Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Service access control method and device

The technology of a business access and control method is applied in the field of business access control methods and devices, which can solve problems such as exhaustion of target host resources or network resources, failure of request initiators to access services normally, and failure of hosts to provide services to legal users. The effect of improving recognition accuracy and ensuring high efficiency

Inactive Publication Date: 2019-02-15
JUHAOKAN TECH CO LTD
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Distributed Denial of Service attack (Distributed Denial of Service, DDoS) means that the attacker uses a large number of Internet computers implanted with backdoor Trojan horses to launch a large number of normal or abnormal requests to the target, exhausting the target host resources or network resources, so that The attacked host cannot provide services for legitimate users
In the prior art, when a DDoS attack occurs, the operation and maintenance personnel will automatically add the found request originator of the suspected attack source to the firewall through an automated script, thereby automatically blocking the service access initiated by the request originator, but this method will The request initiator has a high probability of being misjudged as a suspected attack source, and if the request initiator is misjudged as a suspected attack source, the misjudged request initiator will not be able to access the business normally for a long time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Service access control method and device
  • Service access control method and device
  • Service access control method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the present invention. Rather, they are merely examples of apparatuses and methods consistent with aspects of the invention as recited in the appended claims.

[0031] figure 1 is a schematic diagram of an implementation environment involved in accordance with the present disclosure. The implementation environment includes: a server 200 and at least one terminal 100 ( figure 1 Two are exemplarily shown in ).

[0032] The terminal 100 can be an electronic device such as a notebook computer or a desktop computer that can initiate a service access request t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a service access control method and device. The method comprises the following steps: acquiring network link behavior state data corresponding to a request initiator which initiates a service access request in automatic protection performed for the service; detecting whether a network link behavior triggered by the request initiator is a suspicious attack behavior accordingto the network link behavior state data; rejecting the request initiator with suspicious attack behavior to access to service in a dynamically controlled time range. On the one hand, the recognitionprecision of the suspicious attack behavior is improved; on the other hand, the server only reject the service access request initiated by the request initiator in the dynamically controlled time range for the request initiator detected as the suspicious attack behavior; for the request initiator misjudged as the suspicious attack behavior, the service can be visited as normal out of the time range, and effectiveness of the service protection is guaranteed.

Description

technical field [0001] The present disclosure relates to the field of computer technology, in particular to a service access control method and device. Background technique [0002] Distributed Denial of Service attack (Distributed Denial of Service, DDoS) means that the attacker uses a large number of Internet computers implanted with backdoor Trojan horses to launch a large number of normal or abnormal requests to the target, exhausting the target host resources or network resources, so that The attacked host cannot provide services for legitimate users. In the prior art, when a DDoS attack occurs, the operation and maintenance personnel will automatically add the found request originator of the suspected attack source to the firewall through an automated script, thereby automatically blocking the service access initiated by the request originator, but this method will The request initiator has a high probability of being misjudged as a suspected attack source, and if the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 郑梁夏章抓吴连朋
Owner JUHAOKAN TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products