Port scanning attack detection method and device and electronic equipment

A port scanning and attack detection technology, applied in secure communication devices, electrical components, user identity/authority verification, etc., can solve problems such as inaccurate port scanning attack detection, and achieve the effect of improving accuracy

Pending Publication Date: 2021-05-04
HANGZHOU DPTECH TECH
View PDF5 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the present application provides a port scan attack detection method, device, electronic equipment a...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Port scanning attack detection method and device and electronic equipment
  • Port scanning attack detection method and device and electronic equipment
  • Port scanning attack detection method and device and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0072] Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0073] The terminology used in this application is for the purpose of describing particular embodiments only, and is not intended to limit the application. As used in this application and the appended claims, the singular forms "a", "the", and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It should also be understood that the term...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a port scanning attack detection method and device and electronic equipment. The method is applied to safety protection equipment, and the method comprises the following steps: receiving a to-be-detected SYN message and an SYN_ACK message corresponding to the SYN message; counting a first number of the received SYN messages; counting the second number of the received SYN_ACK messages corresponding to the SYN message; detecting whether a difference value between the first number and the second number reaches a preset threshold value or not; and if yes, determining that the port scanning attack behavior exists. According to the method and the device, under the condition of ultra-large flow, a normal TCP connection establishment process can be prevented from being misjudged as the port scanning attack, so the accuracy of port scanning attack detection is improved.

Description

technical field [0001] The present application relates to the technical field of security protection, and in particular to a port scanning attack detection method, device, electronic equipment and machine-readable storage medium. Background technique [0002] Port scanning attack is a common network attack method. The attacker scans the ports of the target server one by one to find the open ports of the target server, and then exploits the vulnerabilities in the services assigned to these ports to attack. [0003] In practical applications, TCP SYN scanning is a common port scanning attack method. The principle is that the attacker can use the scanning program to send a SYN packet to the target server. The SYN packet contains several SYN (TCP connection establishment request) message; after the target server receives a SYN message, if the TCP port requested by the SYN message is open, it will return a SYN_ACK message in response to the SYN message, if the SYN If the TCP por...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/32
CPCH04L63/1425H04L9/3236
Inventor 黄港
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap