Method and apparatus for detecting network flooding attack

A flood attack and detection method technology, applied in the field of computer networks, can solve problems such as inaccurate threshold configuration, and achieve the effects of reducing customer complaints, great flexibility, and improving accuracy

Active Publication Date: 2018-06-29
BEIJING ANBOTONG TECH CO LTD
View PDF12 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present application provides a method and device for detecting network flooding attacks to solve the problem of inaccurate threshold configuration in the detection process of flooding attacks in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for detecting network flooding attack
  • Method and apparatus for detecting network flooding attack
  • Method and apparatus for detecting network flooding attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to detect the network flooding attack on the server, it is necessary to connect the detection device to the network to be detected, which can be accessed from the bypass or serially.

[0023] Bypass or serially connect the detection device to the network to be detected

[0024] see figure 1 , is a flow chart of a method for detecting a network flood attack provided by the present application. like figure 1 As shown, the method includes:

[0025] 101. Set detection start parameters.

[0026] The detection startup parameters include the network interconnection protocol IP address of the server to be detected and the preset protection threshold. The IP address is used to select the server to be detected, and to detect the network flood attack on the server to be detected. The preset protection threshold is selected before detecting network flood attacks. It is an empirical value and a general value. The preset protection threshold is not a specific threshold...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and apparatus for detecting a network flooding attack, and relates to the technical field of computer network. The problem of inaccurate threshold configuration in a detection process of the flooding attack in the prior art is solved. The method comprises the following steps: setting detection startup parameters, wherein the detection startup parameters comprise anInternet protocol IP address of a to-be-detected server and a preset protection threshold; performing statistics on a maximum frequency value of the to-be-detected server to establish a transmissioncontrol protocol TCP connection within a preset learning time according to the IP address, wherein the maximum frequency value is the maximum value of the TCP connection established within a preset period; calculating a detection threshold of the to-be-detected server according to the maximum frequency value; performing statistics on real-time frequency of the to-be-detected server to establish the TCP connection according to the preset period; judging whether the real-time frequency is greater than the detection threshold; and if the judgment result is yes, determining that the to-be-detectedserver is subjected to the flooding attack. The method and apparatus disclosed by the invention are mainly used in a process of preventing the network flooding attack.

Description

technical field [0001] The present application relates to the technical field of computer networks, in particular to a method and device for detecting network flooding attacks. Background technique [0002] A computer network typically includes a collection of interconnected computing devices that exchange data and share resources, including web servers, database servers, file servers, routers, printers, end-user computers, and other devices. In order to provide a common foundation and standard framework for the interconnection of heterogeneous computers, and to provide a common reference for maintaining the consistency and compatibility of related standards, the Open System Interconnection (OSI) reference model is designed. The OSI model is a layered model of communication functions established for the realization of open system interconnection. From low to high, they are: physical layer, data link layer, network layer, transport layer, session layer, presentation layer and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458H04L69/163H04L2463/146
Inventor 曾祥禄
Owner BEIJING ANBOTONG TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap