Unlock instant, AI-driven research and patent intelligence for your innovation.

A method, device, electronic equipment and storage medium for mitigating ddos ​​attacks

A technology for attacking equipment and electronic equipment, applied in the field of network security, which can solve the problem of low accuracy in mitigating DDoS attacks

Active Publication Date: 2022-04-29
CHINA MOBILE COMM LTD RES INST +1
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] The embodiment of the present invention provides a method, device, electronic equipment and storage medium for mitigating DDoS attacks, so as to solve the problem of low accuracy in mitigating DDoS attacks in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method, device, electronic equipment and storage medium for mitigating ddos ​​attacks
  • A method, device, electronic equipment and storage medium for mitigating ddos ​​attacks
  • A method, device, electronic equipment and storage medium for mitigating ddos ​​attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0055] figure 2 It is a flowchart of a method for mitigating distributed denial of service attacks provided by an embodiment of the present invention, and the method includes:

[0056] S201: Obtain attribute information of the attacked device according to the received mitigation request sent by the attacked device, where the attribute information includes an IP address and a first protocol of the attacked device.

[0057] The embodiment of the present invention mitigates the DDoS attack on the basis of the DOTS framework. Specifically, the method for mitigating the DDoS attack provided by the embodiment of the present invention is applied to a DOTS server.

[0058] Based on the DOTS framework, the attacked device detects a DDoS attack and informs the DOTS Client of the attack details. The DOTS Client sends a mitigation request to the DOTS Server. After receiving the mitigation request, the DOTS Server needs to Obtain the attribute information of the attacked device. Specifi...

Embodiment 2

[0071] On the basis of the foregoing embodiments, in order to further alleviate the DDoS attack, the described protocol and IP address range for cleaning according to the preserved cleaning device, and judging whether there is a target cleaning device capable of cleaning the attacked device includes:

[0072] According to the saved IP address range that can be cleaned by each mitigation provider, determine whether there is a target IP address range that matches the IP address of the attacked device, and if so, provide the mitigation corresponding to the matched target IP address range vendors as targeted mitigation providers;

[0073] According to the cleaning protocol of each cleaning device provided by the target mitigation provider, it is judged whether there is a second protocol matching the first protocol of the attacked device.

[0074] In order to further mitigate DDoS attacks, different mitigation providers can mitigate different IP address ranges of attacked devices i...

Embodiment 3

[0080] In order to mitigate DDoS attacks more accurately, on the basis of the above-mentioned embodiments, the attribute information further includes information about the used bandwidth of the attacked device;

[0081] After the determination that there is a target cleaning device capable of cleaning the attacked device, before sending the information of the attacked device to the target cleaning device, the method further includes:

[0082] According to the used bandwidth information of the attacked device, determine whether there is a first target cleaning device capable of completely cleaning the attacked device;

[0083] If it exists, go to the next step;

[0084] If it does not exist, select the second target cleaning device with the largest cleaning capacity, and perform subsequent steps.

[0085]Since the cleaning capabilities of different cleaning devices are different, in order to completely clean the attacked device, in the embodiment of the present invention, it i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method, device, electronic equipment and storage medium for mitigating DDoS attacks. The method for mitigating DDoS attacks includes: acquiring attribute information of the attacked equipment according to the received mitigation request sent by the attacked equipment, Wherein the attribute information includes the IP address and the first protocol adopted by the attacked device; according to the saved cleaning device cleaning protocol and IP address range, it is judged whether there is a target cleaning device capable of cleaning the attacked device; If it exists, send the information of the attacked device to the target cleaning device, so that the target cleaning device can clean the attacked device, so that the normal service flow of the attacked device will not be lost, and the affected device will not be affected. Attack the normal business of the device.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a method, device, electronic equipment and storage medium for mitigating DDoS (Distributed Denial of Service, Distributed Denial of Service) attacks. Background technique [0002] In recent years, distributed denial of service (Distributed Denial of Service, DDoS) attack methods have become increasingly diversified, and the frequency of large-traffic attacks has increased sharply. However, the current method of resisting DDoS attacks is based on single-point resistance to DDoS attacks. For example, build anti-DDoS equipment in the computer room, or establish anti-DDoS linkage processing and cloud cleaning center to jointly prevent DDoS attacks in a small area. These methods cannot fully defend against DDoS attacks. In order to defend against DDoS attacks on a network-wide scale, the Internet Engineering Task Force (IETF) proposed the DOTS framework. The framewo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1458H04L63/1408
Inventor 陈美玲彭晋冉鹏
Owner CHINA MOBILE COMM LTD RES INST