Method for detecting and protecting CC attack based on nginx server and system thereof
A server and proxy service technology, applied in the field of detection and protection against CC attacks and systems based on nginx servers, can solve problems such as difficulty in extracting features, increase maintenance costs, and failure to detect them, so as to reduce costs, depend on other products, and improve detection effect of ability
Pending Publication Date: 2022-01-28
HANGZHOU DPTECH TECH
View PDF0 Cites 1 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0005] In addition, by analyzing the CC attack features, add the CC attack feature IPs to the blacklist to block their access to the website. Due to the large amount of user request data, it is difficult to extract features
Therefore, this method of blocking hackers from accessing the website is not easy to implement
[0006] Through the way of cookies, a token is defined for each visitor and stored in Cookies. When users visit, they must have the correct token to access the server. This method of detecting and preventing CC attacks requires the site server to be modified. , modify the business code, increase maintenance costs
At the same time, because CC attacks access pages that consume a lot of server resources, by controlling a small number of servers, some CC attacks support setting cookies, so that they cannot be detected
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0038] The specific implementations of the present disclosure will be described below, and it should be noted that in the process of specific descriptions of these implementations, for the sake of concise description, it is impossible for this specification to describe all the features of the actual implementations in detail. It should be understood that, in the actual implementation process of any embodiment, just like in the process of any engineering project or design project, in order to achieve the developer's specific goals and to meet system-related or business-related constraints, Often a variety of specific decisions are made, and this can vary from one implementation to another. In addition, it will also be appreciated that while such development efforts may be complex and lengthy, the technology disclosed in this disclosure will Some design, manufacturing or production changes based on the content are just conventional technical means, and should not be interpreted ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention relates to a system for detecting and protecting CC attacks based on an nginx server and a method thereof. The system comprises an nginx server configuration module, wherein a response slow log time threshold and an uploading protocol are configured in the system by the nginx server configuration module through an nginx server configuration file; a HTTP response slow log generation module used for generating a response slow log for the request of which the request response time difference exceeds the response slow log time threshold value or the request of which the response time difference does not exceed the response slow log time threshold value; a proxy service module used for transmitting the response slow log according to the uploading protocol, analyzing the response slow log by a response network to obtain a CC attack IP and processing the analyzed CC attack IP; and an CC attack analysis platform used for analyzing a CC attack IP according to the characteristics of the request, automatically adding the attack characteristics into a blacklist and issuing the blacklist to the proxy service module through a socket so as to analyze the CC attack IP and process the analyzed CC attack IP.
Description
technical field [0001] The present disclosure relates to a method and system for detecting and protecting against CC attacks based on an nginx server. More specifically, the present disclosure relates to a method and system for detecting and protecting CC attacks based on nginx servers by filtering out most of a large number of invalid HTTP requests through HTTP response slow logs to quickly detect CC attack IPs. Background technique [0002] A kind of DDOS distributed denial of service, CC attack simulates a large number of users to continuously visit pages that consume a large amount of server resources, exhausting server resources, such as accessing database applications and a large number of statistical applications, resulting in WEB servers, database server CPU, The IO utilization rate soars, making the web server unable to respond to normal web service requests, thus causing a denial of service attack. It has strong camouflage, and its access behavior simulates the ac...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55
CPCG06F21/552G06F21/554
Inventor 汪庆权
Owner HANGZHOU DPTECH TECH