Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DDoS attack detection method and equipment

An attack detection and equipment technology, applied in the Internet field, can solve problems such as inaccurate statistical data, excessive detection cycle traffic, and reduced attack detection accuracy. Effect

Active Publication Date: 2018-07-06
HUAWEI TECH CO LTD
View PDF4 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in the attack detection mechanism of the prior art, the data flow reported to the sampling analysis server in a certain detection cycle may be the sum of the traffic in multiple detection cycles, and the sampling analysis server records the data flow to the corresponding In the traffic statistics data in the detection cycle, the data traffic that does not belong to the detection cycle is counted into the traffic statistics data of the detection cycle, so that the traffic in the detection cycle is too large, resulting in the following figure 1 The statistical results shown, but in fact, the detection period (such as 15, 33, 171) with a large statistical traffic value may not be attacked by DDoS. Therefore, the accuracy of attack detection is reduced due to inaccurate statistical data

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack detection method and equipment
  • DDoS attack detection method and equipment
  • DDoS attack detection method and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention.

[0046] The terms "first", "second", "third" and "fourth" in the description and claims of the present invention and the drawings are used to distinguish different objects, rather than to describe a specific order . Furthermore, the terms "include" and "have", as well as any variations thereof, are intended to cover a non-exclusive inclusion. For example, a process, method, system, product or device comprising a series of steps or units is not limited to the listed steps or units, but optionally also includes unlisted steps or units, or optionally further includes For other steps or units inherent in these processes, methods, products or apparatuses.

[0047] Reference herein to an "embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a distributed denial of service DDoS attack detection method and equipment. The method comprises the following steps: acquiring a data stream sent to protection object equipment in each detection period and acquiring total duration of various data streams; dividing various data streams into long data streams or short data streams according to the total duration of various data streams; according to the passed detection period of the long data streams, numbering the total data traffic of the long data streams into the statistical traffic of various passed detection periods of the long data streams; stacking the data traffic of the short data streams occurring in various detection periods and the data traffic of the long data streams numbered into the corresponding detection period so as to determine the statistical traffic in each detection period; and determining a fact that the protection object equipment is under the DDoS attack in the detection period if thestatistical traffic exceeds the detection period of the preset traffic threshold. By adopting the detection method disclosed by the invention, the DDoS attack detection precision is improved, and a false alarm rate of the DDoS attack detection is reduced.

Description

technical field [0001] The present application relates to the technical field of the Internet, in particular to a distributed denial of service (Distributed Denial of Service, DDoS) attack detection method and device. Background technique [0002] DDoS attack refers to the combination of multiple computers as an attack platform, using reasonable service requests to occupy a large number of service resources of one or more target servers, so that legitimate users cannot get the service response of the server. [0003] As an intrusion detection mechanism, sampling devices (such as routers, switches, etc.) collect the information arriving at the protected device and send it to the sampling and analysis server, and the sampling and analyzing server regularly aggregates the statistical data of different data flows arriving at the same protected device. According to the statistical results of each detection cycle, it can be judged whether the protected device is attacked by DDoS. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1458H04L2463/141
Inventor 周冲王铁男
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products