Unlock instant, AI-driven research and patent intelligence for your innovation.

A DDOS defense method, device, device and medium based on programmable switch

A DDOS and switch technology, applied in the field of DDOS defense methods, equipment and media, and devices based on programmable switches, can solve problems such as generating a large amount of traffic, occupying broadband, and inaccessibility of normal traffic, and achieving the effect of saving user resources

Active Publication Date: 2022-04-15
浪潮思科网络科技有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] One or more embodiments of this specification provide a DDOS defense method, device, device, and medium based on a programmable switch, which are used to solve the following technical problems: when the server is attacked by DDOS, a large amount of traffic will be generated, and there will be A large number of invalid or slow requests occupy bandwidth, making normal traffic inaccessible

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A DDOS defense method, device, device and medium based on programmable switch
  • A DDOS defense method, device, device and medium based on programmable switch
  • A DDOS defense method, device, device and medium based on programmable switch

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The embodiment of this specification provides a DDOS defense method, device, equipment and medium based on a programmable switch. In order to enable those skilled in the art to better understand the technical solutions in this specification, the technical solutions in the embodiments of this specification will be clearly and completely described below in conjunction with the drawings in the embodiments of this specification. Obviously, the described The embodiments are only some of the embodiments in this specification, not all of them. Based on the embodiments of this specification, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the protection scope of this specification.

[0028] Distributed Denial of Service attack (Distributed Denial of Service, DDOS) means that multiple attackers in different locations launch attacks on one or several targets at the same time, or an attacker controls multiple machin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of this specification discloses a DDOS defense method, device, device and medium based on a programmable switch. The method includes: determining the running state of the server to be protected according to the access traffic of the server to be protected; when judging that the server to be protected is in a normal state, Dynamically train the programmable switch to record the first source IP that has visited the server to be protected; when it is determined that the server to be protected is suspected to be abnormal, if the second source IP and the first source IP in the pre-written whitelist are used, It is determined that the third source IP accessing the server to be protected is unfamiliar IP traffic; if it is identified based on the message information that the unfamiliar IP traffic is DDOS attack traffic, the traffic packet of the DDOS attack traffic is uploaded to the control plane of the programmable switch, and an alarm is issued , through the programmable switch to realize the identification of DDOS traffic and report it in time, which ensures that the server to be protected receives normal traffic and effectively saves user resources.

Description

technical field [0001] This specification relates to the field of network communication technology, and in particular to a DDOS defense method, device, equipment and medium based on a programmable switch. Background technique [0002] Distributed Denial of Service attack (Distributed Denial of Service, DDOS) means that multiple attackers in different locations launch attacks on one or several targets at the same time, or an attacker controls multiple machines in different locations and uses these machines to Simultaneously attacking the victim, since the origin of the attack is distributed in different places, this type of attack is called a distributed denial of service attack, in which there can be multiple attackers. [0003] A complete DDOS attack system consists of four parts: the attacker, the main control end, the agent end, and the attack target. The main control end and the agent end are used to control and actually launch the attack respectively. The main control ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1458H04L63/101H04L63/1408H04L63/1425H04L63/1416
Inventor 游小胜金义
Owner 浪潮思科网络科技有限公司