Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for detecting LDoS attack targeting Internet autonomous domain

An attack detection and autonomous domain technology, applied in the field of Internet security, can solve problems such as lack of LDoS attacks

Active Publication Date: 2017-10-27
SURFILTER NETWORK TECH
View PDF5 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to solve the lack of an effective LDoS attack detection method in the prior art to prevent the problem of LDoS attacks facing the Internet autonomous domain, the embodiment of the present invention provides a method and device for detecting an LDoS attack facing the Internet autonomous domain

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting LDoS attack targeting Internet autonomous domain
  • Method and device for detecting LDoS attack targeting Internet autonomous domain
  • Method and device for detecting LDoS attack targeting Internet autonomous domain

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] The embodiment of the present invention provides a method for detecting an LDoS attack facing an Internet autonomous domain, see figure 1 , the method includes:

[0046] Step S11, from the historical traffic data of the Internet autonomous domain, obtain the data of traffic pulse characteristics and the network status corresponding to the traffic pulse characteristics, the traffic pulse characteristics include: pulse length, pulse period, and pulse intensity, the network status includes LDoS Attacked and not attacked by LDoS.

[0047] It should be noted that the traffic pulse of the LDoS attack facing the Internet autonomous domain has at least three important characteristics, including the pulse length L, the pulse period T, and the pulse intensity R. Among them, the pulse length L of the LDoS attack must be large enough to cause data packet loss and induce the BGP session using the Transmission Control Protocol (Transmission Control Protocol, referred to as "TCP") as...

Embodiment 2

[0073] An embodiment of the present invention provides an Internet autonomous domain-oriented LDoS attack detection device, which can be used to implement the method described in Embodiment 1, see Figure 4 , the device consists of:

[0074] The obtaining module 201 is used to obtain the data of traffic pulse characteristics and the network state corresponding to the traffic pulse characteristics from the historical traffic data of the Internet autonomous domain. The traffic pulse characteristics include: pulse length, pulse period, and pulse intensity. The network state Including being attacked by LDoS and not being attacked by LDoS.

[0075] It should be noted that the traffic pulse of the LDoS attack facing the Internet autonomous domain has at least three important characteristics, including the pulse length L, the pulse period T, and the pulse intensity R. Among them, the pulse length L of the LDoS attack must be large enough to cause data packet loss and induce the BGP ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for detecting an LDoS attack targeting an Internet autonomous domain. The method for detecting the LDoS attack targeting the Internet autonomous domain comprises steps of obtaining flow pulse characteristic data and a network state corresponding to the flow pulse characteristic from history flow data of the Internet autonomous domain, establishing an LDoS attack classified model with an unknown parameter according to a conditional random field algorithm, calculating the unknown parameter in the LDoS attack classified model according to the obtained flow pulse characteristic data and the network state corresponding to the flow pulse characteristic, and calculating a network state corresponding to the flow pulse characteristic data which is collected in real time according to the LDoS attach classified model, the unknown parameter of which is calculated. The method and device for detecting an LDoS attack targeting the Internet autonomous domain can effectively and accurately detect the LDoS attack targeting the Internet autonomous domain without changing a communication protocol.

Description

technical field [0001] The invention relates to the technical field of Internet security, in particular to a method and device for detecting an LDoS attack facing an Internet autonomous domain. Background technique [0002] As a key supporting part of the Internet, the inter-domain routing system based on the Border Gateway Protocol (BGP) is located in the control plane of the entire network, and is the main mechanism for the interconnection of different autonomous domains and the exchange of network reachability information in the Internet. , its security has an important impact on the entire Internet. However, due to design flaws in the BGP protocol (for example: security loopholes in the self-adaptive mechanism), the security problems of the inter-domain routing system have become increasingly prominent, especially in recent years. against traditional network attacks. [0003] Among them, Low rate Denial of Service (LDoS for short) is a new type of Denial of Service (Do...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 景晓军沈智杰刘永强郭毅段海新魏克
Owner SURFILTER NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com