Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for preventing address spoofing attacks by ns reverse query

A technology of spoofing attack and reverse query, applied in transmission systems, electrical components, etc., can solve the problems of inappropriate complex scenarios, high maintenance costs, increased maintenance overhead, etc., and achieve the effect of preventing ND address spoofing attacks

Active Publication Date: 2021-02-26
武汉思普崚技术有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The IP-MAC binding technology adds a huge maintenance cost to the network administrator. The administrator must manually enter the IP-MAC binding table. This method is suitable for a relatively stable network environment and a small number of hosts. The network is complex and the number of hosts is large, so this method is not suitable; ND learning control generally works with IP-MAC binding technology. This method is to disable the learning function of ND neighbor entries on the interface. This method can also effectively solve ND spoofing attacks, but it has the same defect as IP-MAC binding; ND active protection is that the gateway device periodically sends free NA packets to update the ND entries of the hosts in the network. There are two problems in the scheme. The interval of periodic sending is likely to be attacked by address spoofing. At the same time, this method has high maintenance costs and requires administrators to continuously maintain the active protection list. It is not suitable for scenarios with complex network environments.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for preventing address spoofing attacks by ns reverse query
  • Method and system for preventing address spoofing attacks by ns reverse query
  • Method and system for preventing address spoofing attacks by ns reverse query

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] The embodiment of the present invention provides a method for NS reverse query to prevent address spoofing attacks, and its flowchart is as follows: figure 1 As shown, the method includes the following steps:

[0034] Obtaining the NS request message sent by the PC, recording the source IP and source MAC address of the NS request message, and generating a neighbor entry according to the source IP and source MAC address;

[0035] Obtain the incoming interface of the NS request message, encapsulate the NS request message according to the source IP and the incoming interface of the NS request message, and send the encapsulated NS request message to the PC as an NS reverse check request message, and at the same time add The tag of the sent NS anti-check request message is recorded in the item;

[0036] When sending an NS reverse query request message, record the timestamp of the NS reverse query request message in the corresponding neighbor entry, and regularly detect the ...

Embodiment 2

[0047] The embodiment of the present invention provides a method for NS reverse query to prevent address spoofing attacks, including the following steps:

[0048] After receiving the NS request message from the PC, the ND protector records the source IP and source MAC address of the NS message to generate a neighbor entry, and records the incoming interface of the message and the number of NS requests;

[0049] Encapsulate the NS request message according to the source IP and incoming interface, send the encapsulated request message to the PC, and record the sent NS reverse query request flag in the neighbor entry, and record the NS reverse query timestamp at the same time;

[0050] When the response message of the NS reverse check is not received, if the NS request message of the PC is received again, the number of NS requests in the neighbor entry will increase by 1;

[0051] The ND protector receives the NA response message of the anti-check NS message, then sets the ND ent...

Embodiment 3

[0054] The embodiment of the present invention provides a system for NS reverse query to prevent address spoofing attacks, including a neighbor entry generation module, an NS reverse query module, a message forwarding module, a time stamp recording module, and an aging processing module;

[0055] The neighbor entry generation module is used to obtain the NS request message sent by the PC, record the source IP and source MAC address of the NS request message, and generate a neighbor entry according to the source IP and source MAC address;

[0056] The NS reverse check module is used to obtain the NS request message incoming interface, encapsulate the NS request message according to the source IP and the NS request message incoming interface, and send the encapsulated NS request message as the NS reverse check request message to the PC, and record the tag of the sent NS anti-check request message in the neighbor entry;

[0057] The timestamp recording module is used to record th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for preventing an address spoofing attack by NS reverse query, belongs to the technical field of prevention of ND address spoofing, and solves the problems that the prior art is not suitable for complex networks and the number of hosts is huge. The method for preventing address spoofing attacks through NS reverse query comprises the following steps ofacquiring an NS request message sent by a PC to generate neighbor table entries; obtaining an NS request message incoming interface, packaging an NS request message, sending the packaged NS request message as an NS reverse query request message to a PC, and recording a mark of the sent NS sending request message in the neighbor table entry; and carrying out aging processing on the corresponding neighbor table entry, and determining whether to forward a service message corresponding to the IP address of the neighbor table entry according to whether an NA response message corresponding to the NSreverse query request message is received or not. Under the condition of not being limited by the network environment and the number of hosts, the ND address spoofing attack in the network environment is effectively prevented.

Description

technical field [0001] The invention relates to the technical field of preventing ND address spoofing, in particular to a method and system for preventing address spoofing attacks by NS reverse query. Background technique [0002] The ND protocol is a key protocol in the IPv6 protocol, but because the ND protocol does not provide an authentication mechanism, the nodes in the network are untrustworthy, and a series of attacks can be launched against the ND protocol, the most common of which is address spoofing attacks. Attackers use NS / NA / message to modify the MAC address of the victim host or the MAC address of the gateway, so that the victim host cannot communicate with the network normally. There are many ways to prevent ND address spoofing, including: IP-MAC binding, ND learning control , ND active protection and other technical means. [0003] The IP-MAC binding is to bind the IPv6 address and the MAC address, and the device will check the forwarded message and the NS m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1466
Inventor 张康康
Owner 武汉思普崚技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com