Supercharge Your Innovation With Domain-Expert AI Agents!

A large-capacity IP address interception method and device

An IP address, high-capacity technology, applied in the field of network security, can solve problems such as rising access delays and destroying user experience, and achieve the effects of reducing usage, improving comprehensiveness, and improving accuracy

Active Publication Date: 2021-10-15
STATE GRID INFORMATION & TELECOMM BRANCH
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of this application is to: reduce the time complexity of IP action matching to Θ(1), improve the accuracy of malicious IP address interception, solve the problem of increasing access delay and destroying user experience in order to ensure network security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A large-capacity IP address interception method and device
  • A large-capacity IP address interception method and device
  • A large-capacity IP address interception method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0022] Such as figure 1 As shown, the present embodiment provides a large-capacity IP address interception method, comprising: Step 1, extracting the IP address to be detected in the IP data packet, wherein any IP address to be detected includes a source IP address and a destination IP address;

[0023] Specifically, in the current standard "server-client" network model, the "server" that provides website services to the outside world is the destination, and the host that carries the common user "client" is the source. When a malicious network attacker attacks and accesses a server, it will inevitably expose its own fixed IP address. By analyzing the data packet and extracting the source IP address and destination IP address fields according to the transmission protocol structure, on the one hand, the source IP address is used to prevent attackers from submitting attack payloads to the server. On the other hand, use the destination IP address to prevent the server from initia...

Embodiment 2

[0052] Such as figure 2 As shown, this embodiment provides another method for intercepting large-capacity IP addresses. First, the source IP address and destination IP address in the IP data packet should be extracted. The IP address can be regarded as an integer in the interval [0,4294967296), which is denoted as 1 hereinafter. May wish to set the attacker's IP address as 1.2.3.4, then its corresponding IP address I is:

[0053] I=(((1*256+2)*256+3)*256+4)=16909060.

[0054] A bit-addressable motion vector starts at address S. Then the address space where the IP address I is located at [S, S+4294967296) is the memory space occupied by the motion vector. In the initial all-pass state, it is advisable to define "the bit state is 0" as the pass state, and "the bit state is 1" as the packet loss state. For the attacker's IP address I, the bit status of the address S+I can be detected to determine whether the IP data packet is allowed to pass.

[0055] This method can reduce...

Embodiment 3

[0057] Such as image 3 As shown, the present embodiment provides a large-capacity IP address interception device 100, including: an address extraction module 101, a calculation module 102, an action decision module 103 and an action execution module 104; the address extraction module 101 is used to extract IP addresses to be detected, wherein any IP address to be detected includes a source IP address and a destination IP address;

[0058] Specifically, in the current standard "server-client" network model, the "server" that provides website services to the outside world is the destination, and the host that carries the common user "client" is the source. When a malicious network attacker attacks and accesses a server, it will inevitably expose its own fixed IP address. By analyzing the data packet and extracting the source IP address and destination IP address fields according to the transmission protocol structure, on the one hand, the source IP address is used to prevent a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application discloses a large-capacity IP address interception method and device, wherein the method includes: step 1, extracting the IP address to be detected in the IP data packet, wherein any IP address to be detected includes a source IP address and a destination IP address Address; Step 2, calculate the integer addressing address according to the IP address to be detected and the preset memory address digits; Step 3, use the addressing mode to generate the action vector address space, and query the operation bit information corresponding to the integer addressing address; Step 4. Process the IP data packet according to the operation bit information, wherein the operation bit information includes release and packet loss. Through the technical solution in this application, the time complexity of IP action matching can be reduced to Θ(1), that is, as the number of malicious IP interception strategies increases, the IP action strategy matching time will not increase, which improves the interception of malicious IP addresses. It solves the problem of increasing access delay and destroying user experience in order to ensure network security.

Description

technical field [0001] The present application relates to the technical field of network security, in particular, to a large-capacity IP address interception method and a large-capacity IP address interception device. Background technique [0002] There is a policy list inside the firewall, and each policy list includes a five-tuple consisting of protocol, source IP, source port, destination IP, and destination port and corresponding actions, such as: release, packet loss. A running firewall needs to consume a certain amount of memory resources for each quintuple to establish a "policy matching data structure", and for each data packet, it needs to match the quintuples one by one in order. As the number of intercepted malicious IP addresses increases, the firewall will consume more memory resources to create quintuples corresponding to malicious IP addresses, and the time consumed by policy matching will increase linearly with the interception scale, that is, the network del...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0236
Inventor 张亚昊刘安胡威李静程杰郭永和王婵卢晓梅庞进
Owner STATE GRID INFORMATION & TELECOMM BRANCH
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com