Traffic control security protection technology based on multi-level self-adjustment rate limiting

Abstract

The invention relates to the technical field of security protection and specifically relates to a traffic control security protection technology based on multi-level self-adjustment rate limiting, andthe technical scheme can effectively filter attack traffic of DDoS of different types and guarantee DNS access of regular users to the utmost extent. Multi-level self-adjustment rate limiting can prevent that one address segment or query traffic for some domain names occupies too much resources and consequently influences overall system performance. When abnormal increase of the query traffic oflocal IP segments or domain name segments appears, the abnormal increase may be caused by DDoS attacks, a defense function can be realized through multi-level rate limiting, a order self-adjustment technology of matrixes is set, a data packet is guaranteed to pass through the matrix in which the most data packets are dropped in a new cycle, thus, the number of the matrixes which the data passes through is reduced as much as possible, and overhead of system computing resource is saved.

Description

technical field [0001] The invention relates to the technical field of safety protection, in particular to a traffic control safety protection technology based on multi-level self-adjusting speed limit. Background technique [0002] DNS (Domain Name System) domain name system, as the basic service facility of the Internet, establishes a mapping relationship between domain names and precise IP addresses, enabling users to access websites, applications and services on the Internet. In recent years, with the continuous development of network applications and services, network attacks have become increasingly frequent. The main methods of DNS attacks include: DNS service content is tampered with and DNS servers are attacked by traffic. No matter what kind of attack it is, it will have a relatively large impact on the normal operation of the DNS server and the normal access to the Internet. At present, there are many defense measures against DNS attacks. The methods, characteri...

AI Technical Summary

Problems solved by technology

The domain name speed limit is mainly to prevent the DNS recursive attack of the prefix change, and effectively protect the DNS recursive server, but it cannot prevent the wrong domain name attack against the full hash

[0016] To sum up, various protection technologies have their own limitations, which makes it difficult to achieve effective protection against different types of DDoS attacks against a large number of botnets in the current network environment

At the same time, it may be difficult to accurately trace the source of the attacker in a complex live network environment. Therefore, how to effectively deal with a large number of DDoS attacks running on the full hash domain name on the UDP protocol is a major problem faced by network operators.

Images