Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Intrusion prevention method and apparatus based on OSPF routing protocol

A routing protocol and protection device technology, applied in the field of network communication, can solve the problems of high transmission bandwidth, impact of router efficiency, relatively high router computing requirements, etc., and achieve the effect of alleviating computing work

Active Publication Date: 2018-05-18
HANGZHOU DPTECH TECH
View PDF3 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The process of signing LSA packets and verifying LSA packets by routers has relatively high computing requirements for routers and high transmission bandwidth, so it will have a great impact on the efficiency of routers.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion prevention method and apparatus based on OSPF routing protocol
  • Intrusion prevention method and apparatus based on OSPF routing protocol
  • Intrusion prevention method and apparatus based on OSPF routing protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0061] In order to solve the attack based on the OSPF routing protocol in the prior art, Embodiment 1 of the present application proposes a new intrusion prevention method based on the OSPF routing protocol. See Figure 5 , Figure 5 It is a flow chart of an intrusion prevention method based on OSPF routing protocol shown in Embodiment 1 of the present application, which is applied to a router, and specifically performs the following steps:

[0062] Step 501: when an LSU message is received, obtain the message information of the LSU message and obtain the PCR value of the router sending the LSU message;

[0063] Step 502: Read the signature information carried in the LSU message; wherein, the signature information is the router that sends the LSU message, and completes the hash operation on the header information of the LSU message based on its own private key The information obtained after the header hash value and the own PCR value are hashed together to obtain the signatu...

Embodiment 2

[0084] Corresponding to the first embodiment of the foregoing intrusion prevention method based on the OSPF routing protocol, the present application also provides a second embodiment of an intrusion prevention device based on the OSPF routing protocol.

[0085] An embodiment of an intrusion prevention device based on an OSPF routing protocol in this application can be applied to a router. The device embodiments can be implemented by software, or by hardware or a combination of software and hardware. Taking software implementation as an example, as a device in a logical sense, it is formed by reading the corresponding computer program instructions in the non-volatile memory into the memory for operation through the processor of the router where it is located. From a hardware perspective, such as Image 6 As shown, it is a hardware structural diagram of a router where an OSPF routing protocol-based intrusion prevention device is located in this application, except Image 6 In...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an intrusion prevention method and apparatus based on an OSPF routing protocol, applied to a router. The method comprises the following steps: when an LSU message is received, obtaining message information of the LSU message, and obtaining a PCR value of the LSU message; reading signature information carried in the LSU message; comparing whether a verification hash value obtained by performing hash operation on a message header hash value obtained by the hash operation of the message header information of the LSU message and the PCR value of the router sending LSU message is the same as a signature hash value obtained by decrypting the signature information based on a public key of the router sending the LSU message; and if not, discarding the LSU message. By adoption of the technical method provided by the invention, the operation work of the router can be relieved, the transmission bandwidth is reduced, and the efficiency of the router is improved.

Description

technical field [0001] The present application relates to the technical field of network communication, in particular to an OSPF routing protocol-based intrusion prevention method and device. Background technique [0002] OSPF (Open Shortest Path First, Open Shortest Path First) is an interior gateway protocol of a routing protocol, which is applied to a single autonomous system and used to calculate routes. The process of a router calculating a route based on the OSPF routing protocol is divided into: discovering neighbors and maintaining neighbors, transmitting LSA messages (Link State Advertisement, link state broadcast), and calculating routes based on LSA messages. Wherein, the LSA message is carried in the LSU (Link State Update, link state update) message during the transmission process, and the same LSA message is saved in the database of each router in the same autonomous system. [0003] In the prior art, the attacker intercepts the LSA message when the router tra...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/32H04L12/721
CPCH04L9/3236H04L9/3247H04L45/14H04L63/08H04L63/1466
Inventor 杨印州
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com