Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An anti-large-scale ddos ​​attack defense system and defense method based on the continuous linkage mode of cloud + terminal equipment

A defense system and terminal equipment technology, applied in transmission systems, electrical components, etc., can solve problems such as brand influence, business semi-paralysis, and inability to carry out normal services for online businesses, achieving comprehensive defense against DDoS attacks and good cleaning effects.

Active Publication Date: 2020-11-27
ANHUI ZHONGXIN SOFTWARE
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 1. Single local defense: Due to the limitation of user access bandwidth and defense cost, when attacked by hundreds of megabytes, the network bandwidth of most users can be unbearable, and hackers can easily launch attacks to fill up user exits in a short time Bandwidth, resulting in network exit or local network congestion, online business can not carry out normal services;
[0005] 2. Defense against a single cloud service provider: cloud cleaning service solves the problem of heavy traffic DDoS attack users, but cloud cleaning service is essentially due to the fact that service providers providing cleaning services use a set of defense equipment to provide common DDoS defense services for all users , it is impossible to tailor strategies and defense mechanisms for each user's business type, characteristics, attack type, etc., and there will still be situations where the service is often unavailable or the business is half-paralyzed, eventually resulting in either a large number of false seals or fundamental indefensible effect;
[0006] 3. Single IDC defense: The IDC computer room provides infrastructure for users, and solves some large-traffic DDoS attacks on the egress border. In the case of traffic, IPs are usually blocked in conjunction with the operation end. At the same time, IDCs use a set of defense equipment to provide common DDoS defense services for all users. The joint impact of policies between users may lead to a large number of blocking. Cause the user's business to be abnormal
[0007] Almost all financial companies, online games, Internet / Internet+, government online business platforms, etc., even the websites of schools and public welfare organizations are not immune to the threat of DDOS attacks, followed by complaints, legal disputes, business A series of problems, such as losses, have greatly affected the normal business activities of the company, and the inability to carry out business has brought a huge impact on the brand, not to mention, and even caused the company to close down.
Due to the obvious shortcomings of traditional solutions, it is difficult to provide users with a perfect anti-D solution. Therefore, solving the problem of DDoS attacks has become a top priority for online business service providers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An anti-large-scale ddos ​​attack defense system and defense method based on the continuous linkage mode of cloud + terminal equipment
  • An anti-large-scale ddos ​​attack defense system and defense method based on the continuous linkage mode of cloud + terminal equipment
  • An anti-large-scale ddos ​​attack defense system and defense method based on the continuous linkage mode of cloud + terminal equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042]In order to make the technical means, creative features, goals and effects achieved by the present invention easy to understand, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the The described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0043] Such as figure 1 An anti-large-scale DDoS attack defense system based on the continuous linkage mode of cloud + terminal equipment is shown, including the cloud platform defense system and the local terminal defense system;

[0044] The cloud platform defense system includes a cloud dispatching center, a cloud cleaning node, and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of network cloud safety protection and specifically relates to an anti-large-scale DDoS attack defense system based on cloud + end device continuous linkage mode, which comprises a cloud platform defense system and a local end defense system. The cloud platform defense system comprises a cloud scheduling center, a cloud cleaning node, a DNS near-sourceresolution server. Compared with the single local hardware end device defense, the system in the invention can use the advantages of large-capacity cleaning capability of the cloud distributed cleaning nodes and break through the anti-D defense bottle neck of local bandwidth limit; compared with the single continuous access cloud defense, cloud node distributed cleaning and secondary fine filtering of the local end defense system can be used to achieve more comprehensive DDoS attack defense and better cleaning effect; compared with the single continuous access cloud defense, the system and themethod in the invention convert the data between the cloud cleaning node device and the local end defense system based on four-layer protocol port processing and based on a seven-layer protocol proxyprocessing mode, which is more rapid.

Description

technical field [0001] The invention relates to the technical field of network cloud security protection, in particular to a large-scale DDoS attack defense system and defense method based on a continuous linkage mode of cloud + terminal equipment. Background technique [0002] With the continuous expansion of Internet bandwidth, the rapid development of the Internet of Things and the rapid popularization of IOT (Internet of Things) devices, the Internet of Everything era brings convenience to everyone and creates extremely favorable conditions for DDoS attacks. Recently, incidents of reflective DDOS attacks using Memcached servers have shown a sharp increase. According to the latest findings from CNCERT, as of Q1 2018, the recorded real attack traffic has reached 1.98Tb. Frequent DDoS attacks of several gigabytes can cause most government The network bandwidth of enterprise users is congested and services are paralyzed. At the same time, various DDoS attack tools are flood...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0218H04L63/0236H04L63/1408H04L63/1458H04L67/025H04L67/1004H04L67/1097
Inventor 朱静轩祝鹏孟彦
Owner ANHUI ZHONGXIN SOFTWARE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products