Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for defending against network hostile attack

A malicious attack and malicious technology, applied in the field of network security, can solve the problem of port malicious attack, lack of effective defense, etc., to achieve the effect of protecting access, enhancing security, and securing network services

Pending Publication Date: 2022-07-29
FENGHUO COMM SCI & TECH CO LTD +1
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Aiming at the above defects or improvement needs of the prior art, the present invention solves the problem that the port is not effectively defended when it receives a malicious attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for defending against network hostile attack
  • Method and device for defending against network hostile attack
  • Method and device for defending against network hostile attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0030] In the current firewall devices, the general protection measure is to block access according to the blacklist. This protection method can only be blocked according to the known blacklist, and must rely on the update of the blacklist, and the blacklist is usually only after being attacked. Updates are made and defenses are delayed. For high-performance firewall devices, the packet can also be parsed to determine whether it contains malicious feature fields. This method can identify and intercept attack behaviors in a timely manner, but requires the device to have better performance to parse packets and feature fields. In contrast, since the packet parsing and identification takes time, the packet forwarding time will be increased, and this method can only be defended after receiving malicious packets, that is, after actually being attacked. In an actual network environment, only a network node device with a firewall set up has the function of packet identification and in...

Embodiment 2

[0077] On the basis of the method for defending against malicious network attacks provided in the above-mentioned Embodiment 1, the present invention also provides a system for defending against malicious network attacks that can be used to implement the above method, such as Figure 4 As shown, it is a schematic diagram of an apparatus architecture according to an embodiment of the present invention.

[0078] It includes a management and control platform 1, a trap system device 2 and at least one firewall device 3, and the management and control platform 1, the trap system 2 and each firewall 3 device are interconnected through a network.

[0079] The management and control platform 1 analyzes the packet according to the method of step 101, determines whether there is a malicious attack according to the blacklist, connection tracking table and whitelist, adds the malicious attack information to the blacklist, and analyzes the possible malicious attack according to the method o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the field of network security, in particular to a method and a device for defending against network hostile attacks. The method mainly comprises the following steps: judging whether a current message is a malicious message or not, and adding a source IP and / or a destination IP of the malicious message into a blacklist; and judging the malicious degree of the malicious message, distributing the blacklist to firewall equipment in a specified interval according to the malicious degree, and intercepting the malicious message by the firewall equipment. According to the method and the system, the malicious attack can be defended in advance before the network equipment is subjected to the malicious attack, the security of a firewall is enhanced, the access of an abnormal IP to the equipment is protected, defense linkage between the equipment is carried out, and safer network service is provided.

Description

【Technical field】 [0001] The present invention relates to the field of network security, in particular to a method and device for defending against malicious network attacks. 【Background technique】 [0002] In the network environment of 2000, in addition to normal access to various communication nodes and service nodes, there may also be various malicious attack accesses. At present, a common malicious attack method in the network is to perform a large-scale port scan on a certain network segment, and then perform targeted attacks based on the scan results to obtain which services the customer has opened. [0003] For port scanning attacks, the traditional defense measure is to directly discard unused port accesses. On the other hand, the existing firewall system cannot directly discard the opened ports because they need to be used during communication, but does not distinguish between malicious scanning actions and normal access actions, and does not deal with the scanning...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/0209H04L63/1441
Inventor 薛宝军
Owner FENGHUO COMM SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com