INFORMATION ENG CAS
View PDF3 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the tightly coupled nature of the existing network control plan

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Link type DDoS defense method and system based on migration of forward path
  • Link type DDoS defense method and system based on migration of forward path
  • Link type DDoS defense method and system based on migration of forward path

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. It should be understood that the described embodiments are only part of the embodiments of the present invention, not all of them. example. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention.

[0054] refer to image 3 , in an embodiment, a link-type DDoS defense system based on forwarding path self-migration is described, including a path migration server. The path migration server includes: a traffic collection and data statistics module, a cache space maintenance module, a time window maintenance module, a detection module and a path migration module.

[0055] The traffic collection and data statistics module is used t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a link type DDoS defense method based on migration of a forward path, applied to SDN. The method comprises the steps of 1, constructing a network flow matrix and positioning a congested link by collecting LLDP messages; 2, judging whether the congested link forms a link flooding attack; 3, if the link flooding attack exists, recognizing a suspicious network flow in the congested link; and 4, selecting a migrating link set not close to the congested link according to a constraint condition, selecting the network flow to be migrated and a migration interval, and generating migration rule information; and migrating the suspicious work flow according to the migration rule information. The method is implemented in the software definition network based on OpenFlow. According to the method provided by the invention, deployment of a link type DDoS defense system is achieved by using components easy to maintain and migrate. Meanwhile the system for implementing the method is provided.

Description

technical field [0001] The invention belongs to the field of computer network security. Specifically, it relates to a link-type DDoS defense method and system based on forwarding path self-migration. Background technique [0002] With the continuous popularization and deepening of network applications, on the one hand, the Internet is profoundly affecting people's lifestyles and gestating the new normal of social operation; on the other hand, it has also become a national strategic key infrastructure, supporting the effective operation of important areas of the country. However, the tightly coupled nature of the existing network control plane and data plane hinders the efficiency of network or service management. The design idea of ​​separation of logic control and data forwarding in Software Defined Network (Software Defined Network, SDN) brings new ideas to the problem that distributed routing is difficult to effectively manage collaboratively. It decouples the control f...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/721H04L12/801H04L29/06
CPCH04L45/32H04L47/11H04L63/145Y02D30/00
Inventor 王利明雷程马多贺孔同陈凯欧悯洁董文婷
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap