SYN flooding attack defence method based on connection request authentication

A technology for connection request and connection establishment, applied in digital transmission systems, electrical components, transmission systems, etc., can solve problems such as unresolved, modified operating system kernel source code, and inconsistent TCP connection status between client and server.

Inactive Publication Date: 2005-06-22
BEIHANG UNIV
View PDF0 Cites 41 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the existing defense methods based on connection request verification have realized the verification of TCP connection requests, they have not solved the problem of completely obtaining the status information required to establish a TCP connection after verifying that

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SYN flooding attack defence method based on connection request authentication
  • SYN flooding attack defence method based on connection request authentication

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment

[0035] Such as figure 1 As shown, the present invention is realized by modifying the software technology of the code of the operating system TCP / IP protocol stack on the host. Mainly modify the implementation of the standard TCP / IP protocol stack on the host where the server is located, and modify the received SYN X Packet and SYN X / ACK Y+1 Package processing flow. When a connection request SYN is received X After the package, instead of allocating memory resources to save the connection state information and return SYN Y / ACK X+1 Package, but does not allocate any system memory resources, using the method described above, returns a SYN with authentication information Y packet; when a SYN is received X / ACK Y+1 After the package, execute the original process in the implementation of the TCP / IP standard to check the SYN X / ACK Y+1 Whether the packet belongs to an existing socket, if it is to execute the original process, otherwise, use the above method to SYN X / ACK...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A connection request verification based method for defending SYN-flooding attack contains sending SYNY to user end package as server end receiving user end SYNY package, when server end receiving SYNX/ACKY+1 package from user end, obtaining certification identification information from affirmation sequence number of said package to verifying, when it is effective TCP connection request, obtaining connection state information and setting TCP connection, sending back ACKX+1 package to user end, as user receiving said package the TCP connection is completed, when it is effective TCP connection request, the SYNX/ACKY+1 is dropped, which effectively defends the SYN-flooding attack using a lot of ineffective TCP connection request of pretended source address to use up system resource.

Description

technical field [0001] The invention relates to an attack defense method used in a large computer network, in particular to a SYN flooding attack defense method based on connection request verification. Background technique [0002] DoS (Denial of Service Denial of Service) and DDoS (Distributed Denial of Service Distributed Denial of Service) attacks are one of the security threats to large-scale websites and network servers. Among them, SYNflooding attacks have become the most popular attacks due to their simple attack and good attack effect. Popular DoS and DDoS attack methods. A normal TCP connection requires a three-way handshake. First, the client sends a data packet containing the SYN flag, and then the server returns a SYN / ACK response packet, indicating that the client’s request is accepted. Finally, the client returns a confirmation packet ACK, so that Only one TCP connection is completed. The SYN flooding attack uses the flaw that the three-way handshake connect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/00H04L12/24
Inventor 尹宝林黄鑫
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap