Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network system, attack detection method and device and electronic equipment

An attack detection and network system technology, applied in the field of network security, can solve problems such as network paralysis and high pressure of controller data processing, and achieve the effect of reducing the pressure of centralized processing, improving the strength of anti-attack, and reducing the possibility of being compromised

Inactive Publication Date: 2020-08-04
GLOBAL ENERGY INTERCONNECTION RES INST CO LTD +6
View PDF8 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the embodiments of the present invention provide a network system, attack detection method, device, and electronic equipment to solve the problem that the controller is occupied with a large amount of data bandwidth when responding to network attacks, which causes the controller's data processing pressure to force the network to be paralyzed. question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network system, attack detection method and device and electronic equipment
  • Network system, attack detection method and device and electronic equipment
  • Network system, attack detection method and device and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0065] Such as image 3 As shown, it is a schematic structural diagram of a network system provided by Embodiment 1 of the present invention. The network system is suitable for an SDN network to deal with DDos attacks, and specifically involves a plurality of terminals 4 , a switch 1 , an attack processor 2 and a controller 3 .

[0066] Among them, the multiple terminals 4 may be mobile phones, computers, tablets and other smart devices capable of network data transmission; in addition, the terminals 4 also include normal business terminals and puppet terminals controlled by DDoS attack initiators. The terminal 4 may also be a sender / receiver / sender of abnormal traffic carried by the SDN network. The terminal 4 can send service flows to the SDN network or receive service flows sent by other devices from the network. Among them, the business traffic includes normal business access traffic and DDoS attack traffic sent after the terminal is compromised.

[0067] Optionally, the...

Embodiment 2

[0083] Such as Figure 5 Shown is a schematic diagram of a network system scenario provided by an embodiment of the present invention. This network is also applicable to the attack detection network. Compared with Embodiment 1, the difference is that first, multiple terminals are connected to a switch to form a local area network, wherein each local area network is configured with an attack processor. Secondly, multiple identical local area networks are set up, and the network system provided by this embodiment is obtained by connecting multiple local area networks with the controller, so as to realize the purpose of distributed detection of multiple terminals, thereby reducing the scope of attack , to ensure the normal operation of the network, and at the same time, because multiple switches are connected to the attack processor one by one, it can quickly respond to determine whether there is a network attack on the terminal, improve the anti-attack ability of the attack dete...

Embodiment 3

[0113] Such as Figure 11 As shown, it is a flow chart of an attack detection method provided by Embodiment 3 of the present invention. It involves the interaction process among terminals, switches, attack processors, and controllers. Taking the SDN network as an example, it is set up as the network system proposed in Embodiment 1, and the devices implementing the attack detection method include: OpenFlow switches, SDN controllers, attack processors and terminals (computer hosts). The specific steps of its attack detection method refer to Figure 11 Shown:

[0114] S40, the attack processor receives the message sent from the OpenFlow switch: an attack processor is inserted between the traditional OpenFlow switch and the SDN controller, and the attack processor is transparent to the switch / controller, that is, the connection between the switch and the controller The address of the interactive message between them will not reflect the existence of the attacking processor. Th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of network security, in particular to a network system, an attack detection method and device and electronic equipment. The network system comprises: a controller and at least one switch; and an attack processor, wherein the first port of the attack processor is connected with the controller, the second port of the attack processor is connected with theswitch, and the attack processor is used for carrying out attack detection on the message received from the second port. The attack processor is added between the controller and the switch, and message data detection and message data forwarding are carried out by utilizing the attack processor, so that the centralized processing pressure of the controller can be reduced through preprocessing of the attack processor which is deployed in a distributed manner when network attacks are dealt with, and the security of the controller is ensured while the network bandwidth is saved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a network system, an attack detection method, a device and electronic equipment. Background technique [0002] Software Defined Networking (SDN) is a network architecture that separates control and forwarding functions. Its centralized control method makes network management and application service configuration more flexible and convenient, and also facilitates the deployment of new network technologies, New protocol to foster network innovation. But at the same time of development, the security of SDN network has also attracted more and more attention. Especially the SDN controller is the core of SDN, how to ensure its network security has become one of the focuses of research. [0003] Distributed denial of service (Distributed denial of service, DDoS) attack is a highly harmful distributed, large-scale coordinated network attack method. The defense architecture co...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1416H04L63/1458H04L61/103
Inventor 刘世栋卜宪德喻强刘川姚继明郭云飞王炜虞跃陶静李维陆忞王永刚汪强郑元兵石琳姗李洋于佳
Owner GLOBAL ENERGY INTERCONNECTION RES INST CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products