Attack traffic shunting and blocking method based on topology analysis

A technology of attack traffic and topology analysis, applied in digital transmission systems, data exchange networks, electrical components, etc., can solve problems such as low blocking efficiency of countermeasure mechanisms and network congestion

Inactive Publication Date: 2020-04-21
SOUTHEAST UNIV +3
View PDF5 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the invention is: in order to overcome the deficiencies in the prior art, the present invention provides a method for diverting and blocking attack traffic based on topology

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack traffic shunting and blocking method based on topology analysis
  • Attack traffic shunting and blocking method based on topology analysis
  • Attack traffic shunting and blocking method based on topology analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0115] figure 1 Shown is a flow chart of the method for diverting and blocking attack traffic based on topology analysis in the present invention.

[0116] Such as figure 1 Shown: This embodiment adopts the network architecture of software-defined network, including controllers and switches. The controller is built with Ryu and supports the OpenFlow protocol; the switch is built with Open vSwitch, and interacts with the controller through the OpenFlow protocol. The controller is responsible for forwarding and controlling the message data of the entire network, and the switch forwards the message data according to the forwarding rules issued by the controller. The controller transmits forwarding rules to the switch through the flow entry of the OpenFlow protocol, and manages and controls the switch through the simple network management protocol. The method proposed in this patent first obtains the network topology through multiple discovery strategies. When a traffic-based n...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an attack traffic shunting and blocking method based on topology analysis, and the method comprises the steps: obtaining a network topology based on a plurality of types of discovery strategies to acquire the topology architecture of a whole network, and form a topological graph; in a network attack stage, achieving shunting of network flow by adopting a method based on shunting of K shortest paths; and based on host behavior characteristics, tracing network attacks by utilizing a machine learning algorithm, and implementing active blocking by adopting a message real-time filtering scheme based on a flow table. Tests show that the scheme has the characteristics of low system overhead, good pressure resistance and high blocking accuracy, and has high practical value.

Description

technical field [0001] The invention relates to a network attack protection technology method, in particular to a method for diverting and blocking attack flow based on topology analysis. Background technique [0002] A cyber attack is any type of offensive action against a computer information system, infrastructure, computer network or personal computer equipment. Network attacks have the characteristics of various methods and strong concealment, and once successful, it will paralyze thousands of network devices in the network, seriously threatening social and national security. Network attacks such as distributed denial of service attacks mainly cause network congestion by generating a large amount of network data, consume network bandwidth resources, and lead to a significant decline in overall network performance. Therefore, how to effectively counter network attack traffic has become one of the current research focuses on network attack protection. [0003] Common co...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24H04L12/721H04L12/935H04L49/111
CPCH04L63/1441H04L41/12H04L41/0213H04L49/3009H04L45/32H04L2463/146
Inventor 樊明宋宇波陈璐杨慧文邓峰杰杨俊杰胡爱群蔡宇翔肖琦敏潘丹
Owner SOUTHEAST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap