Reflection attack defending method, device and system

A technology for defending reflection and attacking packets, applied in the field of Internet security, it can solve the problems of increasing user costs, inability to implement in-line deployment, and limited deployment scenarios, so as to achieve the effect of defending reflection attacks.

Active Publication Date: 2017-10-10
ALIBABA GRP HLDG LTD
View PDF5 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are several problems with in-line deployment: first, deployment is difficult, and redundancy needs to be considered to avoid introducing a single point of failure; second, deployment costs are high, and in-line deployment requires that the processing capacity of the cleaning device and the link bandwidth exactly match , thus increasing the user's cost; third, the deployment scenarios are limited, such as MAN protection and other situations where the entire network traffic needs to be protected, and direct deployment cannot be achieved
At the same time, the session check itself also needs to be enhanced for DNS reflection. The current session information only records quintuple information, and cannot check the unique information of DNS packets.
[0005] Since the session inspection method needs to deploy the cleaning device directly, when the cleaning device is deployed in a bypass, this method will leak packets or kill by mistake, and cannot effectively defend against DNS reflection attacks
[0006] Aiming at the scenario where the existing technology is deployed in the bypass of the cleaning device, the current technology has the problems of packet leakage and manslaughter in the process of defending against reflection attacks, and no effective solution has been proposed so far

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Reflection attack defending method, device and system
  • Reflection attack defending method, device and system
  • Reflection attack defending method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] According to an embodiment of the present application, an embodiment of a method for defending against reflection attacks is also provided. It should be noted that the steps shown in the flowcharts of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, and , although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0047] The method embodiment provided in Embodiment 1 of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. Take running on a computer terminal as an example, figure 2 It is a hardware structural block diagram of a computer terminal according to a method for defending against reflection attacks according to an embodiment of the present application. Such as figure 2 As shown, the computer terminal 20 may include one or ...

Embodiment 2

[0129] According to an embodiment of the present application, an embodiment of a method for defending against reflection attacks is also provided. It should be noted that the steps shown in the flowcharts of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, and , although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0130] This application provides Figure 11 The method shown to defend against reflection attacks. Figure 11 is a flow chart of a method for defending against reflection attacks according to Embodiment 2 of the present application, such as Figure 11 As shown, the above method may include the following steps:

[0131] In step S112, the cleaning device receives a session synchronized by the detection device, wherein the session is a session obtained by the detection device according...

Embodiment 3

[0189] According to an embodiment of the present application, there is also provided a reflection attack defense device for implementing the above reflection attack defense method, such as Figure 12 As shown, the device includes: a first acquisition module 122 and a synchronization module 124 .

[0190] Wherein, the first obtaining module 122 is used to obtain the request message sent by the access host, and obtains the session corresponding to the request message; the synchronization module 124 is used to synchronize the session corresponding to the request message to the cleaning device; wherein, the cleaning device receives After receiving any response message, check whether there is a session matching the response message according to the response message, and if the query fails, determine that the response message is an attack message.

[0191] Specifically, the detection device can be deployed on the routing device in a bypass, and the request message sent by the access...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a reflection attack defending method, device and system. The method comprises the steps of receiving a response message; searching, according to the response message, whether a session matched with the response message exists; and determining, based on a searching result, whether the response message is an attack message. In the prior art, when deployment is carried out at a bypath of a cleaning device, the existing reflection attack defending method has the defects of package leakage and killing mistakes. Through adoption of the reflection attack defending method, device and system, the technical problems in the prior art are solved.

Description

technical field [0001] The invention relates to the field of Internet security, in particular to a method, device and system for defending reflection attacks. Background technique [0002] DNS reflection attack has become the mainstream DDoS attack type in the current network, such as figure 1 As shown, the principle is that the attacker uses a large number of zombie hosts controlled by the attacker to send DNS requests to many open DNS servers in the Internet, but the source IP address in the request is the IP of the victim, so with the help of the rebound of the open DNS server, a DNS reflection attack. Due to the characteristics of easy implementation, large traffic, and difficult to track, DNS reflection attacks have become the preferred means of launching large traffic attacks, which bring great harm to user services and their networks. Therefore, effective methods are needed to defend and clean DNS reflection attacks, so as to alleviate the impact on services or netw...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1458H04L63/1466H04L65/1066
Inventor 肖洪亮张大成
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap