Ddos attack defense method and device based on browser fingerprint recognition

A browser fingerprint and browser technology, applied in the field of network security, can solve problems such as poor, inability to distinguish attack traffic, and other users affecting defense effects, achieve fine-grained control, reduce network bandwidth and computer resource consumption, and network adaptation. strong effect

Active Publication Date: 2022-01-11
江南信安(北京)科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0015] To this end, the present invention provides a DDoS attack defense method and device based on browser fingerprint identification to solve the problem that the prior art cannot distinguish attack traffic, easily cause serious impact on other users in the same source IP, and have poor defense effects. question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ddos attack defense method and device based on browser fingerprint recognition
  • Ddos attack defense method and device based on browser fingerprint recognition
  • Ddos attack defense method and device based on browser fingerprint recognition

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0050] see figure 1 and figure 2 , providing a DDoS attack defense method based on browser fingerprint identification, comprising the following steps:

[0051] The network security device is set up on the front end of the Web server, and the HTTP request sent to the Web server is filtered by the network security device;

[0052] When the network security device receives the HTTP request, it extracts the fingerprint of the browser sending the HTTP request according to the preset statistical period, and obtains the browser fingerprint ID;

[0053] When each statistical period ends, the HTTP request feature calculation is performed to obtain a feature score, and the feature score is sorted from high to low to obtain the top N browser fingerprint IDs;

[0054] Captcha authentication and request rate limiting are performed on the top N browser fingerprint IDs in each statistical period.

[0055] In this embodiment, the browser fingerprint ID includes the source IP, the content ...

Embodiment 2

[0088] The present invention also provides a DDoS attack defense device based on browser fingerprint identification, the DDoS attack defense method based on browser fingerprint identification using the first aspect or any possible implementation thereof, including:

[0089] A network security device 1, the network security device is set up at the front end of the Web server, and the network security device is used to filter HTTP requests sent to the Web server;

[0090] The browser fingerprint acquisition module 2 is used to extract the fingerprint of the browser sending the HTTP request according to the preset statistical cycle when the network security device receives the HTTP request, and obtain the browser fingerprint ID;

[0091] The feature score acquisition module 3 is used to calculate the feature score of the HTTP request when each statistical cycle ends;

[0092] The feature score sorting module 4 is used to sort the feature score from high to low to obtain the top N...

Embodiment 3

[0096] Embodiment 3 of the present invention provides a computer-readable storage medium, in which the program code of the DDoS attack defense method based on browser fingerprint identification is stored. Instructions of the DDoS attack defense method based on browser fingerprint identification in any possible implementation manner.

[0097] The computer-readable storage medium may be any available medium that can be accessed by a computer, or a data storage device such as a server, a data center, etc. integrated with one or more available media. The available medium may be a magnetic medium (for example, a floppy disk, a hard disk, or a magnetic tape), an optical medium (for example, DVD), or a semiconductor medium (for example, a solid state disk (SolidStateDisk, SSD)) and the like.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The DDoS attack defense method and device based on browser fingerprint identification set up the network security device at the front end of the Web server, and filter the HTTP request sent to the Web server through the network security device; when the network security device receives the HTTP request, according to The preset statistical period extracts the fingerprint of the browser that sends the HTTP request to obtain the browser fingerprint ID; when each statistical period ends, the HTTP request feature calculation is performed to obtain the feature score, and the feature score is sorted from high to low to obtain the ranking Top N browser fingerprint IDs; captcha authentication and request rate limit are performed on the top N browser fingerprint IDs in each statistical cycle. The invention solves the problems that the prior art cannot distinguish the attack flow, easily causes serious impact on other users in the same source IP and has poor defense effect.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a DDoS attack defense method and equipment based on browser fingerprint identification. Background technique [0002] HTTP is the abbreviation of Hypertext transfer protocol, that is, hypertext transfer protocol. It is a data transfer protocol that specifies the rules for mutual communication between browsers and World Wide Web servers and transmits World Wide Web documents through the Internet. [0003] NAT is the abbreviation of Network Address Translation, that is, network address translation, which belongs to the technology of accessing wide area network (WAN). It is a conversion technology that converts private or reserved IP addresses into legal IP addresses of WAN. It is widely used in various types of Internet Access methods and various types of networks. NAT not only perfectly solves the problem of insufficient IP addresses, but also can effectively avoid attac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L67/02
CPCH04L63/1458H04L63/1425H04L67/02
Inventor 白锦龙刘瑞全张超
Owner 江南信安(北京)科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap