Unlock instant, AI-driven research and patent intelligence for your innovation.

An easy-to-deploy and privacy-preserving ddos ​​prevention service system

A DDOS, service system technology, applied in the computer field, can solve problems such as little progress in academic proposals, privacy violations of large organizations, and unresolved problems, and achieve the effect of reducing packet processing overhead

Active Publication Date: 2021-01-01
HOHAI UNIV CHANGZHOU
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, recent industry interviews involving more than 100 respondents from 10 DDoS-vulnerable industries suggest that the problem is not being addressed
On the one hand, little progress has been made in actually deploying many of the academic proposals
On the other hand, the operating model of existing DDoS prevention service providers (such as Cloudflare, Akamai) is to target privacy violations of large organizations (such as governments)

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An easy-to-deploy and privacy-preserving ddos ​​prevention service system
  • An easy-to-deploy and privacy-preserving ddos ​​prevention service system
  • An easy-to-deploy and privacy-preserving ddos ​​prevention service system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] An easy-to-deploy and privacy-preserving DDOS prevention service system, the umbrella mechanism of the DDOS prevention service system of the present invention develops a three-layer defense building to block unwanted traffic. A user-specific layer enforcement policy defined by the victim takes precedence over the other two layers operating in parallel. Umbrella is only active when it notices properties of fault-tolerant DDoS attacks against interdomain links (e.g. links that cause severe packet loss). When the link returns to normal state, Umbrella stops traffic control and becomes idle. As part of the user-specific layer, the victim is free to define specific rules for determining when to initiate or terminate traffic control.

[0023] A. Flood mediation layer: Prevents amplification-based attacks where attackers send a large number of requests to public servers serving certain Internet protocols (eg, NTP, DNS, SSDP).

[0024] B. Traffic Congestion Resolution Layer: ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDOS prevention service system that is easy to deploy and protects privacy, flood throttling layer: used to stop amplification-based DDoS attacks through a protective umbrella, and separate victims from the public Internet, so that victims cannot contact the Internet Service Provider; Congestion Resolution Layer: used to prevent DDoS attacks relying on TCP communication through the umbrella, punishing attackers who are constantly injecting traffic in the face of congestive losses; and user-specific layer: the umbrella allows DDoS victims to perform their own actions during attack mitigation sensible traffic rules. The umbrella of the present invention is lightweight because it does not require hardware and software upgrades at the Internet core and clients. Umbrella is performance friendly because it is free under normal circumstances, it is completely idle, and it introduces negligible packet processing overhead while reducing attacks.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a DDOS prevention service system that is easy to deploy and protects privacy. Background technique [0002] see figure 1 and figure 2 , on the Internet, defense against Distributed Denial of Service (DDoS) attacks is a fundamental problem. However, recent industry interviews involving more than 100 respondents from 10 DDoS-vulnerable industries suggest that the problem is not being addressed. On the one hand, little progress has been made in actually deploying many of the academic proposals. On the other hand, the operating models of existing DDoS prevention service providers (such as Cloudflare, Akamai) are aimed at privacy violations of large organizations (such as governments). Contents of the invention [0003] In view of the above-mentioned defects of the prior art, the technical problem to be solved by the present invention is to provide an easy-to-deploy and priva...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/801H04L12/815H04L12/823H04L47/22H04L47/32
CPCH04L47/225H04L47/29H04L47/32H04L63/1416H04L63/1458
Inventor 曹元陈开泉周茗蕊
Owner HOHAI UNIV CHANGZHOU