Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Active defense DDOS system based on SDWAN

A DDOS and active defense technology, applied in the transmission system, electrical components, etc., can solve the problems of untimely and time-consuming network defense, and achieve high response speed and defense efficiency, fast and accurate defense

Active Publication Date: 2021-09-14
浙江德迅网络安全技术有限公司
View PDF11 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, when the current large-scale traffic and large-scale DDOS attacks occur, the network service defense system based on SDN cannot respond quickly to quickly formulate an appropriate defense strategy, resulting in the problem of untimely and time-consuming network defense. , therefore, the SDWAN-based network security system has entered the field of vision of the industry

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Active defense DDOS system based on SDWAN
  • Active defense DDOS system based on SDWAN
  • Active defense DDOS system based on SDWAN

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0016] Embodiment: the attack of DDOS has three kinds of forms, specifically SYN / ACKFlood attack, TCP full connection attack, brush Script script attack.

[0017] The SYN / ACKFlood attack mainly sends a large number of SYN or ACK packets with forged source IP and source port to the victim host, causing the host's cache resources to be exhausted or busy sending response packets, resulting in denial of service. A large number of SYN / ACKFlood attacks will cause Ping failure, TCP / IP stack failure, and the system will freeze, that is, it will not respond to the keyboard and mouse. Most ordinary firewalls cannot resist such attacks.

[0018] TCP full-connection attack is designed to bypass the inspection of conventional firewalls. In general, most conventional firewalls have the ability to filter DOS attacks such as TearDrop and Land. Once there are a large number of TCP connections, even normal ones, it will cause the website to The access is very slow or even inaccessible. The TCP ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an active defense DDOS system based on an SDWAN. The system comprises a cloud service platform; an SDWAN controller; an attack monitoring module is used for collecting attack data in a public network; an attack data analysis module is used for extracting attack features in the attack data; a DDOS attack defense module interacts attack characteristics through a plurality of SDWAN controllers and matches corresponding defense strategies; an attack response defense module is used for pre-formulating a defense strategy; when the attack monitoring module detects that a user is attacked, attack data is sent to an attack data analysis module for attack feature extraction, and a corresponding defense strategy is matched according to attack features in the cloud service platform through data interaction of the multiple SDWAN controllers so as to defend a previous attack event; Meanwhile, a pre-formulated defense strategy corresponding to a virtual feature approximate to the attack feature in the attack response defense module is called for active defense. According to the active defense DDOS system based on the SDWAN, the defense efficiency is relatively high when a DDOS attack event occurs.

Description

technical field [0001] This application relates to the technical field of network security defense, specifically a SDWAN-based active defense DDOS system. Background technique [0002] With the development of network technology and Internet economy, network services have penetrated into various fields such as social production, life and national security. Therefore, the issue of network security becomes more and more important. The SDN in the prior art has strong perception management and control capabilities and intelligent scheduling capabilities. However, when the current large-scale traffic and large-scale DDOS attacks occur, the network service defense system based on SDN cannot respond quickly to quickly formulate appropriate defense strategies, resulting in untimely and time-consuming problems of network defense. , Therefore, SDWAN-based network security system has entered the field of vision of the industry. Contents of the invention [0003] The purpose of this...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1458H04L63/205
Inventor 叶德望林勇郑周行
Owner 浙江德迅网络安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com