Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Reflection attack detection method, device and electronic equipment

A technology of reflection attack and detection method, applied in the field of network security, can solve the problems of economic loss, great harm, low cost, etc., and achieve the effect of improving security, reducing workload, and responding quickly.

Active Publication Date: 2022-05-06
BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] DDoS (Distributed Denial of Service, Distributed Denial of Service attack) reflection amplification attack is a DDoS attack method with low cost, difficult source tracing, and great harm. Generate huge traffic, which not only affects the normal use of users, but may also cause certain economic losses
For example, in the DNS (Domain Name System, Domain Name System) reflection attack method, it is assumed that the length of the data part of the DNS request message is about 40 bytes, and the length of the data part of the response message may be as high as 4000 bytes. That is to say, the use of reflection attacks can produce about 100 times the amplification effect, so the attacker only needs to control a network that can generate 150M traffic to carry out large-scale (about 15G) DDoS attacks, which is extremely harmful
On the other hand, with the development of the Internet of Things and 5G communication technology, new protocols with security vulnerabilities have emerged one after another. The number of reflection source devices using these new protocols is huge, making the situation of network security defense increasingly severe.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Reflection attack detection method, device and electronic equipment
  • Reflection attack detection method, device and electronic equipment
  • Reflection attack detection method, device and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and they should be regarded as exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.

[0036] In the current network security confrontation scenario, security personnel usually quickly restore reflection attack methods and issue attack reports, so as to provide early warning of network attacks, promote reflection source governance, and achieve the purpose of mitigating network attacks. However, in most scenarios, for the sampled protocol data, it mainly r...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The disclosure provides a reflective attack detection method, device, electronic equipment, storage medium and computer program product, and relates to the technical field of network security. The method includes: obtaining the protocol load used by the response data packet and the address of the corresponding reflection server; obtaining the protocol name corresponding to the protocol load based on a preset protocol template library; according to the request protocol corresponding to the protocol name in the preset protocol template library The template generates a first request packet payload; constructs a second request packet payload based on the first request packet payload; uses the second request packet payload to perform UDP detection to obtain a UDP response packet; if the UDP response packet matches If the sampled response data packets are consistent, then the second request data packet payload is determined to be the request data packet payload subject to reflection attack. Utilizing the present disclosure can quickly restore the reflection attack technique.

Description

technical field [0001] The present disclosure relates to the technical field of network security, in particular to a reflective attack detection method, device, electronic equipment, storage medium and computer program product. Background technique [0002] DDoS (Distributed Denial of Service, Distributed Denial of Service attack) reflection amplification attack is a DDoS attack method with low cost, difficult source tracing, and great harm. Huge traffic is generated, which not only affects the normal use of users, but also may cause certain economic losses. For example, in the DNS (Domain Name System, Domain Name System) reflection attack method, it is assumed that the length of the data part of the DNS request message is about 40 bytes, and the length of the data part of the response message may be as high as 4000 bytes. That is to say, the use of reflection attack techniques can produce an amplification effect of about 100 times, so the attacker only needs to control a n...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L47/11G06F21/55
CPCH04L63/1458H04L63/126G06F21/55
Inventor 李丹青
Owner BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com