Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

CC attack detection method, device and electronic device

A detection method and a technology of preset times, which are applied in the direction of error prevention/detection, electrical components, and digital transmission systems using the return channel, which can solve the problems of unrecognized or low recognition rate of CC attacks, and achieve strong real-time detection capabilities, The effect of avoiding differences in entropy value and accurate detection results

Active Publication Date: 2019-01-22
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF7 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] In view of this, the purpose of the present invention is to provide a CC attack detection method, device and electronic equipment, to alleviate or partially alleviate the technical problems in the prior art that the CC attack cannot be identified or the identification rate is low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • CC attack detection method, device and electronic device
  • CC attack detection method, device and electronic device
  • CC attack detection method, device and electronic device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0066] Such as figure 1 As shown, the embodiment of the present invention provides a CC attack detection method, which is applied in the field of network CC attack detection. The detection methods of this CC attack include:

[0067] Step S101, setting the size of the times window and the single sliding distance of the times window;

[0068] The frequency window here refers to the sliding window defined by the number of requests; that is, the size of the frequency window and the single sliding distance are characterized by the number of requests; the size (or size) of the frequency window is characterized by the window width. Wherein, the size of the times window and the single sliding distance of the times window are called window parameters of the times window.

[0069] Step S102, calculate the information entropy value of the number of times window at each sliding position sequentially according to the number of times window setting;

[0070] Specifically, the information...

Embodiment 2

[0077] Such as figure 2 As shown, the embodiment of the present invention provides another CC attack detection method, which is applied in the field of network CC attack detection. The detection methods of this CC attack include:

[0078] Step S201, constructing a sliding window mechanism based on the number of requests, and obtaining a preset information entropy threshold based on the sliding window mechanism.

[0079] The sliding window mechanism can be established through machine learning; it should be noted that the preset information entropy threshold can be re-learned and tuned according to actual operating conditions.

[0080] Specifically, this step S201 includes the following steps:

[0081] 1. Obtain the preset number of requests during normal visits;

[0082] First, ensure that the detected server (or system) is under normal access conditions; then obtain the preset request times M of the server during normal access, and use the preset request times M as the win...

Embodiment 3

[0130] Such as image 3 As shown, the embodiment of the present invention provides a third CC attack detection method, including:

[0131] Step S301: Count all the site URLs of the server that can be requested resources, divide them into dynamic sites and static sites according to different sites, classify URLs that request all static site pages into one category, and group URLs that request the same dynamic site page grouped together.

[0132] In order to facilitate understanding, the following takes the web application server of XX official website as an example, and uses the packet capture tool to capture and analyze the data packets of external access requests, and classify the URL addresses of the received request texts:

[0133] Among them, the homepage address is http: / / www.dbappsecurity.com.cn / index.aspx, and the dynamic page name is index.aspx is classified into one category; the specific product page is: http: / / www.dbappsecurity.com .cn / pro_main.aspx? id=XXXXXXXXX...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method, a device and an electronic device for detecting a CC attack, which relate to the technical field of network anomaly detection. The method for detecting the CC attack comprises the following steps of: setting a window size of a number of times and a single sliding distance of the window of times; calculating the information entropy value of the times window at eachsliding position in turn according to the times window setting; if the information entropy value of any sliding position is less than the preset information entropy threshold value, the number of times window is determined to be CC attack at the sliding position. This method can detect the network anomaly more quickly and has stronger real-time detection ability through the number of times windowmodel and information entropy algorithm. The method uses the dimension of request access times to define the sliding window, which can effectively avoid the entropy difference caused by the differentrequest times per unit time, and the detection result is more accurate.

Description

technical field [0001] The invention relates to the field of CC attack detection, in particular to a CC attack detection method, device, system and electronic equipment. Background technique [0002] CC (Challenge Collapsar) attack is an attack method against application layer WEB services. The purpose of CC attacks is to exhaust server resources and cause denial of service. [0003] The principle of CC attack is not complicated, it uses the weakness of the application layer to attack. Data queries with poor performance, poor program execution structure, and functions that consume resources in the website may all become the targets of CC attacks. For example, the search function of the forum needs to consume a lot of database query time and system resources. The attacker calls the search function frequently, so that the accumulation of query requests cannot be completed immediately, and resources cannot be released, resulting in too many database connection requests, data...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/26H04L1/18H04L29/08
CPCH04L1/187H04L43/16H04L63/1416H04L63/1425H04L63/1458H04L67/02
Inventor 张宁波范渊龙文洁莫金友
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com