Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

A flood request attaching filtering method based on the stateless of open source core

A filtering method and stateless technology, applied in the field of network security, can solve problems such as lack of intelligence, and achieve the effect of small resource consumption, high intelligence and effectiveness

Inactive Publication Date: 2008-07-09
NANJING UNIV OF POSTS & TELECOMM
View PDF0 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, these methods are relatively passive and lack intelligence. Efficient, accurate and intelligent filtering methods are very necessary and urgently needed for active prevention

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A flood request attaching filtering method based on the stateless of open source core
  • A flood request attaching filtering method based on the stateless of open source core
  • A flood request attaching filtering method based on the stateless of open source core

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] A typical DDoS uses a three-layer structure to attack. The central console is the host where the attacker resides. The attacker first intrudes into several hosts in the network as proxy consoles for the attack, and then directly attacks the hosts with a proxy console. These hosts are distributed in the network and have different geographical locations.

[0057] Below we simulate a syn flood-based DDoS attack on a network. Host A is the server, and host B is the gateway. Through a typical DDoS attack network with a three-layer structure of nine computers, the network service (website access) provided by host A is attacked. B on the gateway starts after detecting the DDoS attack. The filtering module identifies attacks and normal network data packets, and performs filtering processing.

[0058] The steps to start the attack on the attack side are as follows:

[0059] 1 The computer used by the attacker is the console S, which controls the entire attack process. The mai...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an open source kernel based filtration method of stateless flooding request attacks, which comprises the following steps: the rule list of the filtration of an open source firewall is initialized to generate a white list and a blacklist; a main control module distinguishes and processes the request message and the reset message respectively; the Cookie value of the request message is calculated and is added to a text document library, and a confirmation message is sent back to the message origin; as for the reset message, the confirmation number value thereof is extracted and searched in the text document library after being subtracted by one; a text document library maintenance module deletes the expired information record in every interval t, and informs a firewall operation module to add the address of the origin to the blacklist; the firewall operation module gathers list items when the number of the list items in the white list or the blacklist are very large; after giving the command of filtration stopping, the firewall module needs to empty all the lists and stop the function of a kernel filtration module, and the filtration method is ended. The adoption of the method of the invention can achieve the goal of defending DDoS attacks.

Description

technical field [0001] The present invention is a filter syn_flood attack data under linux, which is used to start a syn flood filter when an attack is detected, block all syn connection requests, identify its identity, filter all attack syn connections, and maximize Guaranteeing a normal network connection to the maximum extent belongs to the technical field of network security. Background technique [0002] Network security has always been accompanied by the rapid development of the network, which has attracted more and more attention from users and technical workers and sought solutions. The TCP / IP protocol is now the communication protocol of the network. Its openness and unexpectedness at the beginning of the protocol Many changes in the network make the protocol itself have some disadvantages. Network hackers have designed some network attack tools based on the loopholes in the network protocol itself. Among them, DDos is a very harmful network attack. During the esta...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
Inventor 王汝传李惠娟任勋益张登银祝世雄
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products