Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security protection method and system based on IP address security credibility

An IP address and network security technology, applied in the field of network security protection based on IP address security reputation, can solve problems such as no solution proposed, the server cannot make adaptive adjustments, and it has nothing to do with the actual operating status of the server.

Active Publication Date: 2018-03-20
TENCENT TECH (SHENZHEN) CO LTD
View PDF9 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in the existing solutions, these protective measures are usually set relatively statically at the entrance of the server, and the analysis and judgment of the data packets are usually pre-set, regardless of the actual operating status of the server. This causes the server to be unable to make adaptive adjustments when the load increases unexpectedly, which leads to the paralysis of the server
For the above problems, no effective solution has been proposed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security protection method and system based on IP address security credibility
  • Network security protection method and system based on IP address security credibility
  • Network security protection method and system based on IP address security credibility

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0057] This embodiment proposes a method for determining the security reputation of a network IP address, such as figure 1 As shown, the method includes the following steps:

[0058] Step S101, counting the number of requests for each IP within a preset period.

[0059] Step S102, calculating the average value and standard deviation of IP visits within a preset period.

[0060] Step S103, screening IPs whose request quantity is higher than a first threshold and whose request quantity is higher than a second threshold, and the second threshold is related to the average value and standard deviation.

[0061] Step S104, dynamically update the filtered IP to the database, and set a valid period.

[0062] In step S101 and step S102, the preset period is the segmentation of the processing sequence. For example, in the specific implementation process, the preset period can be 1 minute, then step S101 is to count the number of requests for each IP within 1 minute , and step S102 al...

Embodiment 2

[0074] This embodiment proposes a network security protection method based on the network IP address security reputation, such as figure 2 As shown, the method includes the following steps:

[0075] Step S201, copying Internet data streams.

[0076] Step S202, counting the number of requests for each IP within a preset period in the Internet data stream.

[0077] Step S203, calculating the average value and standard deviation of IP visits within a preset period.

[0078] Step S204, screening IPs whose request quantity is higher than a first threshold and whose request quantity is higher than a second threshold, and the second threshold is determined by the average value and standard deviation.

[0079] Step S205, dynamically update the screened IP to the IP reputation database, and set a validity period.

[0080] Step S206, based on the IP reputation database, clean or intercept the IP data flow in the IP reputation database.

[0081] In order to realize the interaction o...

Embodiment 3

[0098] This embodiment proposes a system for determining the security reputation of a network IP address, and the system includes the following modules:

[0099] The traffic statistics module is used to count the number of requests for each IP within a preset period.

[0100] The calculation module is used to calculate the average value and standard deviation of IP visits within a preset period.

[0101] The abnormal IP screening module is configured to screen IPs whose number of requests is higher than a first threshold and whose number of requests is higher than a second threshold, and the second threshold is related to the average value and standard deviation.

[0102] The dynamic IP credit library module dynamically updates the filtered IP to the database and sets the validity period.

[0103] In a specific implementation process, the traffic statistics module extracts the IP protocol header, and counts the number of requests for each IP within the period according to a s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a network security protection method and system based on the IP address security credibility. The network security protection method comprises the steps of: obtaining an internet mirror image data flow, counting and calculating the request numbers of IP addresses in the mirror image data flow and the arithmetic statistical values of the request numbers, furthermore, determining a threshold value condition based on the normal access volume and the arithmetic statistical values of the request numbers, screening the IP addresses, the request numbers of which satisfy the threshold value condition, dynamically updating the IP addresses to an IP address credibility database, and cleaning the data flow of the IP addresses from the IP address credibility database. Continuously malicious behaviours that a single access accords with normal request characteristics, such as DDoS attacks, CC attacks, library hit attacks, piracy crawler grabbed contents and brute force attacks, can be effectively protected; and thus, the security assurance of the internet and application layers can be improved.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a network security protection method and system based on IP address security reputation. Background technique [0002] With the rapid development of Internet technology, Internet technology provides users with various convenient applications, such as instant chat, social platforms, online shopping, etc. At the same time, hackers maliciously attack the network servers of the above applications, making legitimate users unable to Access the web server normally. Taking Distributed Denial of Service (DDOS for short) as an example, a large number of "zombie hosts" invaded or indirectly used by attackers send a large number of disguised network packets to the attack target (that is, the network server), with the purpose of causing network Blockage or exhaustion of server resources, resulting in the network server refusing to provide services to legitimate users, that i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L63/1441H04L63/1458
Inventor 郑云文胡珀郑兴张强
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com