Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Protective method for network attack

A network attack and network equipment technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., to achieve the effect of reducing attacks, saving hardware resources, and improving response speed

Active Publication Date: 2006-12-13
NEW H3C TECH CO LTD
View PDF0 Cites 38 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The technical problem to be solved by the present invention is to provide a network attack protection method to solve the defects in the above-mentioned prior art that simply use hardware to set ACL rules or software to limit the packet rate for network attack protection.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Protective method for network attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The core idea of ​​the present invention is to make full use of the characteristics of the hardware and the flexible control of the software, automatically set the ACL rules of the chip to filter the messages under the analysis of the software, and use the sampling technology to analyze the abnormal messages to judge when the attack ends. When the attack is over, the function of the port is restored, and the issued ACL rules are cancelled, so as to achieve the purpose of CPU anti-attack.

[0038] Specifically, the network packet receiving module driven by the bottom layer of the network device detects the received packets. If an abnormal packet is received, for example, a port with a large flow of packets is detected in a short period of time, it can be considered as If there is a packet attack on this port, an alarm message will be issued to remind the user. At the same time, the packet characteristics will be extracted from the packet received by the attacked port and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a protective method of network attack in the CPU network equipment, which comprises the following steps: detecting port report of network equipment; building report form when finding abnormal report; setting ACL access regulation at the port; starting the sampling mechanism; comparing the feature of abnormal report with sampled and reserved report form; cancelling ACL regulation when the abnormal report doesn't exist. The invention can utilize hardware character completely and software control flexibly, which solves defect of attack for hardware and software simply.

Description

technical field [0001] The invention relates to a network attack protection method, in particular to a network attack protection method for a network device with a CPU. Background technique [0002] At present, online attacks are becoming more and more frequent, causing some network equipment such as low-end switch products to have more problems in network use. In order to enhance the anti-attack capability of network equipment, especially low-end Ethernet switch products, and make them have stronger network adaptability, it is necessary to further strengthen the anti-attack performance of network equipment. [0003] The types of network attacks are mainly divided into several types: traffic attacks on the network device CPU, attacks on network protocols, attacks on device table entries, and other attacks. However, DOS attacks, scanning and snooping attacks, and protocol packet attacks are more common on the network at present. These attacks can attack the CPU with a large ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L12/56H04L29/06
Inventor 杨孙永
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com