Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

IP spoofing DDoS attack defense method based on active IP record

A record table, inactive technology, applied in the field of network information security, can solve problems such as increased network load, long backtracking time, and damage path backtracking

Inactive Publication Date: 2009-03-11
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF0 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0019] There are many methods of source backtracking, some require a longer path backtracking time, and others will generate additional data flow, thereby increasing the load on the network
Moreover, the data packet transmission node may also be controlled by an attacker, thereby destroying the path backtracking
In addition, using the attack path obtained by source backtracking to deal with DDoS attacks also has problems such as cooperation between ISPs and response time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IP spoofing DDoS attack defense method based on active IP record
  • IP spoofing DDoS attack defense method based on active IP record
  • IP spoofing DDoS attack defense method based on active IP record

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The IP spoofing DDoS defense method based on active IP records maintains an active IP table on the DDoS attack defense gateway to save active IP records. The active IP table uses the frequency of IP appearing in the source address of the data packet as the criterion for whether the IP is active. The IP that establishes a connection with the autonomous system or requests to establish a connection will be judged as an active IP and added to the active IP table, and IP spoofing is usually random IP is generated, and the frequency of occurrence is low, so it is judged as an inactive IP.

[0033] The size of the active IP table is used to set the maximum network traffic that the defense gateway can withstand, which can be manually set by the network administrator, or can be obtained by the program through self-learning based on the passing network traffic curve when there is no attack.

[0034] After receiving the data packet, the DDoS defense gateway uses the source IP of t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a defense method aiming at IP deception DDoS (Distributed Denial of Service) attack. The method is based on active IP records; the active IP is a source IP address which has established or is establishing connection with a system, the IP deception DDoS attack generally uses a randomly generated IP as a data stream source address, the IP is a non-active IP, a data stream from the active IP according to the principle can be regarded as a legal stream flow and a network stream from the non-active IP is regarded as a suspicious stream flow, therefore, a DDoS defense gateway which is positioned at the boundary of an autonomous system can use an active IP record form to carry out the matching process to data packets of the autonomous system, the network stream from the active IP passes through directly, the IP data packets without active records are discarded by a router at the boundary of the autonomous system or a router near the boundary and sends an ICMP time out error message to notify source nodes. The data packet of the IP deception DDoS attack with the non-active IP can not reach victimized nodes. The discarded data packet carries out retransmission by the upper layer protocol or application of the source nodes.

Description

technical field [0001] The invention relates to the field of network information security, in particular to a defense method for denial of service or distributed denial of attack using IP deception. Background technique [0002] Distributed denial of service attack (DDoS) is currently the most popular network attack method. Its principle is simple, easy to implement, and the attack is extremely destructive. It poses a great threat to the security of the current network. [0003] DDoS attackers usually control a large number of nodes with low security defense levels distributed in the Internet as attacking puppet machines to form a multi-level DDoS attack botnet. By sending remote control commands to the botnet, they cooperate with a large number of puppet machines to directly or indirectly attack Its attack target sends a large number of network packets, and these network packets converge into overwhelming network traffic at the victim end, exhausting the victim's network ba...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/66H04L12/56
Inventor 张凤荔陈伟钟婷罗绪成钱伟中刘峤
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com