Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Evidence obtaining method and system for DDoS attack

A technology for analyzing algorithms and electronic evidence, applied in the field of computer networks, to achieve the effect of preventing network paralysis and simple and efficient operation

Active Publication Date: 2020-12-25
NANJING UNIV
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But at present, there is no satisfactory evidence collection method in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Evidence obtaining method and system for DDoS attack
  • Evidence obtaining method and system for DDoS attack
  • Evidence obtaining method and system for DDoS attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The technical solutions provided by the present invention will be described in detail below in conjunction with specific examples. It should be understood that the following specific embodiments are only used to illustrate the present invention and are not intended to limit the scope of the present invention.

[0048] figure 1 The flow chart of the method for obtaining evidence for DDoS attacks provided by the present invention includes the following steps:

[0049] Step 1: Report exception information form. In our model, the client detects Botnet IRC behavior. If the action involves an unreported IRC channel, it submits the C2 info form to the server. The C2 information table includes the following information: IRC channel, client IP, and botnet ID. If the client detects a new DDoS attack, it submits the attack information table to the server. The DDoS attack information table includes the following information: the host IP that initiates the attack, the host IP th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an evidence obtaining method and system for a DDOS attack. The method comprises the following steps: reporting an abnormal information table; analyzing the information table; and representing a FMS data packet. The system comprises an NS2 simulation module, an anomaly reporting module, an analysis algorithm module and a fragment packet marking method module. According to the system, the network environment and the network nodes are simulated by using the NS2, so that not only can the real network environment be simulated, but also network paralysis caused by actual attacks can be prevented. All analysis algorithms can be realized in NS2 simply and efficiently without complex tools. According to the method, a botnet and DDoS attack electronic evidence analysis methodis used, fragment data packet marks are used when a server analyzes the electronic evidences so as to track the source and path reconstruction of a router, and therefore the scale recognition rate isincreased to 93%.

Description

technical field [0001] The invention relates to the technical field of computer networks, relates to an attack evidence collection model, in particular to a evidence collection method for collecting and identifying details hidden in DDoS attacks and a system capable of realizing the method. Background technique [0002] The Internet has brought convenience to people's lives by allowing information to be exchanged quickly, but it also has disadvantages due to technical limitations, because it has "no central management agency", and the Internet has an open window for cybercriminals to launch attacks. [0003] DDoS attack is one of the popular attacks on the Internet. Distributed Denial of Service (DDoS) is developed based on denial of service attacks. DDoS attacks are different from traditional hacking attacks. When the computing power of the host continues to increase, once the host becomes a "machine", it means that it can send more attack packets within a certain period ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/24H04L29/06
CPCH04L41/145H04L63/1416H04L63/1425H04L63/1458
Inventor 伏晓骆云骆斌
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com