Security attack detection method and device, computer equipment and storage medium

A technology of security attack and detection method, applied in the computer field, can solve the problem of high false detection rate of security attack detection, and achieve the effect of solving false detection rate, accurate detection and protection

Active Publication Date: 2019-09-20
SHENZHEN TENCENT COMP SYST CO LTD
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to solve the problem of high false detection rate in security attack detection in related technologies, each embodiment of the present invention provides a security attack detection method, device, computer equipment and storage medium

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security attack detection method and device, computer equipment and storage medium
  • Security attack detection method and device, computer equipment and storage medium
  • Security attack detection method and device, computer equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the present invention. Rather, they are merely examples of apparatuses and methods consistent with aspects of the invention as recited in the appended claims.

[0039] As mentioned above, DDOS-type security attacks mainly include: synack forgery attack, UDP (User Datagram Protocol, User Datagram Protocol) reflection attack, TCP (Transmission Control Protocol) reflection attack, etc.

[0040] Take TCP reflection attack as an example to illustrate the general process of security attack protection.

[0041] Such as figure 1As shown, the attacker forges the I...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a security attack detection method and device, computer equipment and a storage medium. The security attack detection method comprises the steps of acquiring mirror image flow; creating a session between the source end and the destination end according to the mirror image flow aiming at the source end which requests to be connected with the destination end; discarding a first specific message corresponding to the session in the mirror image flow, and waiting for the source end to retransmit the first specific message; forwarding the first specific message retransmitted by the source end to the destination end, and detecting whether the source end enters a connection establishment state or not by tracking the session; and if it is detected that the source end does not enter the connection establishment state, determining that the destination end is subjected to the TCP reflection attack from the source end, and intercepting the flow corresponding to the session in the flow to be transmitted to the destination end. By adopting the method and the device, the problem of high false detection rate in security attack detection in the prior art is solved.

Description

technical field [0001] The present invention relates to the field of computer technology, in particular to a security attack detection method, device, computer equipment and storage medium. Background technique [0002] DDOS is the abbreviation of Distributed Denial of Service in English, which is "distributed denial of service". The DDOS type of security attack refers to the fact that the attacker initiates a large number of seemingly legitimate but malicious business requests to the attack target (such as a server) by controlling a botnet distributed throughout the Internet, in order to consume or occupy a large amount of resources of the attack target for a long time. As a result, the attack target cannot respond to normal business requests, thereby achieving the goal of denial of service by the attack target. [0003] Currently, DDOS-type security attacks mainly include: synack forgery attack, UDP (User Datagram Protocol, User Datagram Protocol) reflection attack, TCP (...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458H04L69/16
Inventor 陈国
Owner SHENZHEN TENCENT COMP SYST CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap