A protection method of distributed denial of service attack based on RSSP-II protocol
A distributed denial and protocol technology, applied in electrical components, transmission systems, etc., can solve problems such as server paralysis, SYNflooding denial of service, failure to work normally, etc.
Inactive Publication Date: 2018-12-18
CHINA RAILWAYS CORPORATION +1
View PDF3 Cites 3 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
The characteristic of distributed denial of service is that hundreds of thousands of machines are concentrated to attack at the same time, causing the server to be paralyzed and unable to work normally.
[0003] The RSSP-II (Railway Signal Security Protocol-II) protocol can improve the security of wireless communication between RBC and other railway equipment and network communication between ground equipment, but it is not perfect enough, and there are still some security risks
At present, CTCS-3 high-speed railways use GSM-R-based railway wireless mobile communication for vehicle-ground communication. During the establishment of a secure connection session, it is necessary to verify the identity of the peer entity and perform TCP / IP-like communication. Three-way handshake communication, so there is a threat of SYN flooding denial of service
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment
[0033] like Figure 4 As shown, a kind of protection method based on the distributed denial of service attack of RSSP-II agreement provided by the present invention, this method mainly comprises the following steps:
[0034] Step S110: Encrypted transmission of data packets for peer entity identity verification;
[0035] Step S120: Collect and sort out the IDs of legal vehicle-ground equipment;
[0036] Step S130: Each vehicle-ground device stores the equipment numbers of other vehicle-ground devices communicating with it into the CTCS-ID table;
[0037] Step S140: updating the CTCS-ID table;
[0038] Step S150: The communication party A filters and checks the ID of the communication party B requesting to establish a secure connection with the CTCS-ID table, and verifies its legitimacy;
[0039] Step S160: If the ID of the communication party B is different from all the IDs in the CTCS-ID table, it is determined that the ID of the communication party B is forged, and the co...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention relates to a protection method of distributed denial of service attack based on RSSP-II protocol, belonging to the technical field of railway transportation communication security. The method includes: adopting encrypted transmission to data packets for peer-to-peer entity authentication, collecting ID of legal vehicle floor equipment; each vehicle location device storing the devicenumber of the other vehicle location devices communicated with the vehicle location device into a CTCS-ID table; updating the CTCS-ID table; Communicator A filtering and checking the ID and the CTCS-ID table of the Communicator B requesting the secure connection to verify its legitimacy; If the ID of Communicator B is different from all the IDs in the CTCS-ID table, determining that the ID of thecommunicator B is forged and the communication connection is disconnected. At that time of communication of the high-speed railway, the CTCS-ID as the unique identifier of the device via CTCS-ID filters the packets of the communication equipment, screens out the forged packets, and only accepts the legal packets to ensure the normal progress of the communication.
Description
technical field [0001] The invention relates to the technical field of railway transportation communication security, in particular to a protection method for distributed denial-of-service attacks based on the RSSP-II protocol. Background technique [0002] Denial of service attack (DoS attack) is a kind of attack in which individuals or multiple people use some loopholes in the Internet protocol to occupy the limited communication resources of the computer, resulting in the denial of other users' legal access to the system and information. The characteristic of distributed denial of service is that hundreds of thousands of machines are concentrated to attack at the same time, causing the server to be paralyzed and unable to work normally. [0003] RSSP-II (Railway Signal Security Protocol-II) protocol can improve the security of wireless communication between RBC and other railway equipment and network communication between ground equipment, but it is not perfect enough, an...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0227H04L63/0428H04L63/1458
Inventor 王剑蔡伯根董宁田开元廖元媛罗珍珍王锋
Owner CHINA RAILWAYS CORPORATION