Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method of guarding network attack

A network attack and network equipment technology, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve the problems of resource occupation, source address spoofing attacks, crashes, etc., to achieve a low-occupancy, simple and efficient solution Effect

Inactive Publication Date: 2004-06-02
HUAWEI TECH CO LTD
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the current network access, there are a large number of source address spoofing attacks
The attacker sends a request to the server by forging the source address of other users on the network, occupying a lot of server resources. If the server responds to the request, it will send a response message to the actual user of the source address, and the response message occupies a large amount of the server. The resources of the actual user of the source address. In severe cases, the server and the actual user of the source address will not be able to respond to other requests, or even crash
[0004] In view of the problems existing in the above-mentioned prior art, if the first network access control method is adopted, the access control rules cannot be detected because the access control rules are not dynamic, and the configuration of the rules can only target known illegal and legal packets. Unknown packets forged as legal source addresses
If the second network access control method based on traffic statistics is adopted, although it has the characteristics of dynamic statistics and can adapt to changes in attacks, the statistical method is complicated to implement, takes up more router resources, and still cannot fundamentally solve the forged source address The problem with conducting cyberattacks
Therefore, at present, there is no direct and effective solution to the network attack behavior of forging the source address

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of guarding network attack
  • Method of guarding network attack
  • Method of guarding network attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] Normally, after a network device router receives a message, it will look up the routing and forwarding table according to the destination address of the message. If it finds the outgoing interface of the router corresponding to the destination address, it will forward the message through the corresponding interface. If the destination address is the router itself, the message is handed over to the upper layer to continue processing. The routing and forwarding table in the router includes information about the correspondence between network addresses and interfaces. The routing and forwarding table can be generated for user configuration or automatically learned by the router. . In combination with the above-mentioned state of the art, the specific implementation of the method for preventing network attacks according to the present invention is as follows, see figure 1 :

[0024] Step 1: The router receives an IP message, and the message carries the message's source address...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This invention relates to a method for preventing network from attack includes firstly, setting network address and interface information correspondent relationship list in network equipment, namely, network addresses of other network equipment connected with the said network equipment interface and applied interface information correspondent relation list of other network equipment connected on the said network; the route transferred list can be used in a router then the network equipment looks for the said correspondent relationship list according to the original address of the received message and makes judgment in terms of the result it is fake to determine the addressability of the message.

Description

Technical field [0001] The invention relates to a network access control technology, in particular to a method for preventing network attacks. Background technique [0002] At present, there are two ways to implement network access control: a network access control method is to define a series of access control rules, the access control rules include control rules based on network addresses, etc. The rules specify which packets can pass , Which packets cannot pass, so that when the packets enter the router, they will match these rules, the packets that do not meet the rules are discarded, and the packets that meet the rules can continue to be transmitted; the other is based on An access control method for traffic statistics. This method can count traffic according to certain characteristics of packets. If the traffic of packets with corresponding characteristics exceeds a specified value, the router can restrict the traffic of this type of packet or refuse to receive this type of...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/00H04L12/24
Inventor 胡宇驰周雯
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com