Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and security agent device for preventing syn flood attack

A network security and legal technology, applied in the field of message attack prevention, can solve the problem of low implementation cost, and achieve the effect of low implementation cost, small changes and remarkable effect

Active Publication Date: 2011-12-21
杭州迪普信息技术有限公司
View PDF7 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] In view of this, the present invention provides a more reliable and less costly to implement solution to the problems of the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and security agent device for preventing syn flood attack
  • A method and security agent device for preventing syn flood attack
  • A method and security agent device for preventing syn flood attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The invention utilizes a security proxy device located between a client (Client) and a server (Server) to prevent SYN Flood attacks based on the TCP protocol. The security agent device mentioned in the present invention is a logic device, which can be located on various physical network devices (such as routers, three-layer switches, firewalls and other network security devices) with security functions. The security agent device of the present invention mainly includes: a message checking unit 11 and a client verification unit 12 , wherein the network security device also includes an access control unit 20 . Each of the above units is a unit in a logical sense, and may be realized by software (that is, realized by running software codes in the memory by the CPU) or by hardware or firmware in terms of implementation. The following combination image 3 Take computer software as an example.

[0034] Step 101, screen out TCP SYN messages and verification response messages...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for protecting against the attack of synchronize (SYN) Flood. The method comprises the following steps of: A, checking whether a client which sends a transmission control protocol (TCP) SYN message is in a white list, if so, allowing the passing of the message and deleting corresponding table entries, otherwise returning to B; and B, sending a verification request to the client and checking whether the client is legal according to a verification response returned by the client, if so, adding the corresponding table entries in the list, otherwise, abandoning a response message. By the method, a table entry deletion mechanism is ingeniously improved, and the problem that an attacker forges an internet protocol (IP) address which can be possibly coincided with the IP address of the client is solved. The method can be matched with signature of the IP address and the design of content of table entries of a source port, and fully utilizes the characteristic that a TCP connection source port has high randomness so as to make undercover passing of the attacker by using a legal IP address in the white list impossible.

Description

technical field [0001] The invention relates to network security technology, in particular to a method and device for preventing message attacks. Background technique [0002] With the advancement of network communication technology, network security issues caused by various network attacks have attracted increasing attention. More and more enterprises and operators begin to use network security devices such as firewalls to provide protection measures for network communications. [0003] Packet attacks based on the TCP protocol are quite common network attacks. The characteristic of this attack is to consume a large amount of server resources by sending a large number of SYN messages, because the server does not have enough resources to respond to the access requests of other clients. This attack is called SYN Flood. [0004] A SYN flood attack is a behavior that sends SYN packets to the target server to consume its system resources and weaken the service provision capabi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/08H04L29/06H04L1/16
Inventor 汪庆权
Owner 杭州迪普信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com