DDoS attack defense method and equipment

A technology with a device and a preset time period, applied in the field of network security, can solve the problems of economic loss of service providers, unsatisfactory protection effect of protection algorithm, and stripping of broiler users.

Active Publication Date: 2017-12-29
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF6 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Due to the similarity between bot group DDoS attacks and the behavior of normal users, conventional DDoS defense methods, such as analyzing and verifying the attacker’s protocol stack behavior, water

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack defense method and equipment
  • DDoS attack defense method and equipment
  • DDoS attack defense method and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0066] In order to make the purpose, technical solutions and advantages of the present invention clearer, the following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the drawings in the embodiments of the present invention.

[0067] Due to the certain similarity between the broiler flock and the normal users or the infected normal users, the data packets sent by them are no different from the normal traffic, so that the general defense methods cannot identify the DDoS attack, and thus cannot defend against the DDoS attack in time

[0068] In view of this, the embodiment of the present invention provides a new defense method for DDoS attacks. The defense method determines the behavior correlation between a behavior of a user interacting with the server and other behaviors. If a certain behavior of the user is related If the degree is within the corresponding preset fluctuation range, it can be considere...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DDoS attack defense method and equipment, and is used for enhancing the accuracy of distinguishing vulnerable users from the user group so as to make the effective protection strategy. The DDoS attack defense method comprises the steps that at least one behavior correlation set of each user is determined, wherein one behavior correlation set includes behavior correlation between the interaction behavior of one user and a server and other behaviors, and the behavior correlation is used for indicating the degree of association of one behavior with any behavior of other behaviors; at least one interval range is determined according to multiple behavior correlation included in at least one behavior correlation set, and one behavior correlation set is corresponding to one interval range; and if each behavior correlation of all the behavior correlation of the first user is ensured not to be within the corresponding interval range of the behavior correlation set of each behavior correlation within the preset period of time, the IP address of the first user is banned.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a DDoS attack defense method and equipment. Background technique [0002] Distributed denial of service (Distributed Denial of Service, DDoS) attack is a kind of network attack method, which usually uses broiler flocks as an attack platform or uses special attack software tools to send seemingly reasonable service requests to victim hosts to occupy a large amount of server resources , resulting in network congestion or exhaustion of server resources, causing the server to deny service to legitimate users. The broiler can be regarded as a computer device that has been infected with a Trojan horse virus and can be remotely controlled. [0003] Due to the similarity between bot group DDoS attacks and the behavior of normal users, conventional DDoS defense methods, such as analyzing and verifying the attacker’s protocol stack behavior, watermarking algorithm, etc., cannot s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 刘文辉陈裕涛何坤张磊
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap