CN101312465A - Abnormal packet access point discovering method and device - Google Patents
Abnormal packet access point discovering method and device Download PDFInfo
- Publication number
- CN101312465A CN101312465A CNA2007101072651A CN200710107265A CN101312465A CN 101312465 A CN101312465 A CN 101312465A CN A2007101072651 A CNA2007101072651 A CN A2007101072651A CN 200710107265 A CN200710107265 A CN 200710107265A CN 101312465 A CN101312465 A CN 101312465A
- Authority
- CN
- China
- Prior art keywords
- network equipment
- mac address
- access point
- exception message
- physical connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for searching abnormal message access points, which can search the access point of an abnormal message in a network. The method comprises: calculating the physical connection relation between the network devices; according to the physical connection relation, checking if the port of a network device learning the abnormal message MAC address has a connected network device; when the port of the network device has a connected network device, adopting the network device as the network device learning abnormal message MAC address for following check; adopting the network device whose port is not connected with network devices as an abnormal message access point. The invention adopts the physical connection relation between the network devices and the MAC address of the abnormal message to make users easily search the access point of the abnormal message in a network, thereby discovering attack immediately.
Description
Technical field
The present invention relates to network communications technology field, particularly relate to a kind of discover method and device of abnormal packet access point.
Background technology
Current along with the popularizing of computer network, increasing people is enjoying the facility that network brings.But the network security problem that causes owing to network opening also more and more becomes the focus of concern simultaneously.Wooden horse, virus, worm or long-range attack etc. are light then to bring inconvenience in the use to the user, heavy then cause losing or the loss of property of data.At these network security problems, prior art has proposed technology such as enciphering and deciphering algorithm, intrusion detection, firewall technology.For a network manager, he need find the abnormal conditions in the network timely, the early detection that attack to occur it, after attack causes damage, in time remedy.Therefore when exception message occurring, the function of orienting the access point of message in network just seems particularly important, has only oriented the access point of exception message, further the subsequent act of blocking-up exception message.As shown in Figure 1, be the networking diagram of prior art network management system, in network, occur in the exception message that the network manager wishes the port that can the very fast equipment that navigates to 5 be connected with the assailant, and then blocking-up is attacked.Yet being used for stoping before attack enters network, attacks firewall technology; Intrusion detection is used for finding invasion after invasion enters network; Encryption and decryption technology is used to protect the confidentiality that guarantees data; These technology all do not provide the function of the access point of location exception message.
The available technology adopting network equipment sends the mode of alarm to Network Management Station, the network manager can know very soon that according to alarm which equipment has occurred unusually, and the network manager checks the state of equipment again or judges which the port access of message from which platform equipment according to warning information.
The shortcoming of prior art is to determine directly exception message at which platform equipment inserts, and needs the user to judge according to networking diagram and warning information, and early stage what attack, when equipment does not find that message is unusual, can't detect unusual.And to the bad control of the supervision of exception message, be easy to normal message has been treated as exception message, sent a large amount of useless alarms, perhaps do not monitor exception message and ignored the alarm of real exception message.
Summary of the invention
The problem to be solved in the present invention provides a kind of discover method and device of abnormal packet access point, when exception message occurring, the function of searching the access point of exception message in network is provided for the network manager, navigate to the access point of message in network, thereby make the network manager can carry out next step action, as the port of blocking-up exception message access.
For achieving the above object, the technical scheme of the embodiment of the invention proposes a kind of discover method of abnormal packet access point, is used for searching the access point of exception message at network, may further comprise the steps the physical connection relation between the computing network equipment; According to described physical connection relation, check whether the current a certain port of learning the network equipment of described exception message MAC Address exists the continuous network equipment; If there is the network equipment that links to each other in the port of the described network equipment, then the network equipment with this port opposite end arrives the network equipment of exception message MAC Address as study current to be checked, and returns previous step; Do not have the continuous network equipment up to the port that finds a certain network equipment, then this network equipment is exactly an abnormal packet access point.
Wherein, the relation of the physical connection between the described computing network equipment specifically comprises: utilize the IP source address of forging a certain network equipment to the mode that other network equipments send the PING message described network equipment MAC Address fully to be learnt mutually; Physical connection relation after the described network equipment is fully learnt mutually between the computing network equipment, the other side's the MAC Address if the interface of the described network equipment has been learnt from each other, and there is not common factor in the described MAC Address of learning, then judges between the interface of the described network equipment to have the physics annexation.
Wherein, described check whether the current a certain port of learning the network equipment of described exception message MAC Address exists the continuous network equipment before, further comprising the steps of: is the exception message MAC Address according to the ARP information on the described network equipment with exception message IP address transition.
Wherein, the described network equipment of learning the exception message MAC Address specifically comprises, shows the described network equipment of learning the exception message MAC Address that finds according to the qBridge in the management information bank mib information.
Wherein, describedly judge that whether the network equipment is learnt described exception message MAC Address and specifically comprised, judges according to the device history information of the storage in the local data base whether the network equipment learns described exception message MAC Address.
The technical scheme of the embodiment of the invention also proposes a kind of discovery device of abnormal packet access point, be used for searching the access point of exception message at network, comprise that physical connection concerns that computing module and access point search module, described physical connection concerns that computing module is used for the physical connection relation between the computing network equipment; Described access point is searched module and is used for concerning the physical connection relation that computing module calculates according to described physical connection, check whether the current a certain port of learning the network equipment of described exception message MAC Address exists the continuous network equipment, if there is the network equipment that links to each other in the port of the described network equipment, then the network equipment of this port opposite end is arrived the network equipment of exception message MAC Address as study current to be checked, do not have the continuous network equipment up to the port that finds a certain network equipment, then this network equipment is exactly an abnormal packet access point.
Wherein, described physical connection concerns that computing module comprises that abundant study submodule and physical connection concern calculating sub module, described abundant study submodule is used to utilize the IP source address of forging a certain network equipment to the mode that other network equipments send the PING message described network equipment MAC Address fully to be learnt mutually; Described physical connection concerns calculating sub module, be used for the relation of the physical connection between the computing network equipment after described abundant study submodule is fully learnt, the other side's the MAC Address if the interface of the described network equipment has been learnt from each other, and there is not common factor in the described MAC Address of learning, then has annexation between the interface of the described network equipment.
Wherein, also comprise the IP address conversion module, being used for according to the ARP information on the described network equipment is the exception message MAC Address with exception message IP address transition.
Wherein, described access point is searched module and is comprised that study judges that submodule and corresponding device search submodule, and submodule is judged in described study, is used to judge whether the network equipment learns described exception message MAC Address; Described corresponding device is searched submodule, be used for after described study judges that submodule finds out the network equipment of learning described MAC Address, whether the port of judging the described network equipment exists the continuous network equipment, if there is the network equipment that links to each other, then the network equipment of this port opposite end is arrived the network equipment of exception message MAC Address as study current to be checked, do not have the continuous network equipment up to the port that finds a certain network equipment, then this network equipment is exactly an abnormal packet access point.
The technical scheme of the embodiment of the invention also proposes a kind of computer program, comprises that some instructions are in order to carry out the discover method of above-mentioned abnormal packet access point.
The technical scheme of the embodiment of the invention also proposes a kind of storage medium, the above-mentioned computer program of storage claim.
The technical scheme of the embodiment of the invention also proposes a kind of computer equipment, comprises in order to the software of the discover method of carrying out above-mentioned abnormal packet access point and the hardware that cooperates with software.
The embodiment of the invention makes the user can very directly utilize this scheme to find the access point of exception message in network by the MAC Address of relation of the physical connection between the network equipment and exception message, thereby the attack of blocking-up message, in time find to attack at the attack initial stage, after attack causes damage, in time carry out remedial measure.
Description of drawings
Fig. 1 is the networking diagram of prior art network management system;
Fig. 2 is the structure chart of the discovery device of embodiment of the invention abnormal packet access point;
Fig. 3 is the flow chart of the discover method of embodiment of the invention abnormal packet access point.
Embodiment
Below in conjunction with drawings and Examples, the specific embodiment of the present invention is described in further detail:
As shown in Figure 2, be the structure chart of the discovery device of embodiment of the invention abnormal packet access point.
The discovery device 1 of this abnormal packet access point is used for searching the access point of exception message at network, promptly in network, search the source of this exception message, comprise that physical connection concerns that computing module 11 and access point search module 12, physical connection concerns that computing module 11 is used for the physical connection relation between the computing network equipment; Access point is searched module 12 and is used for concerning the physical connection relation that computing module 11 calculates according to physical connection, check current a certain described exception message MAC (the Media Access Control that learns, medium access control) whether the port of the network equipment of address exists the continuous network equipment, if there is the network equipment that links to each other in the port of this network equipment, illustrate that then this network equipment is not the outermost network equipment, therefore the network equipment of this port opposite end is arrived the network equipment of exception message MAC Address as study current to be checked, do not have the continuous network equipment up to the port that finds a certain network equipment, then this network equipment is exactly an abnormal packet access point.
Wherein, physical connection concerns that computing module 11 comprises that abundant study submodule 111 and physical connection concern calculating sub module 112, fully study submodule 111 is used to utilize the IP source address of forging a certain network equipment to the mode that other network equipments send the PING message network equipment MAC Address fully to be learnt mutually; Such as want to allow physically direct-connected A, two equipment of B are learnt the other side's MAC Address mutually, only need remove PING B equipment in the IP address of webmaster side forgery A equipment, and B equipment will be replied to A equipment, thereby A equipment is just learnt the MAC Address of B equipment, and vice versa; Physical connection concerns calculating sub module 112, be used for the physical connection relation between the computing network equipment after fully study submodule 111 is fully learnt, the other side's the MAC Address if the interface of the described network equipment has been learnt from each other, and there is not common factor in the described MAC Address of learning, then has annexation between the interface of the described network equipment.Wherein concern according to the physical connection between the principle computing network equipment of Bell Laboratory, this rule is specially: the other side's the MAC Address if the interface of the network equipment has been learnt from each other, and there is not common factor in the described MAC Address of learning, then there is annexation between the interface of the network equipment, the port 2 of the port one of network equipment A and network equipment B for example, all learn the other side's MAC Address, and there is not common factor in the MAC Address of learning, and there is annexation in the port 2 of the port one of network equipment A and network equipment B so.
Wherein, also comprise IP address conversion module 13, be used for (AddressResolution Protocol according to the ARP on the network equipment, address resolution protocol) information is the exception message MAC Address with exception message IP address transition, if network manager's input is the IP address of exception message or the IP address that the network manager can only obtain exception message, should be the Network Access Point of searching this exception message after the MAC Address with the IP address transition then.Wherein, ARP a kind ofly becomes the agreement of physical address with the IP address spaces, and secondary IP address is to the dual mode that is mapped with of physical address: forms mode and non-forms mode.ARP is exactly to be the datalink layer connection MAC Address of (the MAC layer just is equivalent to the second layer of OSI) with network layer (the IP layer just is equivalent to the 3rd layer of OSI) IP address resolution particularly.
Wherein, access point is searched module 12 and is comprised that study judges that submodule 121 and corresponding device search submodule 122, and study judges that submodule 121 is used to judge whether the network equipment learns described exception message MAC Address; Corresponding device is searched submodule 122 and is used for after study judges that submodule finds out the network equipment of learning the exception message MAC Address, whether the port of judging the network equipment that this learns the exception message MAC Address exists the continuous network equipment, if there is the network equipment that links to each other, then the network equipment of this port opposite end is arrived the network equipment of exception message MAC Address as study current to be checked, do not have the continuous network equipment up to the port that finds a certain network equipment, then this network equipment is exactly an abnormal packet access point.
As shown in Figure 3, be the flow chart of the discover method of embodiment of the invention abnormal packet access point, more when the network equipment, form when complicated, when Network Management Station was received exception message, the all-network equipment of this exception message process can both be learnt the MAC Address of this exception message.This embodiment may further comprise the steps:
Step S301, Network Management Station makes all-network equipment fully learn the other side's MAC Address mutually, fully could carry out the calculating of the physical connection relation between the network equipment according to the Bell Laboratory principle under the situation of study the other side's MAC Address mutually at all-network equipment.The embodiment of the invention has proposed a kind of mutually fully method of study MAC Address of the network equipment that makes, and the PING message that sends cook source address by Network Management Station makes between the network equipment can learn the other side's MAC Address fully.Send the PING message of fake equipment A IP source address to equipment B as Network Management Station, equipment B is received after the PING message of forgery, can send it back to device A and answer the PING message, device A has been received the message from equipment B like this, has learnt the MAC Address of equipment B.
Step S302, after the network equipment was fully learnt MAC Address mutually, Network Management Station was carried out the calculating of the physical connection relation between the network equipment according to the Bell Laboratory principle, obtains two etale topology result of calculations.The other side's the MAC Address if the interface that this Bell Laboratory principle is specially the network equipment has been learnt from each other, and there is not common factor in the described MAC Address of learning, then has annexation between the interface of the network equipment.
Step S303 searches the network equipment of the MAC Address of learning this exception message according to the MAC Address of the exception message of network manager input.
Judge according to the mib information of equipment whether the network equipment learns the MAC Address of exception message, and the all-network equipment of this exception message process can both be learnt the MAC Address of this exception message.Networking diagram for example shown in Figure 1, equipment 5 are attacked the back and are sent exception message by equipment 2 and equipment 1 to Network Management Station, and then equipment 2 and equipment 1 can both be learnt the MAC Address of this exception message.
The invention process has proposed also a kind ofly to show to judge by the qBridge in the mib information of access means whether the network equipment learns the method for exception message MAC Address that this method can just often be used at network.QBridge table record in the mib information MAC Address of port study, can judgment device whether learn the MAC Address of appointment by reading the qBridge table.But often in network, exist in the exception message in practice, this network is owing under attackly be absorbed in disabled state, therefore the embodiment of the invention also proposes a kind of method of searching abnormal packet access point when network is unavailable by the device history information of the storage in the local data base, is specially according to the device history information of the storage in the local data base and judges whether the network equipment learns the MAC Address of exception message.
Step S304, according to the physical connection relation that calculates, whether the study that determining step S303 finds has two etale topology links to the port of this exception message MAC Address network equipment, judges promptly whether this network equipment that finds is the outermost network equipment.Do not have two etale topology links if learn the port of the network equipment of exception message MAC Address, illustrate that then this network equipment is exactly the outermost network equipment, that is to say that this network equipment is exactly the access point of exception message.If learn the port of the network equipment of exception message MAC Address two etale topology links are arranged, that is to say that still there is the continuous network equipment this port opposite end, learning principle according to MAC Address, illustrate that then this network equipment is not the outermost network equipment, should continue outwards to seek the outermost network equipment along the physical connection relation of this network equipment, should return step S303 and S304 this moment and continue to check that the next one learns the network equipment of this exception message MAC Address, up to finding the nearest network equipment of the normal message of divorce, just outermost equipment, this equipment are exactly the access point of exception message.
Certainly can handle like this for step S303, find out the network equipment that all learn this exception message MAC Address earlier, then execution in step S304.In a word, total principle be exactly to check successively that according to the principle of step S304 all learn the network equipment of this exception message MAC Address, up to finding from abnormal packet access point just outermost equipment.Need to prove, above-mentioned abnormal packet access point refers to such an extent that be the network equipment that exception message arrives at first, this message may also may be that only first arrives this network equipment from other networks from the terminal that directly links to each other with this network equipment.
The embodiment of the invention makes the user can very directly utilize this scheme to find the access point of exception message in network by the MAC Address of relation of the physical connection between the network equipment and exception message, thereby the attack of blocking-up message, in time find to attack at the attack initial stage, after attack causes damage, in time carry out remedial measure.
Through the above description of the embodiments, those skilled in the art can be well understood to the present invention and can realize by the mode that software adds essential general hardware platform, can certainly pass through hardware, but the former is better execution mode under a lot of situation.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words can embody with the form of software product, this computer software product is stored in the storage medium, comprise that some instructions are with so that a computer equipment (can be a personal computer, server, the perhaps network equipment etc.) carry out the described method of each embodiment of the present invention.
The above only is a preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (12)
1, a kind of discover method of abnormal packet access point is used for searching the access point of exception message at network, it is characterized in that, may further comprise the steps:
Physical connection relation between the computing network equipment;
According to described physical connection relation, check whether the current a certain port of learning the network equipment of described exception message MAC Address exists the continuous network equipment;
If there is the network equipment that links to each other in the port of the described network equipment, then the network equipment with this port opposite end arrives the network equipment of exception message MAC Address as study current to be checked, and returns previous step;
Do not have the continuous network equipment up to the port that finds a certain network equipment, then this network equipment is exactly an abnormal packet access point.
2, the discover method of abnormal packet access point according to claim 1 is characterized in that, the physical connection relation between the described computing network equipment specifically comprises:
Utilize the IP source address of forging a certain network equipment described network equipment MAC Address fully to be learnt mutually to the mode that other network equipments send the PING message; Physical connection relation after the described network equipment is fully learnt mutually between the computing network equipment, the other side's the MAC Address if the interface of the described network equipment has been learnt from each other, and there is not common factor in the described MAC Address of learning, then judges between the interface of the described network equipment to have the physics annexation.
3, the discover method of abnormal packet access point according to claim 1 is characterized in that, described check whether the current a certain port of learning the network equipment of described exception message MAC Address exists the continuous network equipment before, further comprising the steps of:
Is the exception message MAC Address according to the ARP information on the described network equipment with exception message IP address transition.
4, the discover method of abnormal packet access point according to claim 1, it is characterized in that, the described network equipment of learning the exception message MAC Address specifically comprises, shows the described network equipment of learning the exception message MAC Address that finds according to the qBridge in the management information bank mib information.
5, the discover method of abnormal packet access point according to claim 1, it is characterized in that, the described network equipment of learning the exception message MAC Address specifically comprises, according to the device history information searching of the storage in the local data base to the described network equipment of learning the exception message MAC Address.
6, a kind of discovery device of abnormal packet access point is used for searching the access point of exception message at network, it is characterized in that, comprises that physical connection concerns that computing module and access point search module,
Described physical connection concerns that computing module is used for the physical connection relation between the computing network equipment;
Described access point is searched module and is used for concerning the physical connection relation that computing module calculates according to described physical connection, check whether the current a certain port of learning the network equipment of described exception message MAC Address exists the continuous network equipment, if there is the network equipment that links to each other in the port of the described network equipment, then the network equipment of this port opposite end is arrived the network equipment of exception message MAC Address as study current to be checked, do not have the continuous network equipment up to the port that finds a certain network equipment, then this network equipment is exactly an abnormal packet access point.
7, as the discovery device of abnormal packet access point as described in the claim 6, it is characterized in that described physical connection concerns that computing module comprises that abundant study submodule and physical connection concern calculating sub module,
Described abundant study submodule is used to utilize the IP source address of forging a certain network equipment to the mode that other network equipments send the PING message described network equipment MAC Address fully to be learnt mutually;
Described physical connection concerns calculating sub module, be used for the relation of the physical connection between the computing network equipment after described abundant study submodule is fully learnt, the other side's the MAC Address if the interface of the described network equipment has been learnt from each other, and there is not common factor in the described MAC Address of learning, then has annexation between the interface of the described network equipment.
8, as the discovery device of abnormal packet access point as described in the claim 6, it is characterized in that also comprise the IP address conversion module, being used for according to the ARP information on the described network equipment is the exception message MAC Address with exception message IP address transition.
As the discovery device of abnormal packet access point as described in the claim 6, it is characterized in that 9, described access point is searched module and comprised that study judges that submodule and corresponding device search submodule,
Submodule is judged in described study, is used to judge whether the network equipment learns described exception message MAC Address;
Described corresponding device is searched submodule, be used for after described study judges that submodule finds out the network equipment of learning described MAC Address, whether the port of judging the described network equipment exists the continuous network equipment, if there is the network equipment that links to each other, then the network equipment of this port opposite end is arrived the network equipment of exception message MAC Address as study current to be checked, do not have the continuous network equipment up to the port that finds a certain network equipment, then this network equipment is exactly an abnormal packet access point.
10, a kind of computer program is characterized in that, comprises that some instructions are in order to carry out the discover method of the described abnormal packet access point of aforementioned claim 1-5.
11, a kind of storage medium is characterized in that, the described computer program of storage claim 10.
12, a kind of computer equipment is characterized in that, comprises in order to the software of the discover method of carrying out the described abnormal packet access point of aforementioned claim 1-5 and the hardware that cooperates with software.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101072651A CN101312465B (en) | 2007-05-25 | 2007-05-25 | Abnormal packet access point discovering method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101072651A CN101312465B (en) | 2007-05-25 | 2007-05-25 | Abnormal packet access point discovering method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101312465A true CN101312465A (en) | 2008-11-26 |
| CN101312465B CN101312465B (en) | 2012-01-04 |
Family
ID=40100883
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101072651A Expired - Fee Related CN101312465B (en) | 2007-05-25 | 2007-05-25 | Abnormal packet access point discovering method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101312465B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105407112A (en) * | 2014-08-19 | 2016-03-16 | 中兴通讯股份有限公司 | Equipment capability learning method, device and system |
| CN107948125A (en) * | 2016-10-13 | 2018-04-20 | 腾讯科技(深圳)有限公司 | A kind of processing method and processing device of network attack |
| CN112904758A (en) * | 2021-01-14 | 2021-06-04 | 北京经纬恒润科技股份有限公司 | Data return link state monitoring method and system based on unmanned vehicle |
-
2007
- 2007-05-25 CN CN2007101072651A patent/CN101312465B/en not_active Expired - Fee Related
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105407112A (en) * | 2014-08-19 | 2016-03-16 | 中兴通讯股份有限公司 | Equipment capability learning method, device and system |
| CN105407112B (en) * | 2014-08-19 | 2020-06-05 | 中兴通讯股份有限公司 | Equipment capability learning method, device and system |
| CN107948125A (en) * | 2016-10-13 | 2018-04-20 | 腾讯科技(深圳)有限公司 | A kind of processing method and processing device of network attack |
| CN112904758A (en) * | 2021-01-14 | 2021-06-04 | 北京经纬恒润科技股份有限公司 | Data return link state monitoring method and system based on unmanned vehicle |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101312465B (en) | 2012-01-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Schiller et al. | Landscape of IoT security | |
| US10681079B2 (en) | Method for mitigation of cyber attacks on industrial control systems | |
| Dao et al. | Securing heterogeneous IoT with intelligent DDoS attack behavior learning | |
| CN104967609B (en) | Intranet exploitation server access method, apparatus and system | |
| CN114145004B (en) | System and method for using DNS messages to selectively collect computer forensic data | |
| US20070101422A1 (en) | Automated network blocking method and system | |
| Chang et al. | Deciduous: Decentralized source identification for network-based intrusions | |
| US10462134B2 (en) | Network device removal for access control and information security | |
| US10484380B2 (en) | Untrusted network device identification and removal for access control and information security | |
| Damghani et al. | Classification of attacks on IoT | |
| US10972470B2 (en) | Network device isolation for access control and information security | |
| KR101996471B1 (en) | Network Securing Device and Securing method Using The Same | |
| Han et al. | A proposed security scheme against Denial of Service attacks in cluster‐based wireless sensor networks | |
| CN113765846B (en) | Intelligent detection and response method and device for network abnormal behaviors and electronic equipment | |
| Joëlle et al. | Strategies for detecting and mitigating DDoS attacks in SDN: A survey | |
| CN101312465B (en) | Abnormal packet access point discovering method and device | |
| Salim et al. | Preventing ARP spoofing attacks through gratuitous decision packet | |
| CN114915536A (en) | Network architecture based on SDP component and terminal equipment safety protection method facing novel network | |
| Patel et al. | An intelligent collaborative intrusion detection and prevention system for smart grid environments | |
| Murugesan et al. | Design and analysis of hybrid single packet IP traceback scheme | |
| Subburaj et al. | Discover Crypto-Jacker from Blockchain Using AFS Method | |
| Hamdani et al. | Detection of DDOS attacks in cloud computing environment | |
| VARSHOUEI et al. | Ontological classification of network denial of service attacks: basis for a unified detection framework | |
| Rodas et al. | A reliable and scalable classification-based hybrid ips | |
| US20100157806A1 (en) | Method for processing data packet load balancing and network equipment thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou science and Technology Industrial Park, high tech Industrial Development Zone, Zhejiang Province, No. six and road, No. 310 Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120104 Termination date: 20200525 |