49 results about "Ddos defense" patented technology

The invention discloses a DDOS attack defense system and a method for a streaming media server application layer, the attack defense system is used for defending against DoS and DDoS attacks of a streaming media server system; the streaming media server system comprises a server host and at least one client; and the defense system is connected with the server host and the client. The attack defense system comprises at least one streaming media service proxy module and a control central module. The streaming media service proxy module is responsible for forwarding of streaming media control information and data information, collection of a variety of statistical information and final implementation of a defense decision; and the control central module is used for overall monitoring of the current state of the whole streaming media server system and emitting a command to a proxy for carrying out defense. The prospective study is based on various DDOS attacks of the streaming media RTSP, and a set of streaming media DDOS defense system based on a PROXY GROUP is designed, thereby effectively ensuring the safety of streaming media service on Internet without authorization.

The invention provides a method for achieving DDoS defense based on the technology of dynamic tunnels, and the method comprises the steps: an access terminal transmits a tunnel candidate request message to a service controller; the service controller feeds back a plurality of candidate tunnel gateways, which are arranged according to a preset priority rule, to the access terminal according to the property of the access terminal after the service controller receives the tunnel candidate request message; the access terminal selects one tunnel gateway from the plurality of received candidate tunnel gateways according to the sequence of the plurality of candidate tunnel gateways, and is connected with an access object through the tunnel gateway. The invention also provides a system for achieving DDoS defense based on the technology of dynamic tunnels, and the system comprises the access terminal, the service controller, a source controller, and a plurality of tunnel gateways. The method and system achieves the security defense against attack, can reduce the link redundancy, and guarantee the reliability of core business.

The invention discloses an extensible DDoS (Distributed Denial of Service) defense method and system, the method is applied to the DDoS defense system, the DDoS defense system comprises an access switch, a core switch and a cleaning server which are controlled by routing, and the method comprises the following steps: deploying SRv6 for the access switch and the core switch; and setting a compressed routing network segment of the SRv6, and configuring sid numbers and SRv6 table entries for a plurality of ports of the access switch and the core switch. According to another aspect of the invention, the invention also discloses the extensible DDoS defense method and system, which can compile sid numbers for corresponding interfaces through the SRv6 technology used by the core switch and the access switch so as to realize centralized control of all routes and reduce repeated workload when other defense devices are newly added.

The invention relates to a method for defending against DDos in an address disjunction mapping network, which belongs to the technical field of networks. In the method, a data packet access mechanism and a flow control mechanism for giving a token are included. The method provides the data packet access mechanism to defend against DDos attacks on an access router, launched by malicious nodes, thereby ensuring the safety of the network; and on such a basis, by designing the flow control mechanism based on the token in the address disjunction mapping network the purpose that a data source end can transmit data to a receiving end for fundamentally preventing the probability of the DDoS attacks only after obtaining the permission of the receiving end can be effectively ensured. According to a border router and the access router deployed in the method, the distributed denial of service (DDoS) attack can be effectively defended even though the network is in an environment of an asymmetric roundtrip path.

The invention discloses a Handle identification system-oriented DDoS defense method. The method comprises the following steps of: analyzing Handle analysis logs, mining characteristics of a query end through a method in a data mining technology, calculating deviation according to clustering and statistical results, taking the deviation as an index for detecting DDoS attacks, and carrying out multilayer speed-limiting processing on abnormal Handle query requests. The detection module and the processing module are respectively deployed on a sub-node server at a Handle client and a local Handle Service (LHS) access point, the detection of the distributed denial of service attack is realized on a Handle identification analysis system, and the security of the industrial internet identification analysis system is improved.

The invention discloses large-scale DDoS (Distributed Denial of Service) attack defense system and method based on a two-level linkage mechanism. The method comprises the following steps of: monitoring the flow of a total network by a flow monitoring subsystem in real time, and searching and confirming a DDoS attack behavior; sending an alarm message for triggering a cleaning operation to a flow cleaning subsystem, and guiding the abnormal flow of the DDoS attach behavior to the flow cleaning subsystem; receiving the abnormal flow guided by the flow monitoring subsystem by the flow cleaning subsystem, cleaning the abnormal flow according to the cleaning operation triggered by the alarm message, (wherein the flow cleaning subsystem adopts the two-level architecture of a backbone network plus a local network defense system, and the two levels of cleaning system work cooperatively and clean synchronously), and injecting the cleaned cleaning flow back to a target customer network. The large-scale DDoS attack defense system and method based on the two-level linkage mechanism solve the problems of cleaning capacity, cleaning precision, and the like existing in the traditional DDoS defense technology; and on the basis of reducing the deployment cost of service scale, the large-scale DDoS attach defense capability of the total network is greatly improved, and the cleaning precision ofthe attack flow is increased.

The invention relates to an anti-DDoS method and system based on user level shunting, and the method comprises the steps: obtaining the user level information of a player, and obtaining a domain name corresponding to the user level information in a domain name list; connecting a first gateway node according to a pointing IP of the domain name, and detecting the first gateway node regularly through a gateway detection server; under the condition that a heartbeat timeout signal of the first gateway node is received, selecting a second gateway node from the available gateway node pool to replace the first gateway node, and calling the DNS service to point the pointing IP of the domain name to the second gateway node. Through the application of the method and the device, the problem that the defense capability of related DDoS defense methods is lower due to the fact that available gateway nodes are exposed to the outside in related technologies is solved, and the attack duration and the attack difficulty of attackers are increased, so the defense capability of a DDoS defense system is improved.

The embodiment of the invention relates to the technical field of network security, and discloses a DDoS attack defense method, system, node and storage medium. The embodiment of the present invention first obtains the first data packet whose destination IP field is the first destination IP; obtains the packet loss action probability corresponding to the first destination IP; determines the data packet processing operation corresponding to the first data packet through the packet loss action probability ; sending the data packet processing operation to the forwarding node connected to the control node, so that the forwarding node uses the data packet processing operation to process the first data packet to defend against DDoS attacks. Obviously, the embodiment of the present invention realizes the traffic restriction behavior based on the destination IP by limiting the number of data packets sent to a specific destination IP, and can perform dynamic real-time traffic restriction on suspicious traffic, thereby improving the DDoS defense behavior The accuracy solves the technical problem that the SDN control entity is difficult to deal with DDoS attacks.

The invention discloses a self-adaptively started ddos defense method based on a trust value in an SDN. The self-adaptively started ddos defense method comprises the following steps: a switch receives an unmatched packet, and sends a packet_in data packet to a controller; a counter is deployed in an SDN controller; the counter pre-sets a packet_in number value; when an arrival packet_in number is equal to a set value every time, the packet_in arrival rate in the time period is calculated; then, whether the packet_in arrival rate is abnormal or not is judged; the flow on the switch corresponding to packet_in is precisely detected by utilization of a reverse neural network classifier; a neural network, an intermediate layer of which is 50*50, is established; six characteristic values are calculated; training is carried out by taking the six characteristic values as input of the classifier; and, if the output value of the neural network is between 0.5 and 1, the fact that the flow is a ddos attack is determined. By means of the self-adaptively started ddos defense method and system based on the trust value in the SDN disclosed by the invention, the characteristics of the SDN, such as flow table information of a data layer and control of the controller in a control layer to the whole network, are sufficiently utilized; and thus, the ddos attack in the SDN can be effectively defensed.