Attack detection method, device, equipment and storage medium

A detection method and equipment technology, applied in the field of network security, can solve problems such as network attack detection errors, poor network attack detection accuracy, and surge in data traffic, and achieve the effect of reducing the false alarm rate

Active Publication Date: 2022-03-04
BIGO TECH PTE LTD
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But in the case of data centers across the Internet, see figure 1 , the first Internet data center 111 and the second Internet data center 112 are two different Internet data centers, data transmission and synchronization between the Internet data centers need to send a large amount of data, which will cause a surge in data traffic, and the attacking party 110 is not responsible for Internet data When the center conducts a distributed denial of service attack, sending a large number of attack data packets will also cause a surge in the traffic received by the Internet data center. The transmission is identified as a network attack, resulting in network attack detection errors and poor network attack detection accuracy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack detection method, device, equipment and storage medium
  • Attack detection method, device, equipment and storage medium
  • Attack detection method, device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0030] image 3 It is a scene architecture diagram of an attack detection method provided by the embodiment of the present invention. This embodiment is applicable to the detection of a distributed denial-of-service attack across Internet data centers. detection means, which can be implemented in hardware and / or software. see image 3 , the method of the embodiment of the present invention includes:

[0031] Step 101. Determine the current communication increment and historical communication increment according to the intranet communication data packets of the target network device.

[0032] Wherein, the target network device may be a gateway device of the Internet data center, and may be used to receive data packets sent through the network. The data packets may include data packets sent from the external network and service data packets sent from the internal network. The data packets can be forwarded to the server in the internal network.

[0033] Among them, the intran...

Embodiment 2

[0040] Figure 4It is a flow chart of an attack detection method provided by Embodiment 2 of the present invention. The embodiment of the present invention can be applied to devices in Internet data centers, and can detect network attacks on devices in Internet data centers. The embodiments of the present invention are described above On the basis of the embodiment of the invention, see Figure 4 , the method of the embodiment of the present invention includes:

[0041] Step 201, obtain the network data packet of the target network device through a bypass, and the network data packet whose destination address and source address are internal addresses is an intranet communication data packet.

[0042] Wherein, the network data packet can be the data packet obtained by the target network device, the network data packet can be used for data transmission and synchronization between Internet data centers, and the network data packet can include Transmission Control Protocol (TCP, ...

Embodiment 3

[0082] Figure 7 It is a schematic structural diagram of an attack detection device provided in Embodiment 3 of the present invention. The attack detection device provided in the embodiment of the present invention can execute the attack detection method provided in any embodiment of the present invention, and has corresponding functions for executing the method Modules and benefits. see Figure 7 , the device in this embodiment of the present invention includes: an increment determination module 301 and an attack determination module 302 .

[0083] Wherein, the increment determination module 301 is configured to determine the current communication increment and the historical communication increment according to the intranet communication data packets of the target network device.

[0084] The attack determination module 302 is configured to determine that the target network device suffers from a distributed denial of service attack if the current communication increment an...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses an attack detection method, device, equipment and storage medium. Wherein, the method includes: determining the current communication increment and the historical communication increment according to the intranet communication data packets of the target network device; Denial of service attack. The technical solution of the embodiment of the present invention realizes network attack detection across Internet data centers by analyzing and counting intranet communication data packets, and avoids data packets from being falsely reported due to rapid growth based on current communication increments and historical communication increments It is a distributed denial of service attack, which can reduce the false positive rate of network attacks and improve the accuracy of attack detection.

Description

technical field [0001] The embodiments of the present invention relate to the technical field of network security, and in particular, to an attack detection method, device, device, and storage medium. Background technique [0002] With the development of economy and science and technology, computer network technology is widely used in various fields, and the data in the information system becomes more and more important. The computer network connected to the information system is open and easy to be attacked and destroyed. It poses a threat to the security of information systems, so people have put forward higher requirements for computer network security. In the field of computer network security, due to distributed denial of service (Distributed Denial of Service, DDoS) attack will cause information system network bandwidth or occupation of system resources, resulting in information system can not be used normally. [0003] In the prior art, the DDoS attack detection meth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1408H04L63/1458
Inventor 张亮
Owner BIGO TECH PTE LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap