Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Filtering position selection method against bandwidth consumption-type attacks

A technology for filtering location and bandwidth consumption, applied in electrical components, transmission systems, etc., can solve problems such as large economic losses and network performance impact, and achieve the effects of improving efficiency, minimizing bandwidth resources, and reducing complexity

Active Publication Date: 2016-10-26
NORTHEASTERN UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] There is still a problem in the defense process: after the attack, the longer it takes to restore normal services, the greater the economic loss caused. In the current packet filtering mechanism, packet filtering and IP traceability are carried out simultaneously, which can Rapid response to attack, enhanced defense effect (such as "K.Argyraki and Cheriton.RD.Scalable network-layer defense against internetbandwidth-flooding attacks[J].IEEE / ACM Transactionson Networking,2009,17:1284-1297.", "D .Seo,H.Lee and A.Perig.PFS: probability filter scheduling against distributeddenial-of-service attacks[J].inProc.ofLocal Computer Networks,2011:9-17. "M.S Fallah and N.Kahani, TDPF: atraceback-based distributed packet filter to mitigate spoofed DDoS attacks[J], Security and Communication Networks, 2014. "M.Sung.and J.Xu, IP traceback-based intelligent packet filtering: a noveltech-nique for defending against Internet DDoS attack[J], IEEE / ACM Transaction on Paralell and Distributed Systems, 2003, 14:861-872.")
However, if the scale of the bot attack network continues to increase, exceeding Moore's Law, the number of filtering routes that need to be opened will also increase, which will have a great impact on network performance.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Filtering position selection method against bandwidth consumption-type attacks
  • Filtering position selection method against bandwidth consumption-type attacks
  • Filtering position selection method against bandwidth consumption-type attacks

Examples

Experimental program
Comparison scheme
Effect test

experiment example

[0077] Experimental example: figure 1 is the given attack network (which can be constructed using the traceability method), figure 2 is the corresponding defense model. After in-depth analysis of the attack behavior, the bandwidth-exhausted attack network can be defined as a multi-source single-sink graph, denoted as G S ={V S ,L S ,S S ,D S ,R S ,F S ,C S ,T S}, where, G S means attacking the network, V S Indicates attacking network G S The set of nodes in , L s Indicates attacking network G S The set of links in , S s Indicates attacking network G S The set of attack sources in , D s Indicates attacking network G S The root node in R S Indicates attacking network G S The set of attack flow rates in , F S Represents the set of relationships between nodes and attack paths in the attack network, C S Indicates attacking network G S Bandwidth usage of the medium link, T s Indicates the actual traffic set for each link.

[0078] Among them, the set of nod...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a filtering position selection method against bandwidth consumption-type attacks. The method comprises the following steps: a link congestion complete dependency set CDSset for routing nodes in an attack tree is built; according to an upstream and downstream dependency relation for the link in the link congestion complete dependency set CDSset, a corresponding link congestion dependency tree is built; all link congestion dependency trees form a link congestion dependency forest; and leaf routing nodes in each link congestion dependency tree in the link congestion dependency forest are the optimal filtering positions of the routing nodes in the attack tree against bandwidth consumption-type attacks. Through adopting the filtering position selection method of the invention, the existing filtering strategy can be used for 25% filtering the routing nodes to clear all congestion links, the two are balanced, and network delay caused by router filtering can be greatly reduced.

Description

technical field [0001] The present invention relates to a method for defending bandwidth consumption type attacks, in particular to a filtering position selection method for bandwidth consumption type attacks. Background technique [0002] The rapid development of the Internet has greatly facilitated people's lives and promoted the progress of many aspects of society. However, the security problems arising from the development of the Internet should not be underestimated. We know that in the IP protocol, the host only has the identification information of the IP address, so when the sender changes its IP address to send information to the receiver, the receiver must accept the information and then make a ruling because the receiver cannot distinguish its authenticity. Denial of Service attack (DoS attack) is to use such a protocol vulnerability (ie "Lee.J.Scalable multicast based filtering and tracing framework for defeatingdistributed DoS attacks[J].Int.J.Network Mgmt,2004,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1458H04L63/205
Inventor 鲁宁崔锴倩
Owner NORTHEASTERN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com