Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

CC attack detection method, device and electronic equipment

A detection method and technology of preset times, applied in the direction of error prevention/detection, electrical components, digital transmission system, etc. using the return channel, which can solve the problems of unrecognized or low recognition rate of CC attacks, so as to alleviate the unrecognized CC attacks. Or the effect of low recognition rate, strong real-time detection capability, and fast network abnormality

Active Publication Date: 2021-11-05
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] In view of this, the purpose of the present invention is to provide a CC attack detection method, device and electronic equipment, to alleviate or partially alleviate the technical problems in the prior art that the CC attack cannot be identified or the identification rate is low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • CC attack detection method, device and electronic equipment
  • CC attack detection method, device and electronic equipment
  • CC attack detection method, device and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0066] Such as figure 1 As shown, the embodiment of the present invention provides a CC attack detection method, which is applied in the field of network CC attack detection. The detection methods of this CC attack include:

[0067] Step S101, setting the size of the times window and the single sliding distance of the times window;

[0068] The frequency window here refers to the sliding window defined by the number of requests; that is, the size of the frequency window and the single sliding distance are characterized by the number of requests; the size (or size) of the frequency window is characterized by the window width. Wherein, the size of the times window and the single sliding distance of the times window are called window parameters of the times window.

[0069] Step S102, calculate the information entropy value of the number of times window at each sliding position sequentially according to the number of times window setting;

[0070] Specifically, the information...

Embodiment 2

[0077] Such as figure 2 As shown, the embodiment of the present invention provides another CC attack detection method, which is applied in the field of network CC attack detection. The detection methods of this CC attack include:

[0078] Step S201, constructing a sliding window mechanism based on the number of requests, and obtaining a preset information entropy threshold based on the sliding window mechanism.

[0079] The sliding window mechanism can be established through machine learning; it should be noted that the preset information entropy threshold can be re-learned and tuned according to actual operating conditions.

[0080] Specifically, this step S201 includes the following steps:

[0081] 1. Obtain the preset number of requests during normal visits;

[0082] First, ensure that the detected server (or system) is under normal access conditions; then obtain the preset request times M of the server during normal access, and use the preset request times M as the win...

Embodiment 3

[0130] Such as image 3 As shown, the embodiment of the present invention provides a third CC attack detection method, including:

[0131] Step S301: Count all the site URLs of the server that can be requested resources, divide them into dynamic sites and static sites according to different sites, classify URLs that request all static site pages into one category, and group URLs that request the same dynamic site page grouped together.

[0132] In order to facilitate understanding, the following takes the web application server of XX official website as an example, and uses the packet capture tool to capture and analyze the data packets of external access requests, and classify the URL addresses of the received request texts:

[0133] Among them, the homepage address is http: / / www.dbappsecurity.com.cn / index.aspx, and the dynamic page name is index.aspx is classified into one category; the specific product page is: http: / / www.dbappsecurity.com .cn / pro_main.aspx? id=XXXXXXXXX...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a CC attack detection method, device and electronic equipment, and relates to the technical field of network anomaly detection, wherein the CC attack detection method includes: setting the number of times window size and the single sliding distance of the number of times window; The window setting calculates the information entropy value of the number of times window at each sliding position in turn; if the information entropy value of any sliding position is less than the preset information entropy threshold, it is determined that a CC attack occurs at the sliding position of the number of times window. Through the number window model and information entropy algorithm, this method can discover network abnormalities faster and has stronger real-time detection capabilities; and this method uses the dimension of the number of request visits to define the sliding window, which can effectively avoid requests due to unit time. The difference in entropy value caused by different times makes the detection result more accurate.

Description

technical field [0001] The invention relates to the field of CC attack detection, in particular to a CC attack detection method, device, system and electronic equipment. Background technique [0002] CC (Challenge Collapsar) attack is an attack method against application layer WEB services. The purpose of CC attacks is to exhaust server resources and cause denial of service. [0003] The principle of CC attack is not complicated, it uses the weakness of the application layer to attack. Data queries with poor performance, poor program execution structure, and functions that consume resources in the website may all become the targets of CC attacks. For example, the search function of the forum needs to consume a lot of database query time and system resources. The attacker calls the search function frequently, so that the accumulation of query requests cannot be completed immediately, and resources cannot be released, resulting in too many database connection requests, data...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/26H04L1/18H04L29/08
CPCH04L1/187H04L43/16H04L63/1416H04L63/1425H04L63/1458H04L67/02
Inventor 张宁波范渊龙文洁莫金友
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com