Method for protecting computer network against attack

A host and purpose technology, applied in the field of security technology for DoS and DDoS, can solve problems such as inability to prevent, achieve the effect of reducing server load, avoiding excessive consumption, and solving the impact of servers

Inactive Publication Date: 2004-07-28
MAIPU COMM TECH CO LTD
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The above two methods can only deal with relatively primitive SYN-Flood attacks. Shortening the SYNTimeout time will only take effect when the attack frequency of the other party is not high. SYN Cookie is more dependent on the real IP address used by the other party. If the attacker sends tens of thousands Sending SYN packets at a speed of 1 / sec, and using SOCK_RAW to randomly rewrite the source address in the IP packets, it is impossible to prevent

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for protecting computer network against attack
  • Method for protecting computer network against attack
  • Method for protecting computer network against attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] As a specific implementation, between the external network and the internal network, or in other words, between the source host A and the trusted host B with a firewall, such as figure 2 shown. The firewall processes the received SYN message according to the following procedure:

[0021] 1. The source host A sends a connection establishment request (SYN) message to the trusted host B, and the message contains the initial sequence number seq(a) of the host A.

[0022] 2. The firewall creates a TCB structure (Transmission Control Block, Transmission ControlBlock), records the initial serial number of the source host A, and records the source IP address, source port, destination IP address and destination port at the same time, then forwards the SYN message and starts the SYN at the same time -ACK timer c1, waiting for the arrival of host B's SYN-ACK message. If the timer c1 times out, the firewall releases the TCB structure of the connection.

[0023] 3. If the respon...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method for preventing computer network attack, belonging to the field of computer communication technology, includes the following steps: (1). intercepting data packet from exterior and recording source host information; (2). retransmitting the described data packet into the information-receiving host and setting timer; (3). if before time over, the respose message from information-receiving host is received, recording its identity information and coming into step 4; if the respose of information-receiving host is not received after time over, releasing identity information recorded by step 1; (4). using identity of source host recorded by step 1 to transfer respose message to information-receiving host, and according to the identity information of source host recorded by step 1 retransmitting respose message transferred into source host from information-receiving host and setting timer; (5) if, before time over, the respose message of source host is received, removing timer, the connection can be created sucessfully.

Description

technical field [0001] The invention relates to computer communication technology, in particular to security technology for DoS (Denial of Service, denial of service attack) and DDoS (Distributed Denial of Service, distributed denial of service attack). Background technique [0002] The standard process of establishing a TCP connection is as follows: First, the requester (client) sends a TCP message containing the SYN flag requesting to establish a connection. SYN is Synchronize, and the synchronization message will indicate the server requested by the client. port and the initial sequence number for establishing a TCP connection; in the second step, the server (or trusted host) will return a SYN+ACK message after receiving the client's SYN message, indicating that the client's request is accepted, and at the same time confirm that the sequence number is Add 1 to the initial serial number of the client, and ACK is the confirmation (Acknowledgment). In the third step, the cl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F15/16H04L9/00
Inventor 杨宁
Owner MAIPU COMM TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap