Malicious scanning defense method and system based on adaptive IP address conversion

An IP address and defense system technology, applied in the field of network security, can solve problems such as the blindness of network transition strategies, reduce the effectiveness of defense, and the lack of adaptability of malicious scanning strategies, so as to improve the success rate of defense and improve the adaptive jump rate. change and improve manageability

Inactive Publication Date: 2017-07-25
INST OF INFORMATION ENG CAS
View PDF3 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the lack of adaptability of the hopping mechanism to the malicious scanning strategy, the network hopping strategy is blind
As

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious scanning defense method and system based on adaptive IP address conversion
  • Malicious scanning defense method and system based on adaptive IP address conversion

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. It should be understood that the described embodiments are only part of the embodiments of the present invention, not all of them. example. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention.

[0049] Such as figure 1 Shown is a schematic structural diagram of a malicious scanning defense system based on IP address adaptive conversion in an embodiment of the present invention. When the attacker scans the network IP address, a detection agent is deployed in each subnet, and the detection agent is used to collect request data packets, calculate and count the distribution probability of the source IP address and destination I...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious scanning defense method based on adaptive IP address conversion, applied to an SDN. The method comprises the following steps: 1) in the case of a scanning attack, sampling a request data packet from each subnet of the SDN, and analyzing the request data packet to generate statistical data within different time intervals; 2) calculating the distribution of a source IP address, a destination IP address and a destination port number within each time interval according to the statistical data; 3) calculating the Sibson entropy of the same distribution of the source IP addresses, the destination IP addresses and the destination port numbers within adjacent time intervals, and judging a scanning attack strategy accordingly; and 4) generating an IP address transfer strategy according to the scanning attack strategy, and implementing virtual IP address conversion according to the IP address transfer strategy. Meanwhile, the invention further provides a system for implementing the method. The system comprises constructing a controller, hopping proxy and detection proxy in the SDN architecture for implementing the steps in the method.

Description

technical field [0001] The invention belongs to the field of network security. Specifically, it relates to a malicious scanning defense method and system based on IP address adaptive conversion in a software-defined network environment. Background technique [0002] Software-defined networking (SDN) is a network architecture that decouples the control function of network devices such as routers and switches from the data forwarding function based on the design idea of ​​separating logic control and data forwarding. It manages the entire network by a programmable logical centralized controller; the data forwarding function is realized by the underlying forwarding equipment. The characteristics of SDN centralized control enable the controller to obtain network performance indicators online, and on this basis, allocate resources in a timely manner and implement global decisions. The OpenFlow protocol is a standardized interface for controllers to manage and configure underlyi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/12
CPCH04L61/2503H04L63/1466H04L63/20
Inventor 王利明雷程刘世文马多贺陈凯董文婷孔同
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap