Method and device for detecting distributed denial of service

A technology for distributed rejection and detection equipment, applied in electrical components, transmission systems, etc., can solve problems such as poor scalability, high development costs, and long development cycles, and achieve the effects of reducing development costs, shortening development cycles, and improving processing performance.

Inactive Publication Date: 2013-02-13
BEIJING BAIDU NETCOM SCI & TECH CO LTD
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The invention provides a method and device for detecting DDoS, so as to solve the defects of high development cost, long development cycle and poor scalability in the prior art on the premise of improving detection performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting distributed denial of service
  • Method and device for detecting distributed denial of service
  • Method and device for detecting distributed denial of service

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] figure 1 The flow chart of the method for detecting DDoS provided by Embodiment 1 of the present invention, such as figure 1 As shown, the method may include the following steps:

[0045] Step 101: pre-set N processing processes and N cores to be bound one by one, and the N processing processes perform DDoS feature analysis on data packets entering the detection device in a shared manner, and N is an integer greater than 2.

[0046] Under the many-core hardware platform, multiple processing processes are used to analyze DDoS characteristics in a shared manner. In the embodiment of the present invention, the data packets entering the detection device can mirror the traffic from the Internet service provider (ISP) to the detection device through the optical splitting and mirroring platform, and the data packets entering the detection device are unified in the packet receiving queue. The above N Each processing process can use round-robin scheduling (round-robin) to shar...

Embodiment 2

[0067] Image 6 The device structure diagram provided for the second embodiment of the present invention, such as Image 6 As shown, the device may include:

[0068] The initialization unit 600 is configured to preset binding of N processing processes and N cores one by one, where N is an integer greater than 2. The initialization module 600 is responsible for creating, configuring, and initializing processes, completing configuration of policy information in the device, and completing dynamic loading and dynamic modification of all policies by receiving external information.

[0069] N processing processes 610 are configured to perform DDoS feature analysis on data packets entering the detection device in a shared manner. In addition to being responsible for receiving packets, that is, obtaining data packets from the packet receiving queue, the processing process also calls the callback callback function in the statistical process 620 and the detection unit 630 to complete ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and a device for detecting distributed denial of service (DDoS). The method comprises the steps of: presetting N processing progresses, bonding the N processing progresses with N cores one by one, wherein the N is an integer more than 2; performing DDoS characteristic analysis on data packages entering the detection device by the N processing progresses by using a sharing manner; performing summary statistics on DDoS characteristics obtained by the analysis of the processing progresses through statistics progresses; and judging whether the DDoS exists according to the DDoS characteristics obtained according to the summary statistics. According to the method and the device, under the premise of improving the detection performance, the defects that the development expenses is high, the development period is long and the expansibility is poor in the prior art are solved.

Description

【Technical field】 [0001] The invention relates to the technical field of computer network security, in particular to a method and device for detecting distributed denial of service attacks. 【Background technique】 [0002] With the rapid development of the Internet, people's use and dependence on the network has gradually increased, and relatively network security issues have also followed, especially servers or computer hosts have suffered from network attacks in an endless stream, so a secure network environment has received more attention. . [0003] Distributed denial of service attack (DDoS, Distributed Denial of Service) is to use reasonable service requests to occupy too many service resources, so that the server cannot process the instructions of legitimate users. Due to the complexity of Internet services, this kind of application-layer attack directly targeting services can often cause denial of service at a relatively low cost. Therefore, DDoS is more and more com...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 贺艳军
Owner BEIJING BAIDU NETCOM SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap