Method and device for realizing DDOS user matching based on Trie tree

A user and user information technology, applied in the field of network security, to achieve high query efficiency, improve overall response time, and reduce unnecessary comparisons

Pending Publication Date: 2022-05-10
CHINA UNITECHS
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0016] In order to solve the above-mentioned problems in manual network fault location, the present invention provides a method and device for realizing DDOS user matching based on Trie tree. Based on Trie tree technology, user IP matching is performed on messages with a large amount of data to realize high-performance user data matching. Matching to improve data processing performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for realizing DDOS user matching based on Trie tree
  • Method and device for realizing DDOS user matching based on Trie tree
  • Method and device for realizing DDOS user matching based on Trie tree

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0061] The relevant configurations to realize the DDOS user matching of the Trie tree are as follows:

[0062] Target user A: the CIDR network segment information 172.16.1.0 / 24;

[0063] Target user B: the CIDR network segment information 172.16.2.0 / 24;

[0064] Target user C: the CIDR network segment information 172.16.0.0 / 16.

[0065] S01. Send the above configuration target user and the CIDR network segment information to the downstream detection system through the web management system, and the downstream system stores the information in the system after receiving the request information;

[0066] S02. After the detection system receives the user and CIDR network segment information, it generates a Trie tree structure for the information and places it in the memory. The generated Trie tree class is as follows figure 2 shown;

[0067] S03. The router sends the netflow message to the detection system. After receiving the netflow message, the system parses the netflow mes...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a device for realizing DDOS (Distributed Denial of Service) user matching based on a Trie tree, and the method comprises the following steps: a management system manually inputs user information and IP (Internet Protocol) address information corresponding to a user through a web interface; the management system synchronously issues the information to downstream detection equipment, after the detection system receives the information, an IP address is converted into binary data, an IP node is generated through a Trie tree algorithm, and meanwhile a binary Trie tree corresponding to id information is generated; the router sends the Netflow message to the DDOS detection system, decodes the data message and obtains destination IP address information; the DDOS detection system carries out matching according to the generated Trie tree, and after an address is matched, user information of a CIDR network segment to which the current message IP belongs is obtained; and the detection system sends the user information obtained through the Trie data algorithm to the downstream in a matching manner, and discards unmatched message data. According to the method and the device, user IP matching is carried out on a message with a large data volume based on a Trie tree technology, high-performance user data matching is realized, and the data processing performance is improved.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method and device for realizing DDOS user matching based on a Trie tree. Background technique [0002] At present, the matching of ddos ​​attack target users is based on the matching of the destination IP. If the user contains many IPs, it is based on the form of CIDR. At this stage, the matching is based on the splitting of the IP and storing it with the data in the database. In comparison, the matching efficiency gradually decreases with the increase of data, and the service performance is severely degraded. [0003] In the existing ddos ​​attack detection, it is necessary to prefabricate the user’s IP in CIDR format and synchronize it to the detection system. Most of the user’s IP is based on the mask form. After receiving the user’s IP, the detection system will analyze the user’s IP segment , store the split IP in the database, analyze the destination IP after the system r...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/40G06F16/2453G06F16/22
CPCH04L63/1458G06F16/2246G06F16/2453Y02D30/50
Inventor 王磊
Owner CHINA UNITECHS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap