Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Reflection attack detection method and device and electronic equipment

A reflection attack and detection method technology, applied in the field of network security, can solve problems such as economic loss, great harm, and low cost, and achieve the effects of improving security, reducing operating burden, and responding quickly

Active Publication Date: 2021-09-03
BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] DDoS (Distributed Denial of Service, Distributed Denial of Service attack) reflection amplification attack is a DDoS attack method with low cost, difficult source tracing, and great harm. Generate huge traffic, which not only affects the normal use of users, but may also cause certain economic losses
For example, in the DNS (Domain Name System, Domain Name System) reflection attack method, it is assumed that the length of the data part of the DNS request message is about 40 bytes, and the length of the data part of the response message may be as high as 4000 bytes. That is to say, the use of reflection attacks can produce about 100 times the amplification effect, so the attacker only needs to control a network that can generate 150M traffic to carry out large-scale (about 15G) DDoS attacks, which is extremely harmful
On the other hand, with the development of the Internet of Things and 5G communication technology, new protocols with security vulnerabilities have emerged one after another. The number of reflection source devices using these new protocols is huge, making the situation of network security defense increasingly severe.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Reflection attack detection method and device and electronic equipment
  • Reflection attack detection method and device and electronic equipment
  • Reflection attack detection method and device and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and they should be regarded as exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.

[0036] In the current network security confrontation scenario, security personnel usually quickly restore reflection attack methods and issue attack reports, so as to provide early warning of network attacks, promote reflection source governance, and achieve the purpose of mitigating network attacks. However, in most scenarios, for the sampled protocol data, it mainly r...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a reflection attack detection method and device, electronic equipment, a storage medium and a computer program product, and relates to the technical field of network security. The method comprises the following steps: acquiring a protocol load used by a response data packet and an address of a corresponding reflection server; obtaining a protocol name corresponding to the protocol load based on a preset protocol template library; generating a first request data packet load according to a request protocol template corresponding to the protocol name in the preset protocol template library; constructing a second request data packet load based on the first request data packet load; performing UDP detection by using the second request data packet load to obtain a UDP response data packet; and if the UDP response data packet is consistent with the sampled response data packet, determining the second request data packet load as the request data packet load subjected to the reflection attack. According to the invention, the reflection attack technique can be quickly restored.

Description

technical field [0001] The present disclosure relates to the technical field of network security, in particular to a reflective attack detection method, device, electronic equipment, storage medium and computer program product. Background technique [0002] DDoS (Distributed Denial of Service, Distributed Denial of Service attack) reflection amplification attack is a DDoS attack method with low cost, difficult source tracing, and great harm. Huge traffic is generated, which not only affects the normal use of users, but also may cause certain economic losses. For example, in the DNS (Domain Name System, Domain Name System) reflection attack method, it is assumed that the length of the data part of the DNS request message is about 40 bytes, and the length of the data part of the response message may be as high as 4000 bytes. That is to say, the use of reflection attack techniques can produce an amplification effect of about 100 times, so the attacker only needs to control a n...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06F21/55
CPCH04L63/1458H04L63/126G06F21/55
Inventor 李丹青
Owner BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com