Detection and mitigation of DDoS attacks performed through QUIC communication protocol

A speed and flow technology, applied in the field of denial of service and distributed denial of service attacks, can solve problems such as complexity, less development of QUIC connection technology, high risk of computer and server network attacks, etc.

Pending Publication Date: 2022-07-29
拉德沃有限公司
View PDF1 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, security solutions through QUIC, especially attack detection and mitigation, are more complex and more challenging to implement than solutions based on TCP traffic
[0009] Additionally, due to the relative evolution of the protocol, techniques for identifying, characterizing, and mitigating attacks on QUIC connections are less developed and not optimized
Therefore, computers and servers communicating via QUIC are at a higher risk of cyberattack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detection and mitigation of DDoS attacks performed through QUIC communication protocol
  • Detection and mitigation of DDoS attacks performed through QUIC communication protocol
  • Detection and mitigation of DDoS attacks performed through QUIC communication protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] It is very important to note that the embodiments disclosed herein are only examples of the many advantageous uses of the innovative teachings herein. In general, statements made in the specification of this application do not necessarily limit any of the various claimed embodiments. Furthermore, some statements may apply to some inventive features but not to others. In general, unless otherwise indicated, elements in the singular may be in the plural, and vice versa, without loss of generality. In the drawings, the same reference numbers refer to the same parts throughout the several views.

[0021] figure 1 An example network diagram 100 is shown for describing various embodiments of detecting and mitigating DDoS network attacks performed over the QUIC communication protocol (hereinafter referred to as QUIC DDoS attacks).

[0022] exist figure 1 In this example, network 110 implements a connection between QUIC-enabled server 120 and protected entities 130 and 135....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method and system for preventing denial of service (DDoS) attacks based on fast UDP Internet Connection (QUIC). The system includes a traffic feature extracted from at least traffic directed to a protected entity, where the traffic feature represents a behavior of QUIC User Datagram Protocol (UDP) traffic directed to the protected entity, where the extracted traffic feature includes at least one rate-based feature and at least one rate-invariant feature, and wherein the at least traffic comprises a QUIC packet; calculating at least one baseline for each of the at least one rate-based feature and the at least one rate-invariant feature; and analyzing real-time samples of traffic directed to the protected entity to detect a deviation from each of the at least one calculated baseline, wherein the deviation is indicative of a detected QUIC DDoS attack; and performing at least one mitigation action when an indication of the detected QUIC DDoS attack is determined.

Description

[0001] CROSS-REFERENCE TO RELATED APPLICATIONS [0002] This application claims the benefit of currently pending US Patent Application No. 16 / 731,441, filed on December 31, 2019, which claims the benefit of US Provisional Application No. 62 / 906,432, filed September 26, 2019, The contents of both applications are incorporated herein by reference. technical field [0003] The present disclosure relates generally to network security, and in particular to detecting and mitigating Denial of Service (DoS) and Distributed Denial of Service (DoS) performed over the Quick UDP Internet Connection (QUIC) communication transport layer protocol of Service, DDoS) attacks. Background technique [0004] The Fast UDP Internet Connection (QUIC) protocol is an improved UDP-based Internet transport protocol. The QUIC protocol acts similarly to the Transmission Control Protocol (TCP) as a transport layer for connecting computers over the Internet. QUIC has several advantages over TCP, primari...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55
CPCH04L43/0894H04L63/1458H04L63/1408H04L63/166H04L63/1416H04L63/1425H04L43/16H04L43/062H04L43/067H04L43/0876H04L63/20
Inventor E·多伦D·阿维夫E·伦德施泰因L·梅德多夫斯基
Owner 拉德沃有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap