Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for raising safety of IP network through router signature

A router and security technology, applied in the field of network and communication, can solve the problems that IP packets do not contain, information is difficult to forge, and information is difficult to forge

Active Publication Date: 2005-04-27
ZHEJIANG INSIGMA TECH
View PDF0 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The first reason is that the IP packet does not contain information related to its transmission trace and is difficult to forge
The second reason is that the routers along the route do not record (even temporarily record) the direction of traffic belonging to the same "flow", that is, the flow between the same pair of nodes.
Second, and actually more importantly, the attacker can forge a string of IP addresses that the attacked party cannot check
[0009] 2. The information inserted should be difficult to forge
[0013] Of course, the security problem of IP network is a very complicated problem. There are many reasons for its insecurity, so we cannot expect to find a single method to solve this problem once and for all. Web security approaches are worth considering

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for raising safety of IP network through router signature
  • Method for raising safety of IP network through router signature

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The implementation of the present invention will be further introduced below by the embodiment for IPv4:

[0029] The header of an IPv4 packet consists of at least five 32-bit "long words", that is, 20 bytes. These 5 long words are divided into many bit fields, wherein the value of the "header length" HLEN bit field is generally 5, which means 5 long words (20 bytes). If it is greater than 5, it means that there are options between the header and the data carried. The length of the header is a 4-bit bit field, and its maximum value is 15, that is, the maximum length of the header is 60 bytes, so there are up to 40 bytes that can be used for options (or, according to another invention patent of mine According to the application, if an extension flag in the IPv4 header is 1, it means that there is an optional extension. The length of the extension is not included in the header, but is included in the total length of the packet, so it is "plug-in". optional, whose length...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The method of subscribing router to raise IP network safety includes: 1) to increase one optional item, 'subscription', into packet header in IPv4 specification, and to require IP package routers to record the IP address and enciphered additional checking information in the IP packet header; 2) for the network equipment with router to calculate and create subscription in transmitting IP package and to insert the subscription options into IP packet header or expanding part; and 3) for the IP package receiver to record the packet header, subscription options and several bytes after the packet header for doubtful IP package as well as the IP package arrival time. The present invention has the advantage that in checking, check code is re-calculated and compared with the given check code to judge the truth of the subscription, and this reduces greatly the attacker searching range.

Description

technical field [0001] The invention relates to the field of network and communication, and mainly relates to a method for improving IP network security through router signature. This method of making the router add a signature to the forwarded IP packet in the Internet is aimed at tracing the source of the IP packet when a problem occurs, thereby improving the security of the IP network. Background technique [0002] The security problem of IP network is a very complicated problem, and there are many reasons for its insecurity. One of the important reasons is: even for known hacker attacks and IP packets sent by hackers, it is almost impossible to find out its real source, so the relevant IP packets can only be discarded or blocked. In this way, there are neither countermeasures nor deterrent effects on attackers. [0003] Of course, there is the IP address of the sender in the IP packet, that is, the "source address", but this can be faked. The IP packet sent by the hac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L1/20H04L9/28H04L29/06
Inventor 毛德操
Owner ZHEJIANG INSIGMA TECH