Method of defending network transmission control protocol sync message from overflowing attack

A technology of control protocol and synchronization message, applied in transmission system, digital transmission system, data exchange through path configuration, etc., can solve the problem of wasting server system resources, and achieve the effect of avoiding system resources

Inactive Publication Date: 2004-01-21
HUAWEI TECH CO LTD
View PDF0 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] The purpose of the present invention overcomes the shortcoming of the waste of server system resources in the prior art, proposes a method for defending network transmission control protocol synchronization message flood attack, and ensures that the protected server is completely free from TCP SYN Flood attack damage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of defending network transmission control protocol sync message from overflowing attack
  • Method of defending network transmission control protocol sync message from overflowing attack
  • Method of defending network transmission control protocol sync message from overflowing attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The working principle of the inventive method is as figure 2 As shown, firstly, the firewall receives a connection request (TCP synchronous message) from the client computer, and uses a window proxy server with a size of 0 to return a synchronous response message to the client computer, prompting the client computer not to transmit valid data temporarily. Then the firewall checks the legitimacy of the client computer's connection request, and at the same time, the firewall establishes a record of relevant information facing the connection request, which is used to record the sequence number, confirmation sequence number and window etc. If the firewall does not receive the confirmation response message from the client, the connection request is illegal and will not be processed. If it receives the confirmation response message from the client, the connection request is legal, and the firewall sends the connection request to the server on behalf of the client. ask. The...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention is the method of defending network transmission control protocol sync message from overflowing attach, and belongs to the field of computer network safety technology. After firewall receives the connection request from the client computer and the deputy server returns one sync response message with zero window size to the client computer, the firewall sets relevant message record orienting the connection request while detecting the validity of the request. After receiving the sync response message form the server, the firewall returns confirming response message to theserver while sending confirming response message with zero window size to the client computer to start the data transmission of the client computer. So, the data message is transmitted between the client computer and the server via the firewall, and the said method can protect the server.

Description

technical field [0001] The invention relates to a method for defending against network transmission control protocol synchronous message flood attack, belonging to the technical field of computer network security. technical background [0002] Transmission Control Protocol (Transmission Control Protocol, hereinafter referred to as TCP) is one of the three-layer transmission protocols used by the Internet, and is the basis of many network applications. Transmission Control Protocol Synchronous Package Flood Attack (Transmission Control Protocol Synchronous Package Flood Attack, hereinafter referred to as TCP SYN Flood attack) is a common denial of service attack in the network. The attack is simple to implement, but it is extremely destructive. It can exhaust the resources of the attacked server, and even crash the operating system, so that it cannot respond to normal service requests. [0003] The TCP SYN Flood attack is an attack carried out during the three-way handshake ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/145H04L63/02
Inventor 杨勇滕新东姜宏洲李鸣雷赵强郑飞杨建森郭景泽祈延
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap