CN101431449A - Network flux cleaning system - Google Patents
Network flux cleaning system Download PDFInfo
- Publication number
- CN101431449A CN101431449A CNA2008102260262A CN200810226026A CN101431449A CN 101431449 A CN101431449 A CN 101431449A CN A2008102260262 A CNA2008102260262 A CN A2008102260262A CN 200810226026 A CN200810226026 A CN 200810226026A CN 101431449 A CN101431449 A CN 101431449A
- Authority
- CN
- China
- Prior art keywords
- attack
- traffic
- flow cleaning
- abnormality detection
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides traffic rinsing system for monitoring and managing network traffic in network application environment comprising abnormal detection module, attack module and identifying module and traffic rinsing equipment. The abnormal detection module monitors the network traffic, creates strategy routing and transmits to designated router of network application environment once finding suspect network traffic; the designated router tows the suspect network traffic to traffic rinsing equipment; the traffic rinsing equipment mirrors the received suspect network traffic to attack detection and identifying module for identifying the attack traffic, and create ACL rule according to the related information of attack traffic, then transmits to traffic rinsing equipment; the rinsing equipment separates suspect traffic and normal traffic in the suspect network according to ACL rule. The invention adopts mechanism of separate decision-making and control so that the attack detection and identifying course as decision have huge agility.
Description
Technical field
The present invention relates to network flux cleaning system, particularly a kind of will the decision-making and the network flux cleaning system that is separated of control.
Background technology
The flow cleaning technology is that a kind of emerging in recent years abnormal flow detects control technology, and the monitoring of ddos attack (distributed denial of service attack) and network intrusions is had splendid effect.The principle of flow cleaning is after finding attack, adopt the mode of bgp route advertisement to change the flow routing direction, flow is drawn to specified node, handle redirect traffic with the abnormal flow filter plant then, to the abnormal flow in the redirect traffic filter, speed limit, and legitimate traffic is recycled in the network, thereby avoided ddos attack.
According to the above-mentioned principle of flow cleaning, corresponding flow cleaning system has been proposed, the flow cleaning center that proposes as Cisco System Co. in the prior art.The composition of flow cleaning center of Cisco and the application in network environment in Fig. 1, have been provided.As shown in the figure, the flow cleaning center of Cisco comprises ddos attack detector and flow cleaning equipment two parts, and wherein flow cleaning equipment also requires to dispose an attached router.To be called far-end router near the router in ddos attack source, will be called the near-end router near the router of target under fire, described flow cleaning center realizes that the step of flow cleaning comprises:
Step 1), ddos attack detector are found attack such as DDoS or are accused by the Shen of target of attack in monitoring in real time;
Step 2), the ddos attack detector is reported to the police and is activated flow cleaning equipment;
Step 3), flow cleaning equipment are at first adjusted the route of the packet that sends to target of attack in the network by bgp protocol (or other proprietary protocol), the destination address of these packets is converted to the attached router of flow cleaning equipment from the near-end router;
Step 4), be that the flow of target of attack is done the flow traction to purpose IP, the flow that is about to purpose IP and is target of attack is forwarded in the cleaning equipment via attached router, and other flow is then normally transmitted;
Step 5), flow cleaning equipment are from drawing identification and filtration attack traffic the resulting flow via flow;
The normal discharge that step 6), flow cleaning equipment will obtain after will cleaning sends back attached router, is recycled in the network and the normal arrival target (as passing through VPN) of transmitting by attached router.
More than be to the structure of the flow cleaning center of Cisco System Co. and the explanation of the course of work thereof, from above-mentioned explanation as can be seen, such flow cleaning system exists following deficiency:
A), flow cleaning system part in running has changed topology of networks (changing route as the mode by bgp route advertisement), this change is to configuration and having relatively high expectations of using, in case configuration and improper use will bring great influence to stability of network.
B), the re-injection more complicated of normal discharge after the flow cleaning.Be changed because arrive the route of purpose IP in the network, therefore can not be by clean traffic directly being transmitted back to the loopback that mode in the network realizes flow.The loopback flow adopts VRF or gre tunneling dual mode at present, gre tunneling data forwarding inefficiency, can not satisfy the needs of highspeed network applications, and the VRF realization is higher to equipment requirements, the network equipment (as couple in router) is proposed higher function and performance requirement, can not adapt to the present situation of network.
C), flow cleaning equipment will be made a strategic decision with control sets, cause systematic function lower.Related decision-making is meant between attack traffic and normal discharge and discerns among the application, and related control is meant separating of normal discharge and attack traffic.Flow cleaning equipment in the existing flow cleaning system need be done the decision-making operation to resulting all flows of flow traction on network layer and application layer, realize control again to flow, to finish two kinds simultaneously and operate that not only resource consumption is serious, and network delay is big, has influenced the lifting of system processing power.
D), the flow cleaning system too seals.Existing flow cleaning system only is only applicable to the router of a certain manufacturer oneself, and each intermodule in the system can not be supported the access of other cleaning equipments because adopted some proprietary protocols.Defective open and the standardization aspect can not adapt to carrier network devices originate diversified present situation and needs.Flow cleaning center with Cisco is an example, and the router in the earlier figures 1 comprises that far-end, near-end and attached router must adopt the associated router of Cisco just can finish the flow cleaning of network, and this has just limited the popularization and the use of flow cleaning system.
In the prior art, except the flow cleaning center of Cisco System Co., the flow cleaning system that also has other types, but these existing flow cleaning systems or similar with the product of Cisco System Co., perhaps realizing complete difference on the principle, the flow cleaning system that belongs to complete different structure and type can not overcome existing defective in the aforementioned flow cleaning system well.
Summary of the invention
The objective of the invention is to overcome existing flow cleaning system because the deficiency that realization brought that self structure and operation principle are cleaned to network traffics, thereby the flow cleaning equipment of a kind of efficient height, good stability is provided.
To achieve these goals, the invention provides a kind of flow cleaning system, be used for the network traffics of network application environment are carried out monitoring management, comprise abnormality detection module, attack detecting and identification module, and flow cleaning equipment; Wherein,
Described abnormality detection module is done monitoring to the network traffics in the described network application environment, to suspicious network traffic generation strategy route and send on the Designated Router in the described network application environment, described suspicious network traffic is drawn to described flow cleaning equipment by described Designated Router; Described flow cleaning equipment is mirrored to described attack detecting and identification module with received suspicious network traffic, identify attack traffic by this module, and generate acl rule according to the relevant information of described attack traffic, send to described flow cleaning equipment then; Described flow cleaning equipment is realized separating of normal discharge and attack traffic in the suspicious network traffic according to resulting acl rule.
In the technique scheme, described abnormality detection module comprises the abnormality detection server that is used for network traffics are carried out real-time analysis and early warning suspicious network traffic, and is used for the tactful routing manager according to the information generation strategy route of suspicious network traffic.
In the technique scheme, described abnormality detection server has defined the characteristics and the detection method of the unusual network traffics of certain class according to the detection of abnormality detection rule realization to suspicious network traffic in the described abnormality detection rule.
In the technique scheme, described abnormality detection module also comprises the abnormality detection rule base that is used to store described abnormality detection rule.
In the technique scheme, the router address that described tactful routing manager is operated as required, router interface information, router model and the RM of connection traffic cleaning equipment, tactful path establishing method and under fire target in interior relevant information generation strategy route.
In the technique scheme, described abnormality detection module also comprises the tactful routing information base that is used to store the needed information of the described tactful route of generation.
In the technique scheme, described attack detecting and identification module comprise attack detecting and identification engine, described attack detecting detects suspicious network traffic according to attack detecting and recognition rule with the identification engine, identify network attack wherein, attack source at network attack generates the acl rule that is used for the control attack traffic that the attack source produced on network then, and the acl rule that is generated is submitted to described flow cleaning equipment.
In the technique scheme, described attack detecting also generates described acl rule according to IP address white list and attack detecting and recognition rule with the identification engine.
In the technique scheme, described attack detecting and identification module also comprise the attack recognition rule storehouse that is used to store described attack detecting and recognition rule and/or IP address white list.
In the technique scheme, also comprise the service management module, described service management module is used for described abnormality detection module or attack detecting and identification module are comprised that the information additions and deletions change the management activity of operation, auto-update and Artificial Control.
In the technique scheme, described service management module is done the abnormality detection rule in the described abnormality detection rule base and is comprised the attended operation of additions and deletions in changing into, or described abnormality detection rule base is done auto-update.
In the technique scheme, described service management module is done the tactful routing iinformation in the described tactful routing information base and is comprised the operation of additions and deletions in changing into, or described tactful routing information base done auto-update, or under manually-operated pattern, realize the traction of network traffics.
In the technique scheme, described service management module is done the information in the described attack recognition rule storehouse and is comprised the operation of additions and deletions in changing into, or auto-update is done in described attack recognition rule storehouse.
The invention has the advantages that:
1, flow cleaning system's employing decision-making of the present invention and control mechanism of separate, make and have great flexibility as the attack detecting and the identifying of making a strategic decision, and have the real-time response ability, and can under the situation that does not increase network delay, promote the flow disposal ability greatly as the ACL control procedure of control.
2, flow cleaning of the present invention system does not change the network topology structure in the network of place when making flow cleaning, and the data flow re-injection is simple, and stability of network is good.
3, flow cleaning of the present invention system has adopted the various piece in the standard interface connected system, does not rely on a certain class router, allows operator freely to purchase standard compliant cleaning module, can significantly save system cost.
Description of drawings
Fig. 1 is the schematic diagram of flow cleaning of the prior art system;
Fig. 2 is the schematic diagram of flow cleaning system applies of the present invention in network application environment;
Fig. 3 is the structure chart of flow cleaning of the present invention system;
The operation that will finish between the ACL control interface of Fig. 4 for attack detecting and identification module and flow cleaning equipment.
Embodiment
Below in conjunction with the drawings and specific embodiments the present invention is illustrated.
In order to improve the flow cleaning efficient of whole flow cleaning system, the present invention is separated decision-making in the flow cleaning system and control, realizes decision-making and control by different devices.Be illustrated below in conjunction with the composition and the workflow thereof of concrete network application environment flow cleaning of the present invention system.
In Fig. 2, related network application environment and Fig. 1 are similar, same, will be called far-end router with the adjoining router in attack source, to be called the near-end router with the adjoining router of target of attack, this network application environment be done flow cleaning by flow cleaning of the present invention system.The flow cleaning system that is used for described network comprises abnormality detection module, attack detecting and identification module and flow cleaning equipment.Wherein, described abnormality detection module is monitored the network traffics in the network application environment, in case finding has suspicious flow, just the tactful route that is generated is sent on a certain Designated Router in the network, by this router suspicious traffic is drawn to flow cleaning equipment; Flow cleaning equipment is mirrored to described attack detecting and identification module with received suspicious traffic, discerns attack traffic by this module, and generates acl rule according to the relevant information of attack traffic, sends to described flow cleaning equipment then; Flow cleaning equipment is realized separating of normal discharge and attack traffic according to resulting acl rule.
More than be the basic composition structure and the workflow of flow cleaning of the present invention system, below the further composition of the various piece in the flow purging system done following explanation.
The abnormality detection module is used for the flow of network is done check and analysis, does the flow traction with wherein having unusual flow.Composition to the abnormality detection module in Fig. 3 illustrates that as can be seen from Figure, the abnormality detection module includes abnormality detection server (ADS), and tactful routing manager (RM).
Abnormality detection server (ADS) carries out real-time analysis to the network flow data that router provides, and sends early warning after the suspicious traffic of finding to include such as ddos attack, and tentatively determines the target of attack of suspicious traffic.Described ADS realizes by the abnormality detection rule the detection of abnormal flow.In an abnormality detection rule, defined the characteristics and the detection method of certain class abnormal flow, after the abnormality detection server finds the flow with corresponding characteristics according to described detection method, just can realize detection to such abnormal flow.The network flow data that ADS analyzed can be the various flow datas supported of main flow router in the market, as satisfies the flow data of agreements such as Netflow/JFlow/CFlow, thereby has wider applicability.ADS can detect and have doubtful ddos attack behavior on the network, but but can not accurately determine the existence of ddos attack, particularly normal discharge and attack traffic can not be distinguished, and has therefore in fact just played the effect of an early warning platform.
After abnormality detection server (ADS) is found to have the target of attack of suspicious traffic and preliminary definite this suspicious traffic on the network, drive described tactful routing manager (RM), generate corresponding tactful route and on corresponding router, carry out this strategy route by described tactful routing manager, thereby realize traction the network of relation flow.In existing flow cleaning system, be to realize to the traction of data traffic in the network, and in the present invention by the attached router in the flow cleaning equipment, then realize by the core router on the critical path of target of attack in the whole network application environment.Core router implementation strategy route implementing is to the traction of network traffics, and described tactful route has comprised the description to the operation that connects Designated Router, login, Provisioning Policy route, and it occurs with the form of script.Strategy routing manager (RM) needs could generate under certain information the script of described tactful route.Here related certain information comprises: the router address of needs operation, router interface information, router model and the RM of connection traffic cleaning equipment, tactful path establishing method etc.; Comprise the relevant information of target under fire in addition.Behind the aforesaid core router successful execution script, enter Designated Router and IP address on the network and handle for the IP bag of target under fire is drawn on the flow cleaning equipment.After abnormal flow disappeared and no longer occurs in a period of time, described RM also will generate the new cancellation script of Provisioning Policy route, used this script to finish the function that the aforementioned flow traction of cancellation is provided with.The mode of the application by implementation strategy route on core router realizes the traction to network traffics, only changed the route of core router inside, any change does not take place in the route of network self, do not increase other routers yet, thereby avoided the part of network topology structure is changed the problems of being brought.
Above-mentioned abnormality detection server (ADS) is the basic composition of abnormality detection module of the present invention with tactful routing manager (RM).Owing in abnormal flow detection and network draw, will use abnormality detection rule and tactful route respectively, therefore the abnormality detection module also can comprise the abnormality detection rule base (ADRDB) that is used to store the abnormality detection rule, and the tactful routing information base (RMDB) that is used to store the needed relevant information of generation strategy route.Wherein, be stored in abnormality detection rule in the abnormality detection rule base usually with the XML textual description.The needed relevant information of generation strategy route of being stored in the abnormality detection rule base comprises: the router address of needs operation, router interface information, router model and the RM of connection traffic cleaning equipment, tactful path establishing method etc.When information that described ADS or RM need be correlated with, can from above-mentioned abnormality detection rule base (ADRDB) or tactful routing information base (RMDB), extract.In order to reduce dependence to RMDB and ADRDB, minimizing is to both visit frequencys, all right each self-contained memory in described ADS and RM is stored in the described abnormality detection rule of part respectively in the described memory with the information relevant with tactful route.
The effect of attack detecting and identification module is the differentiation that realizes normal stream amount and attack traffic, and according to the information of attack source in the attack traffic, generation is used to control the acl rule of attack traffic.Wherein, described acl rule comprises IP five-tuple and specified action.The IP five-tuple comprises source IP, source port, purpose IP, destination interface, protocol type, and specified action mainly comprises obstruction and lets pass two kinds.According to the above-mentioned functions of attack detecting and identification module, this module also can be done further division, and as shown in Figure 3, it comprises attack detecting and identification engine (ADE).When the flow after the traction arrives flow cleaning equipment, flow cleaning equipment can be with received traffic mirroring to described ADE, by described ADE attack traffic is detected, identify network attack each time wherein, generate the acl rule that is used in the control attack traffic that the attack source produced on the network at the attack source of attacking each time then, at last the acl rule that is generated is submitted to flow cleaning equipment.In the said process, ADE has adopted attack detecting and recognition rule to come recognition network to attack when attack traffic being done detection.Can comprise information such as the content characteristic of the packet header feature of protocol type, attack message of network attack and/or part type message and some quantative attributies in attack detecting and the recognition rule.This rule can be described with the mode of XML text.
In order to store described attack detecting and recognition rule, described attack detecting and identification module also comprise attacks recognition rule storehouse (ARDB), ADE is each rule-like among the described ARDB of access easily, and the additions and deletions of all kinds of Rule contents variation such as change and can not bring influence to ADE self among the ARDB.Loss of communications for fear of the erroneous judgement of ADE when identification is attacked brought for some emphasis users has also comprised the IP address set that does not allow by the ACL blocking communication among the described ARDB, this IP address set is also referred to as IP address white list.Described ADE will read IP address white list from ARDB when generating acl rule, with reference to the IP address in this list, if the IP address packet of detected " attack source " is contained in the white list of described IP address, then will not generate corresponding acl rule.Like this, flow cleaning equipment just can not done filtration to the data flow that this IP address is sent.
Similar with the abnormality detection module, in order to reduce dependence, in described ADE, also can comprise the memory that is used for temporarily storing described attack detecting and recognition rule and described IP white list to ARDB.
The acl rule that flow cleaning equipment is generated according to the abnormality detection module is realized the cleaning to attack traffic, and the flow after will cleaning turns back to core router again, by the common routing forwarding of core router foundation to destination host.Different with the existing flow cleaning equipment of being mentioned in the background technology, the flow cleaning equipment among the present invention is only finished control operation, and promptly only responsible normal discharge separates with attack traffic, and does not relate to the differentiation of normal discharge and attack traffic.Flow cleaning device, in essence of the present invention is an ACL controller, and the acl rule that is generated according to attack detecting and identification module is done separating of normal discharge and attack traffic to the flow that arrives.After flow cleaning equipment is received acl rule, stipulated with rule in the IP bag of five-tuple coupling must action according to the rules carry out and handle, miss IP bag then wants mirror image to give described attack detecting and identification module processing.
Mention in the explanation in front, during beginning, when the flow after the traction arrives flow cleaning equipment, flow cleaning equipment can be with received traffic mirroring to described ADE, distinguish normal discharge and attack traffic by described ADE, and generate corresponding acl rule, then resulting acl rule is returned to flow cleaning equipment.In the starting stage, do not exist in the flow cleaning equipment and the relevant acl rule of target under fire, therefore, the destination address that arrives flow cleaning equipment is that under fire all flows of target all can be mirrored onto ADE, but after acl rule sends to flow cleaning equipment, newly arrived flow will divide three kinds of situations, the one, confirm as attack traffic according to acl rule, this type of flow meeting conductively-closed, the 2nd, confirm as normal discharge according to acl rule, this type of flow can be let pass, the 3rd, can't confirm its classification according to known acl rule, this class flow need be mirrored to ADE, is done the difference of attack traffic and normal discharge by ADE, if there is attack traffic, return to flow cleaning equipment again after then generating new acl rule.From top explanation as can be seen, because the flow that ADE does not need all to be arrived flow cleaning equipment in whole flow cleaning process is done attack detecting and identification, therefore greatly reduce its working strength, also make it can generate the acl rule that is used for flow control in real time.And flow cleaning equipment is compared with relevant device of the prior art, also only needs to finish separating of normal discharge and attack traffic absorbedly, has also improved the efficient of flow cleaning greatly, thereby has also improved the efficiency of transmission of whole network application environment.
Can realize the basic operation of flow cleaning by aforesaid abnormality detection module, attack detecting and identification module and flow cleaning equipment, in order better whole flow cleaning system to be managed, flow cleaning of the present invention system can also comprise the service management module.Described service management module all will be done corresponding management to abnormality detection module, attack detecting and identification module.Specific as follows:
The service management module is to the management of abnormality detection module:
1, service management module safeguarded the abnormality detection rule base in the abnormality detection module, and the user uses described service management module to realize the attended operation such as do that additions and deletions change of the abnormality detection rule in the abnormality detection rule base; If variation has taken place the router that the abnormality detection server is monitored, also to revise the corresponding informance of described abnormality detection rule base synchronously by described service management module.The service management module can also be done auto-update to the abnormality detection rule base, and the intervention that need not the user so just can realize the renewal to Rule Information in the abnormality detection rule base.
2, service management module safeguarded the tactful routing iinformation in the tactful routing information base of abnormality detection module, and the additions and deletions that realize these information such as change at operation.In addition, the user also can the described service management module of direct control, and selected needs carry out the router of flow traction, creates corresponding script, is provided with on router or cancels tactful route.Like this, system self can not rely on abnormality detection yet, but obtains target information under fire by other approach, finishes the flow traction by manually-operated pattern afterwards, to reach the purpose of flow cleaning.If controlled router and described flow cleaning equipment change, must upgrade the corresponding strategy routing iinformation synchronously.Described service management module also can be done auto-update to described RMDB, and like this, the intervention that need not the user just can realize the renewal of information among the described RMDB.
The service management module is to the management of attack detecting and identification module: the user interface that the user provides by described service management module finishes that additions and deletions to all kinds of Rule Informations in attack detecting and the identification module change and maintenance and management operation such as inquiry.Described service management module is also done auto-update to described ARDB, and like this, the intervention that need not the user just can realize the renewal of Rule Information among the described ARDB.
In the flow cleaning of the present invention system, adopt certain interface to realize the connection of each several part between each part.For example, the stream sampled data that the stream sampling agreement receiving router that provides by router vendors between the router of described abnormality detection module and its monitoring produces; Control command interface that the abnormality detection module provides by flow traction router or control protocol realize the control and management to the router policy route; Physical interface by same model between described flow cleaning equipment and flow traction router interconnects.In Fig. 4, then show the ACL control interface of described attack detecting and identification module and described flow cleaning equipment room.Wherein, Fig. 4 (1) shows described attack detecting and identification module must carry out authentication at described flow cleaning equipment before acl rule is set flow process, Fig. 4 (2) shows the flow process that described attack detecting and identification module are provided with acl rule after by authentication, and Fig. 4 (3) shows the flow process of the existing acl rule of inquiry on described flow cleaning equipment.
It more than is detailed description to the composition of flow cleaning of the present invention system.Though the workflow with regard to various piece in the system is described respectively in preamble, understand for convenience, the more complete course of work of whole system is illustrated at this.
The flow analysis protocol data (as the Netflow data) that the near-end router of the close target of attack of abnormality detection module reception in step 1), the flow cleaning system is generated, after these data analyses, according to factor judgements such as the kind of the message that arrives target of attack and quantity generation ANOMALOUS VARIATIONS attack at target of attack may take place, need carry out flow cleaning;
Step 2), determine to carry out flow cleaning after, generate about the tactful route of target of attack and on corresponding router, finish setting according to information such as router types;
Step 3), purpose IP are that the IP of target of attack wraps under the indication of tactful route and all is forwarded to the interface that router is connected with flow cleaning equipment, realize the traction of flow;
Step 4), the flow that is pulled enter flow cleaning equipment and handle;
Step 5), the IP that enters flow cleaning equipment wrap in when carrying out other processing, also give described attack detecting by mirror port and identification module is analyzed;
Step 6), described attack detecting and identification module analyser are distinguished normal discharge and attack traffic as flow, obtain the information such as attack source each time in the attack traffic, generate in view of the above to be used to control the acl rule of attack traffic, and are set in the flow cleaning equipment;
Step 7), flow cleaning equipment are controlled attack traffic according to ACL, realize the cleaning to malicious traffic stream;
Flow after step 8), the cleaning comes back to core router, to destination host, realizes the re-injection of flow by the common routing forwarding of core router foundation.
It should be noted last that above embodiment is only unrestricted in order to technical scheme of the present invention to be described.Although the present invention is had been described in detail with reference to embodiment, those of ordinary skill in the art is to be understood that, technical scheme of the present invention is made amendment or is equal to replacement, do not break away from the spirit and scope of technical solution of the present invention, it all should be encompassed in the middle of the claim scope of the present invention.
Claims (13)
1, a kind of flow cleaning system is used for the network traffics of network application environment are carried out monitoring management, it is characterized in that, comprises abnormality detection module, attack detecting and identification module, and flow cleaning equipment; Wherein,
Described abnormality detection module is done monitoring to the network traffics in the described network application environment, to suspicious network traffic generation strategy route and send on the Designated Router in the described network application environment, described suspicious network traffic is drawn to described flow cleaning equipment by described Designated Router; Described flow cleaning equipment is mirrored to described attack detecting and identification module with received suspicious network traffic, identify attack traffic by this module, and generate acl rule according to the relevant information of described attack traffic, send to described flow cleaning equipment then; Described flow cleaning equipment is realized separating of normal discharge and attack traffic in the suspicious network traffic according to resulting acl rule.
2, flow cleaning according to claim 1 system, it is characterized in that, described abnormality detection module comprises the abnormality detection server that is used for network traffics are carried out real-time analysis and early warning suspicious network traffic, and is used for the tactful routing manager according to the information generation strategy route of suspicious network traffic.
3, flow cleaning according to claim 2 system, it is characterized in that, described abnormality detection server has defined the characteristics and the detection method of the unusual network traffics of certain class according to the detection of abnormality detection rule realization to suspicious network traffic in the described abnormality detection rule.
4, flow cleaning according to claim 3 system is characterized in that described abnormality detection module also comprises the abnormality detection rule base that is used to store described abnormality detection rule.
5, flow cleaning according to claim 2 system, it is characterized in that, the router address that described tactful routing manager is operated as required, router interface information, router model and the RM of connection traffic cleaning equipment, tactful path establishing method and under fire target in interior relevant information generation strategy route.
6, flow cleaning according to claim 5 system is characterized in that, described abnormality detection module also comprises and is used to store the tactful routing information base that generates the needed information of described tactful route.
7, flow cleaning according to claim 1 system, it is characterized in that, described attack detecting and identification module comprise attack detecting and identification engine, described attack detecting detects suspicious network traffic according to attack detecting and recognition rule with the identification engine, identify network attack wherein, attack source at network attack generates the acl rule that is used for the control attack traffic that the attack source produced on network then, and the acl rule that is generated is submitted to described flow cleaning equipment.
8, flow cleaning according to claim 7 system is characterized in that, described attack detecting and identification engine also generate described acl rule according to IP address white list and attack detecting and recognition rule.
9, according to claim 7 or 8 described flow cleaning systems, it is characterized in that described attack detecting and identification module also comprise the attack recognition rule storehouse that is used to store described attack detecting and recognition rule and/or IP address white list.
10, according to the described flow cleaning of one of claim 1-9 system, it is characterized in that, also comprise the service management module, described service management module is used for described abnormality detection module or attack detecting and identification module are comprised that the information additions and deletions change the management activity of operation, auto-update and Artificial Control.
11, flow cleaning according to claim 10 system, it is characterized in that, described service management module is done the abnormality detection rule in the described abnormality detection rule base and is comprised the attended operation of additions and deletions in changing into, or described abnormality detection rule base is done auto-update.
12, flow cleaning according to claim 10 system, it is characterized in that, described service management module is done the tactful routing iinformation in the described tactful routing information base and is comprised the operation of additions and deletions in changing into, or described tactful routing information base done auto-update, or under manually-operated pattern, realize the traction of network traffics.
13, flow cleaning according to claim 10 system is characterized in that, described service management module is done the information in the described attack recognition rule storehouse and comprised the operation of additions and deletions in changing into, or auto-update is done in described attack recognition rule storehouse.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102260262A CN101431449B (en) | 2008-11-04 | 2008-11-04 | Network flux cleaning system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102260262A CN101431449B (en) | 2008-11-04 | 2008-11-04 | Network flux cleaning system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101431449A true CN101431449A (en) | 2009-05-13 |
| CN101431449B CN101431449B (en) | 2011-05-04 |
Family
ID=40646627
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008102260262A Active CN101431449B (en) | 2008-11-04 | 2008-11-04 | Network flux cleaning system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101431449B (en) |
Cited By (45)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101917425A (en) * | 2010-08-09 | 2010-12-15 | 中国电信股份有限公司 | Centralized cleaning system and method for internet bar flow in manner of bidirectional online |
| WO2011012004A1 (en) * | 2009-07-29 | 2011-02-03 | 中兴通讯股份有限公司 | Method and system for realizing network flow cleaning |
| CN102195843A (en) * | 2010-03-02 | 2011-09-21 | 中国移动通信集团公司 | Flow control system and method |
| CN102469117A (en) * | 2010-11-08 | 2012-05-23 | 中国移动通信集团广东有限公司 | Method and device for identifying abnormal access action |
| CN101702726B (en) * | 2009-11-13 | 2012-06-27 | 曙光信息产业(北京)有限公司 | Method and device for updating quintuple rules for IP packet sorting device |
| CN103368858A (en) * | 2012-04-01 | 2013-10-23 | 百度在线网络技术(北京)有限公司 | Method and device for cleaning flow capable of providing loading of combination of multiple strategies |
| CN103401796A (en) * | 2013-07-09 | 2013-11-20 | 北京百度网讯科技有限公司 | Network traffic cleaning system and method |
| CN103491095A (en) * | 2013-09-25 | 2014-01-01 | 中国联合网络通信集团有限公司 | Flow cleaning framework and device and flow lead and reinjection method |
| CN103685168A (en) * | 2012-09-07 | 2014-03-26 | 中国科学院计算机网络信息中心 | Query request service method for DNS (Domain Name System) recursive server |
| CN104468631A (en) * | 2014-12-31 | 2015-03-25 | 国家电网公司 | Network intrusion identification method based on anomaly flow and black-white list library of IP terminal |
| CN104601482A (en) * | 2013-10-30 | 2015-05-06 | 中兴通讯股份有限公司 | Traffic cleaning method and device |
| CN105282152A (en) * | 2015-09-28 | 2016-01-27 | 广东睿江科技有限公司 | Abnormal flow detection method |
| CN105847266A (en) * | 2016-04-07 | 2016-08-10 | 周文奇 | Protection system for key controller for industrial communication |
| CN105978916A (en) * | 2016-07-19 | 2016-09-28 | 北京工业大学 | Security audit system of SDN network |
| CN106101088A (en) * | 2016-06-04 | 2016-11-09 | 北京兰云科技有限公司 | The method that cleaning equipment, detection equipment, routing device and strick precaution DNS attack |
| CN106230798A (en) * | 2016-07-21 | 2016-12-14 | 杭州迪普科技有限公司 | A kind of flow lead method and device |
| CN106302537A (en) * | 2016-10-09 | 2017-01-04 | 广东睿江云计算股份有限公司 | The cleaning method of a kind of DDOS attack flow and system |
| CN106453416A (en) * | 2016-12-01 | 2017-02-22 | 广东技术师范学院 | Detection method of distributed attack intrusion based on deep belief network |
| CN106899580A (en) * | 2017-02-10 | 2017-06-27 | 杭州迪普科技股份有限公司 | A kind of flow cleaning method and device |
| CN106936799A (en) * | 2015-12-31 | 2017-07-07 | 阿里巴巴集团控股有限公司 | Message cleaning method and device |
| WO2017148280A1 (en) * | 2016-03-02 | 2017-09-08 | 中兴通讯股份有限公司 | Method, apparatus and system for analysing sample file |
| CN107302527A (en) * | 2017-06-09 | 2017-10-27 | 北京奇安信科技有限公司 | A kind of unit exception detection method and device |
| CN107347051A (en) * | 2016-05-05 | 2017-11-14 | 阿里巴巴集团控股有限公司 | A kind of service message processing method and system |
| WO2018010461A1 (en) * | 2016-07-11 | 2018-01-18 | 华为技术有限公司 | Service traffic control method and system |
| CN107800709A (en) * | 2017-11-06 | 2018-03-13 | 杭州迪普科技股份有限公司 | A kind of method and device for generating network attack detection strategy |
| CN108076019A (en) * | 2016-11-17 | 2018-05-25 | 北京金山云网络技术有限公司 | Anomalous traffic detection method and device based on traffic mirroring |
| CN108183921A (en) * | 2015-03-18 | 2018-06-19 | 策安保安有限公司 | The system and method that information security threat interruption is carried out via borde gateway |
| CN108322417A (en) * | 2017-01-16 | 2018-07-24 | 阿里巴巴集团控股有限公司 | Processing method, device and system and the safety equipment of network attack |
| CN108449314A (en) * | 2018-02-02 | 2018-08-24 | 杭州迪普科技股份有限公司 | A kind of flow lead method and apparatus |
| CN108494749A (en) * | 2018-03-07 | 2018-09-04 | 中国平安人寿保险股份有限公司 | Method, apparatus, equipment and the computer readable storage medium of IP address disabling |
| CN108616529A (en) * | 2018-04-24 | 2018-10-02 | 成都信息工程大学 | A kind of method for detecting abnormality and system based on Business Stream |
| CN109194747A (en) * | 2018-09-10 | 2019-01-11 | 四川长虹电器股份有限公司 | Traffic mirroring method and system under cloud environment |
| CN109861961A (en) * | 2017-11-30 | 2019-06-07 | 松下电器(美国)知识产权公司 | Cyber-defence device and cyber-defence system |
| CN109995714A (en) * | 2017-12-29 | 2019-07-09 | 中移(杭州)信息技术有限公司 | A kind of methods, devices and systems for disposing flow |
| CN110636059A (en) * | 2019-09-18 | 2019-12-31 | 中盈优创资讯科技有限公司 | Network attack defense system and method, SDN controller and router |
| CN110830474A (en) * | 2019-11-08 | 2020-02-21 | 中盈优创资讯科技有限公司 | Network attack protection system and method, and flow control device |
| US10673897B2 (en) | 2010-08-25 | 2020-06-02 | International Business Machines Corporation | Two-tier deep analysis of HTML traffic |
| CN111224960A (en) * | 2019-12-27 | 2020-06-02 | 北京天融信网络安全技术有限公司 | Information processing method, information processing device, electronic equipment and storage medium |
| CN111314283A (en) * | 2019-12-13 | 2020-06-19 | 网易(杭州)网络有限公司 | Method and device for defending attack |
| CN111385303A (en) * | 2020-03-11 | 2020-07-07 | 江苏亨通工控安全研究院有限公司 | Network security protection system and implementation method |
| CN111556068A (en) * | 2020-05-12 | 2020-08-18 | 上海有孚智数云创数字科技有限公司 | Flow characteristic identification-based distributed denial service monitoring and prevention and control method |
| TWI713501B (en) * | 2015-09-23 | 2020-12-21 | 香港商阿里巴巴集團服務有限公司 | Method, device, flow cleaning equipment and system for identifying network loop |
| CN112165428A (en) * | 2020-10-23 | 2021-01-01 | 新华三信息安全技术有限公司 | Traffic cleaning method and device and first boundary routing equipment |
| CN114978563A (en) * | 2021-02-26 | 2022-08-30 | 中国移动通信集团广东有限公司 | Method and device for blocking IP address |
| CN116319005A (en) * | 2023-03-21 | 2023-06-23 | 上海安博通信息科技有限公司 | Attack detection method, device and processing system combined with natural language processing model |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7028179B2 (en) * | 2001-07-03 | 2006-04-11 | Intel Corporation | Apparatus and method for secure, automated response to distributed denial of service attacks |
| CN101188531B (en) * | 2007-12-27 | 2010-04-07 | 东软集团股份有限公司 | A method and system for monitoring network traffic exception |
| CN101247217B (en) * | 2008-03-17 | 2010-09-29 | 北京星网锐捷网络技术有限公司 | Method, unit and system for preventing address resolution protocol flux attack |
-
2008
- 2008-11-04 CN CN2008102260262A patent/CN101431449B/en active Active
Cited By (72)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011012004A1 (en) * | 2009-07-29 | 2011-02-03 | 中兴通讯股份有限公司 | Method and system for realizing network flow cleaning |
| CN101702726B (en) * | 2009-11-13 | 2012-06-27 | 曙光信息产业(北京)有限公司 | Method and device for updating quintuple rules for IP packet sorting device |
| CN102195843B (en) * | 2010-03-02 | 2014-06-11 | 中国移动通信集团公司 | Flow control system and method |
| CN102195843A (en) * | 2010-03-02 | 2011-09-21 | 中国移动通信集团公司 | Flow control system and method |
| CN101917425A (en) * | 2010-08-09 | 2010-12-15 | 中国电信股份有限公司 | Centralized cleaning system and method for internet bar flow in manner of bidirectional online |
| US10673897B2 (en) | 2010-08-25 | 2020-06-02 | International Business Machines Corporation | Two-tier deep analysis of HTML traffic |
| US10673898B2 (en) | 2010-08-25 | 2020-06-02 | International Business Machines Corporation | Two-tier deep analysis of HTML traffic |
| CN102469117A (en) * | 2010-11-08 | 2012-05-23 | 中国移动通信集团广东有限公司 | Method and device for identifying abnormal access action |
| CN102469117B (en) * | 2010-11-08 | 2014-11-05 | 中国移动通信集团广东有限公司 | Method and device for identifying abnormal access action |
| CN103368858A (en) * | 2012-04-01 | 2013-10-23 | 百度在线网络技术(北京)有限公司 | Method and device for cleaning flow capable of providing loading of combination of multiple strategies |
| CN103368858B (en) * | 2012-04-01 | 2016-01-20 | 百度在线网络技术(北京)有限公司 | The flow cleaning method that many strategy combinations load and device |
| CN103685168A (en) * | 2012-09-07 | 2014-03-26 | 中国科学院计算机网络信息中心 | Query request service method for DNS (Domain Name System) recursive server |
| CN103401796B (en) * | 2013-07-09 | 2016-05-25 | 北京百度网讯科技有限公司 | Network flux cleaning system and method |
| CN103401796A (en) * | 2013-07-09 | 2013-11-20 | 北京百度网讯科技有限公司 | Network traffic cleaning system and method |
| CN103491095B (en) * | 2013-09-25 | 2016-07-13 | 中国联合网络通信集团有限公司 | Flow cleaning framework, device and flow lead, flow re-injection method |
| CN103491095A (en) * | 2013-09-25 | 2014-01-01 | 中国联合网络通信集团有限公司 | Flow cleaning framework and device and flow lead and reinjection method |
| CN104601482A (en) * | 2013-10-30 | 2015-05-06 | 中兴通讯股份有限公司 | Traffic cleaning method and device |
| CN104468631A (en) * | 2014-12-31 | 2015-03-25 | 国家电网公司 | Network intrusion identification method based on anomaly flow and black-white list library of IP terminal |
| CN108183921A (en) * | 2015-03-18 | 2018-06-19 | 策安保安有限公司 | The system and method that information security threat interruption is carried out via borde gateway |
| CN108183921B (en) * | 2015-03-18 | 2021-06-01 | 策安保安有限公司 | System and method for information security threat interruption via border gateway |
| TWI713501B (en) * | 2015-09-23 | 2020-12-21 | 香港商阿里巴巴集團服務有限公司 | Method, device, flow cleaning equipment and system for identifying network loop |
| CN105282152B (en) * | 2015-09-28 | 2018-08-28 | 广东睿江云计算股份有限公司 | A kind of method of abnormal traffic detection |
| CN105282152A (en) * | 2015-09-28 | 2016-01-27 | 广东睿江科技有限公司 | Abnormal flow detection method |
| US10924457B2 (en) | 2015-12-31 | 2021-02-16 | Alibaba Group Holding Limited | Packet cleaning method and apparatus |
| CN106936799A (en) * | 2015-12-31 | 2017-07-07 | 阿里巴巴集团控股有限公司 | Message cleaning method and device |
| CN106936799B (en) * | 2015-12-31 | 2021-05-04 | 阿里巴巴集团控股有限公司 | Message cleaning method and device |
| CN107154914A (en) * | 2016-03-02 | 2017-09-12 | 中兴通讯股份有限公司 | Sample file analysis method, apparatus and system |
| WO2017148280A1 (en) * | 2016-03-02 | 2017-09-08 | 中兴通讯股份有限公司 | Method, apparatus and system for analysing sample file |
| CN107154914B (en) * | 2016-03-02 | 2020-12-04 | 中兴通讯股份有限公司 | Sample file analysis method, device and system |
| CN105847266A (en) * | 2016-04-07 | 2016-08-10 | 周文奇 | Protection system for key controller for industrial communication |
| CN107347051A (en) * | 2016-05-05 | 2017-11-14 | 阿里巴巴集团控股有限公司 | A kind of service message processing method and system |
| CN106101088A (en) * | 2016-06-04 | 2016-11-09 | 北京兰云科技有限公司 | The method that cleaning equipment, detection equipment, routing device and strick precaution DNS attack |
| CN106101088B (en) * | 2016-06-04 | 2019-05-24 | 北京兰云科技有限公司 | The method of cleaning equipment, detection device, routing device and prevention DNS attack |
| WO2018010461A1 (en) * | 2016-07-11 | 2018-01-18 | 华为技术有限公司 | Service traffic control method and system |
| US11019533B2 (en) | 2016-07-11 | 2021-05-25 | Huawei Technologies Co., Ltd. | Service traffic control method and system and decision network element |
| CN105978916A (en) * | 2016-07-19 | 2016-09-28 | 北京工业大学 | Security audit system of SDN network |
| CN106230798B (en) * | 2016-07-21 | 2019-08-06 | 杭州迪普科技股份有限公司 | A kind of flow lead method and device |
| CN106230798A (en) * | 2016-07-21 | 2016-12-14 | 杭州迪普科技有限公司 | A kind of flow lead method and device |
| CN106302537B (en) * | 2016-10-09 | 2019-09-10 | 广东睿江云计算股份有限公司 | A kind of cleaning method and system of DDOS attack flow |
| CN106302537A (en) * | 2016-10-09 | 2017-01-04 | 广东睿江云计算股份有限公司 | The cleaning method of a kind of DDOS attack flow and system |
| CN108076019B (en) * | 2016-11-17 | 2021-04-09 | 北京金山云网络技术有限公司 | Abnormal flow detection method and device based on flow mirror image |
| CN108076019A (en) * | 2016-11-17 | 2018-05-25 | 北京金山云网络技术有限公司 | Anomalous traffic detection method and device based on traffic mirroring |
| CN106453416A (en) * | 2016-12-01 | 2017-02-22 | 广东技术师范学院 | Detection method of distributed attack intrusion based on deep belief network |
| CN108322417B (en) * | 2017-01-16 | 2021-10-19 | 阿里巴巴集团控股有限公司 | Network attack processing method, device and system and security equipment |
| CN108322417A (en) * | 2017-01-16 | 2018-07-24 | 阿里巴巴集团控股有限公司 | Processing method, device and system and the safety equipment of network attack |
| CN106899580A (en) * | 2017-02-10 | 2017-06-27 | 杭州迪普科技股份有限公司 | A kind of flow cleaning method and device |
| CN107302527A (en) * | 2017-06-09 | 2017-10-27 | 北京奇安信科技有限公司 | A kind of unit exception detection method and device |
| CN107800709A (en) * | 2017-11-06 | 2018-03-13 | 杭州迪普科技股份有限公司 | A kind of method and device for generating network attack detection strategy |
| CN109861961A (en) * | 2017-11-30 | 2019-06-07 | 松下电器(美国)知识产权公司 | Cyber-defence device and cyber-defence system |
| CN109861961B (en) * | 2017-11-30 | 2022-10-28 | 松下电器(美国)知识产权公司 | Network defense device and network defense system |
| CN109995714A (en) * | 2017-12-29 | 2019-07-09 | 中移(杭州)信息技术有限公司 | A kind of methods, devices and systems for disposing flow |
| CN108449314B (en) * | 2018-02-02 | 2020-12-29 | 杭州迪普科技股份有限公司 | Flow traction method and device |
| CN108449314A (en) * | 2018-02-02 | 2018-08-24 | 杭州迪普科技股份有限公司 | A kind of flow lead method and apparatus |
| CN108494749A (en) * | 2018-03-07 | 2018-09-04 | 中国平安人寿保险股份有限公司 | Method, apparatus, equipment and the computer readable storage medium of IP address disabling |
| CN108616529B (en) * | 2018-04-24 | 2021-01-29 | 成都信息工程大学 | Anomaly detection method and system based on service flow |
| CN108616529A (en) * | 2018-04-24 | 2018-10-02 | 成都信息工程大学 | A kind of method for detecting abnormality and system based on Business Stream |
| CN109194747A (en) * | 2018-09-10 | 2019-01-11 | 四川长虹电器股份有限公司 | Traffic mirroring method and system under cloud environment |
| CN110636059A (en) * | 2019-09-18 | 2019-12-31 | 中盈优创资讯科技有限公司 | Network attack defense system and method, SDN controller and router |
| CN110636059B (en) * | 2019-09-18 | 2021-04-30 | 中盈优创资讯科技有限公司 | Network attack defense system, method, SDN controller, router, device and medium |
| CN110830474B (en) * | 2019-11-08 | 2021-04-06 | 中盈优创资讯科技有限公司 | Network attack protection system and method, and flow control device |
| CN110830474A (en) * | 2019-11-08 | 2020-02-21 | 中盈优创资讯科技有限公司 | Network attack protection system and method, and flow control device |
| CN111314283A (en) * | 2019-12-13 | 2020-06-19 | 网易(杭州)网络有限公司 | Method and device for defending attack |
| CN111314283B (en) * | 2019-12-13 | 2023-01-24 | 网易(杭州)网络有限公司 | Method and device for defending attack |
| CN111224960A (en) * | 2019-12-27 | 2020-06-02 | 北京天融信网络安全技术有限公司 | Information processing method, information processing device, electronic equipment and storage medium |
| CN111224960B (en) * | 2019-12-27 | 2022-07-12 | 北京天融信网络安全技术有限公司 | Information processing method, information processing device, electronic equipment and storage medium |
| CN111385303A (en) * | 2020-03-11 | 2020-07-07 | 江苏亨通工控安全研究院有限公司 | Network security protection system and implementation method |
| CN111556068A (en) * | 2020-05-12 | 2020-08-18 | 上海有孚智数云创数字科技有限公司 | Flow characteristic identification-based distributed denial service monitoring and prevention and control method |
| CN111556068B (en) * | 2020-05-12 | 2020-12-22 | 上海有孚智数云创数字科技有限公司 | Flow characteristic identification-based distributed denial service monitoring and prevention and control method |
| CN112165428A (en) * | 2020-10-23 | 2021-01-01 | 新华三信息安全技术有限公司 | Traffic cleaning method and device and first boundary routing equipment |
| CN112165428B (en) * | 2020-10-23 | 2022-07-22 | 新华三信息安全技术有限公司 | Traffic cleaning method and device and first boundary routing equipment |
| CN114978563A (en) * | 2021-02-26 | 2022-08-30 | 中国移动通信集团广东有限公司 | Method and device for blocking IP address |
| CN116319005A (en) * | 2023-03-21 | 2023-06-23 | 上海安博通信息科技有限公司 | Attack detection method, device and processing system combined with natural language processing model |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101431449B (en) | 2011-05-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101431449B (en) | Network flux cleaning system | |
| CN101924764B (en) | Large-scale DDoS (Distributed Denial of Service) attack defense system and method based on two-level linkage mechanism | |
| CN104954367B (en) | A kind of cross-domain ddos attack means of defence of internet omnidirectional | |
| CN103036733B (en) | Unconventional network accesses monitoring system and the monitoring method of behavior | |
| CN112615818B (en) | SDN-based DDOS attack protection method, device and system | |
| US10708146B2 (en) | Data driven intent based networking approach using a light weight distributed SDN controller for delivering intelligent consumer experience | |
| EP3449600B1 (en) | A data driven intent based networking approach using a light weight distributed sdn controller for delivering intelligent consumer experiences | |
| KR101900154B1 (en) | SDN capable of detection DDoS attacks and switch including the same | |
| CN103491095B (en) | Flow cleaning framework, device and flow lead, flow re-injection method | |
| CN100474819C (en) | A deep message detection method, network device and system | |
| US7788721B2 (en) | Traffic control method, apparatus, and system | |
| CN101175078B (en) | Identification of potential network threats using a distributed threshold random walk | |
| CN102195843B (en) | Flow control system and method | |
| CN101390342B (en) | Techniques for network protection based on subscriber-aware application proxies | |
| CN101399749A (en) | Method, system and device for packet filtering | |
| CN101018156A (en) | Method, device and system for preventing the broadband rejection service attack | |
| CN103200123A (en) | Safety control method of switchboard port | |
| CN106302371A (en) | A kind of firewall control method based on subscriber service system and system | |
| KR100523483B1 (en) | The system and method of malicious traffic detection and response in network | |
| JP4380710B2 (en) | Traffic anomaly detection system, traffic information observation device, and traffic information observation program | |
| CN112202646B (en) | Flow analysis method and system | |
| CN101917425A (en) | Centralized cleaning system and method for internet bar flow in manner of bidirectional online | |
| CN112787959A (en) | Traffic scheduling method and system | |
| CN109995714A (en) | A kind of methods, devices and systems for disposing flow | |
| CN100561954C (en) | Method, system and the equipment of control detection of connectivity |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200515 Address after: 100025 807, floor 7, No. 99, Balizhuang Xili, Chaoyang District, Beijing Patentee after: Beijing Zhiwei Yingxun Network Technology Co., Ltd Address before: 100190 No. 6 South Road, Zhongguancun Academy of Sciences, Beijing, Haidian District Patentee before: Institute of Computing Technology, Chinese Academy of Sciences |