DDoS attack protection system and method based on SDN and BGP process specifications

A protection system and process technology, applied in the field of network security, can solve problems such as difficult maintenance, indistinguishability, and impact on access control lists, and achieve the effect of saving costs and simplifying difficulties

Inactive Publication Date: 2020-02-21
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU +1
View PDF5 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of this protection method is that it is impossible to distinguish which is normal traffic and which is abnormal DD

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack protection system and method based on SDN and BGP process specifications
  • DDoS attack protection system and method based on SDN and BGP process specifications
  • DDoS attack protection system and method based on SDN and BGP process specifications

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to make the purpose, technical solution and advantages of the present invention more clear and understandable, the present invention will be further described in detail below in conjunction with the accompanying drawings and technical solutions.

[0026] The rapid development and deepening application of SDN has enriched traditional information security protection technologies and ideas, and will have a major impact on traditional information security. "SDN security" and "software-defined security" are not the same concept. The former is a security issue of new network technology itself; while the latter is not a technology, but an idea or a system architecture, emphasizing the use of software-based Security application and security control platform, centralized control, intelligent decision-making and agile response to solve the problem that simple stacking of security devices in the past cannot defend against complex and advanced security threats. see Figur...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of network safety, and particularly relates to a DDoS (Distributed Denial of Service) attack protection system and method based on SDN (Software Defined Network) and BGP (Border Gateway Protocol) process specifications, comprising: a monitoring device for monitoring router network traffic in real time and detecting abnormal traffic through a sensing device to obtain attack information; protective device, receiving attack information of the monitoring equipment, a network attack filtering platform based on a software-defined network is used for protecting abnormal flow, and a software-defined network controller which is used for carrying out data analysis on attack information and pushing a routing strategy to a router through a boundary gatewayprotocol flow specification is arranged in the filtering platform, so that the abnormal flow accommodating the attack information is filtered. According to the method, attacks and services are distinguished, passing of the service flow is guaranteed while the attack flow is suppressed, flow filtering analysis is finer, the situation that a normal service system cannot be used due to the fact thatlegal flow and illegal flow flowing to a target host are completely blocked is avoided, and the method has important guiding significance for network safety communication.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to a DDoS attack protection system and method based on SDN and BGP process specifications. Background technique [0002] Software defined networking (SDN for short), which decouples the traditional closed network system into data plane, control plane and application plane, is a reconstruction of traditional network infrastructure. , Wireless LAN and other fields have been applied. The idea of ​​SDN is to give more control to network users. In addition to design deployment and configuration changes, network software can also be reconfigured. There is an antagonistic relationship between SDN and Distributed Denial of Service (DDoS) attacks, and the features of SDN make it easy to detect and respond to DDoS attacks. SDN has many good properties, which provide many advantages for defending against DDoS attacks. [0003] At present, there are two main methods of protection ag...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1458
Inventor 卜佑军王涵王继陈博白冰周锟袁征马海龙伊鹏沈何阳石晨鸣
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap