CN102932380B - The distributed preventing malicious attack method and system of content-based distribution network - Google Patents
The distributed preventing malicious attack method and system of content-based distribution network Download PDFInfo
- Publication number
- CN102932380B CN102932380B CN201210501570.XA CN201210501570A CN102932380B CN 102932380 B CN102932380 B CN 102932380B CN 201210501570 A CN201210501570 A CN 201210501570A CN 102932380 B CN102932380 B CN 102932380B
- Authority
- CN
- China
- Prior art keywords
- attack
- request
- malicious attack
- malicious
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses the distributed preventing malicious attack method and system of content-based distribution network, the distributed network utilizing CDN shares challenging dose, and utilize malicious attack identification technology, identify attack IP, be limited in inside CDN attack user, reduce the malicious requests being connected to client source station to greatest extent.Its technical scheme is: method includes: identify the malicious attack request of zones of different;The malicious attack of zones of different asks to be assigned to the content distributing network attack protection node group of each region independence, it is achieved the distributed malicious attack sharing big flow;In content distributing network attack protection node group, different attack protection node machine is shared in the malicious attack being assigned to respective region again;Attack protection node machine, for being identified as the request of malicious attack, is forbidden that it continues to access, to being identified as the request that non-malicious is attacked, is forwarded a request to source station, so that normal response is made after receiving request in source station.
Description
Technical field
The present invention relates to the network security technology of content distributing network (CDN), particularly relate to the identification for dynamic requests malicious attack source and distributed precautionary technology.
Background technology
Based on secure network for the Intelligent Recognition in malicious attack source and the basic thought of strick precaution it is, owing to the response contents of client's dynamic requests can not be buffered, CDN accesses business and only provides accelerated passage for it, so for the dynamic requests of user, CDN is required for back client source pulled content and returns again to client.Occurring once attack, along with number of request increases, the service of source station can be impacted.This system can dynamically analyze the behavior of user according to time source request frequency, whether intelligent decision is aggressive behavior, once confirm that certain User IP exists aggressive behavior, it is drawn in blacklist at once, forbid that it continues to access this web site within a period of time, most malicious requests is thus made to be limited in the network internal of CDN, from without arriving client source station.
And the distributed big flow attacking for different regions, distributed CDN pattern can allow multiple node share challenging dose, the attack overwhelming majority of most Zhongdao client source station is limited in outside CDN, thus ensureing source station stable operation, it is ensured that the normal access of non-malicious user.
The implementation that current anti-dynamic requests is attacked is as shown in Figure 1:
Malicious requests is attached directly to source station fire wall, utilizes existing firewall technology or hardware, the anti-malicious requests module that such as IPtable and apache carries, it is judged that malice dynamic attacks behavior.According to the safety regulation arranged on fire wall, it is determined whether belong to attack, if attacking, fire wall is forbidden accessing, if not attacking, then request of letting pass, source station normal response.
There is following drawback in existing malice dynamic requests scheme:
1. existing hardware fire wall price is high, and needs manpower to safeguard;Increase operation cost.And existing single fire wall, is difficult to undertake distributed big flow attacking.
2. software firewall anti-attack ability is limited, and it is more single to take precautions against rule.
3. it is no matter hardware or software firewall allows source station stash all without way.
All things considered, current anti-dynamic requests attack option, it is impossible to ensure that source station is completely hiding, assailant is very simple just it appeared that source station, and implements to attack to it.
Summary of the invention
It is an object of the invention to solve the problems referred to above, provide the distributed preventing malicious attack method and system of a kind of content-based distribution network, the distributed network utilizing CDN shares challenging dose, and utilize malicious attack identification technology, identify attack IP, be limited in inside CDN attack user, reduce the malicious requests being connected to client source station to greatest extent.
The technical scheme is that a kind of distributed preventing malicious attack method that present invention is disclosed content-based distribution network, including:
Identify the malicious attack request of zones of different;
The malicious attack of zones of different asks to be assigned to the content distributing network attack protection node group of each region independence, it is achieved the distributed malicious attack sharing big flow;
In content distributing network attack protection node group, different attack protection node machine is shared in the malicious attack being assigned to respective region again;
Attack protection node machine, for being identified as the request of malicious attack, is forbidden that it continues to access, to being identified as the request that non-malicious is attacked, is forwarded a request to source station, so that normal response is made after receiving request in source station.
One embodiment of the distributed preventing malicious attack method of the content-based distribution network according to the present invention, farther includes for the identification to malicious attack of the attack protection node machine and process:
By blacklist, the attack protection node machine of content distributing network judges whether the IP of request user is attack IP, if not in blacklist, dynamic requests normally connects back to source.
One embodiment of the distributed preventing malicious attack method of the content-based distribution network according to the present invention, farther includes for the identification to malicious attack of the attack protection node machine and process:
While blacklist judges, accessing IP number for user and count, within the unit interval, judge whether the dynamic requests number of times of user exceedes preset value, once reach preset value, judging that this user is as assailant, pipes off the IP of this user;
Opening timer, from the moment being judged as assailant to the default time period, source dynamic requests all can not be normally returned in all requests from this User IP simultaneously.
One embodiment of the distributed preventing malicious attack method of the content-based distribution network according to the present invention, farther includes for the identification to malicious attack of the attack protection node machine and process:
If the request IP time in blacklist has exceeded preset value, then this request IP being removed from blacklist, counting so that restarting that user is accessed IP number time next time accesses.
Present invention further teaches the distributed preventing malicious attack system of a kind of content-based distribution network, including:
Request region recognition device, identifies the malicious attack request of zones of different;
Region distributor, asks to be assigned to the content distributing network attack protection node group of each region independence, it is achieved the distributed malicious attack sharing big flow by the malicious attack of zones of different;
Node machine sharing device, in content distributing network attack protection node group, shares different attack protection node machine again by the malicious attack being assigned to respective region;
Malicious attack request processes device, and attack protection node machine, for being identified as the request of malicious attack, is forbidden that it continues to access, to being identified as the request that non-malicious is attacked, forwarded a request to source station, so that normal response is made after receiving request in source station.
One embodiment of the distributed preventing malicious attack system of the content-based distribution network according to the present invention, malicious attack request processes device and farther includes:
Blacklist judge module, by blacklist, the attack protection node machine of content distributing network judges whether the IP of request user is attack IP, if not in blacklist, dynamic requests normally connects back to source.
One embodiment of the distributed preventing malicious attack system of the content-based distribution network according to the present invention, malicious attack request processes device and farther includes:
Access count module; while blacklist judges; access IP number for user to count; within the unit interval, judge whether the dynamic requests number of times of user exceedes preset value; once reach preset value, judging that this user is as assailant, pipes off the IP of this user, opening timer simultaneously; from the moment being judged as assailant to the default time period, source dynamic requests all can not be normally returned in all requests from this User IP.
One embodiment of the distributed preventing malicious attack system of the content-based distribution network according to the present invention, malicious attack request processes device and farther includes:
Blacklist is new module more, if the request IP time in blacklist has exceeded preset value, is then removed from blacklist by this request IP, counts so that restarting that user accesses IP number time next time accesses.
Point of the present invention contrast prior art has following beneficial effect: the solution of the present invention is to utilize dynamic and intelligent technology the attack user of different regions, it is assigned to different CDN attack protection node groups, utilizes load-balancing algorithm that the challenging dose in the attack protection node in identical area is shared multiple stage attack protection node machine.Every attack protection node machine utilizes malicious attack identification technical point to precipitate out and attacks user, then limit the access of this User IP.Relative to prior art, malice dynamic attacks is by Intelligent Recognition and taken precautions against inside CDN in the solution of the present invention, and this process is all in CDN inter-process, is had no effect in source station, so far not only can ensure that to source station be all normal request, it is ensured that backstage, source station is stable as far as possible.And processing procedure is separated with source station completely, reduce source station bandwidth consumption, additionally, due to needing not continue to dispose fire wall, it is possible to reduce hardware cost and maintenance cost.
Accompanying drawing explanation
Fig. 1 illustrates the flow chart of the precautionary scheme of existing malice dynamic requests.
Fig. 2 illustrates the flow chart of the preferred embodiment of the distributed preventing malicious attack method of the content-based distribution network of the present invention.
Fig. 3 illustrates that the attack protection node machine of the present invention is internal and identifies the sub-process figure attacked with preventing malice.
Fig. 4 illustrates the schematic diagram of the preferred embodiment of the distributed preventing malicious attack system of the content-based distribution network of the present invention.
Fig. 5 illustrates the schematic diagram of the operational process of Fig. 4 system embodiment.
Detailed description of the invention
Below in conjunction with drawings and Examples, the invention will be further described.
The embodiment of the distributed preventing malicious attack method of content-based distribution network
Fig. 2 illustrates the flow process of the preferred embodiment of the distributed preventing malicious attack method of the content-based distribution network of the present invention.Referring to Fig. 2, details are as follows for the enforcement step of the distributed preventing malicious attack method of the present embodiment.
Step S10: identify the malicious attack request of zones of different.
By existing intelligence amortization techniques, it is possible to identify the query-attack of zones of different.
Step S11: the malicious attack of zones of different asks to be assigned to the content distributing network attack protection node group of each region independence, it is achieved the distributed malicious attack sharing big flow.
Step S12: in content distributing network attack protection node group, different attack protection node machine is shared in the malicious attack being assigned to respective region again.
Utilize existing application layer load-balancing technique, it is possible to different attack protection node machine is shared in the malicious attack being assigned to respective region again.
Step S13: attack protection node machine, for being identified as the request of malicious attack, is forbidden that it continues to access, to being identified as the request that non-malicious is attacked, forwarded a request to source station, so that normal response is made after receiving request in source station.
Only being transmitted to source station by being identified as the request that non-malicious attacks, when being had no effect in source station and when pressure, what ensure go back to source station is all normal request.
Step S13 is the process to query-attack of the attack protection node machine, and its thinning process is please as shown in Figure 3.
Step S20: attack protection node machine receives the dynamic requests of user.
Step S21: utilize blacklist to judge whether request User IP is attack IP, if in blacklist, enter step S27, if not in blacklist, enter step S22.
Step S22: fringe node goes back to source and connects dynamic requests.
Step S23: time source dynamic requests is counted by fringe node according to accessing IP.
Step S24: judging whether to exceed unit interval maximum dynamic requests number, if exceeding unit interval maximum dynamic requests number, proceeding to step S25, if not less than with source station normal dynamic number of request; return step S22 process.
Step S25: this IP is joined blacklist.
Step S26: open timer.
Step S27: judge whether this IP time in blacklist reaches preset value, if the time reaches preset value, enters step S29, if the time not up to preset value, enters step S28 process.
Step S28: forbid the access request of this IP.
Step S29: remove this IP from blacklist.
It can be seen that the process of query-attack is mainly included the content of three below aspect by attack protection node machine from the enforcement step of Fig. 3:
By blacklist, the attack protection node machine of content distributing network judges whether the IP of request user is attack IP, if not in blacklist, dynamic requests normally connects back to source.
While blacklist judges, accessing IP number for user and count, within the unit interval, judge whether the dynamic requests number of times of user exceedes preset value, once reach preset value, judging that this user is as assailant, pipes off the IP of this user;Opening timer, from the moment being judged as assailant to the default time period, source dynamic requests all can not be normally returned in all requests from this User IP simultaneously.
If the request IP time in blacklist has exceeded preset value, then this request IP being removed from blacklist, counting so that restarting that user is accessed IP number time next time accesses.After this makes attack IP depart from assailant's control, its normal access can carry out after a certain period of time, it is prevented that from then on the IP person of being hacked can not continue the normal problem accessed always at blacklist after kidnapping.
The method adopting the present embodiment, it is possible to dynamically judge assailant IP, it is prevented that assailant changes attack IP in different time sections, has more intelligent and real-time.After in real time controlling assailant IP, other users normally accessed can connection request to source station, attack when occurring, do not have normal request delay or direct unaccepted risk.After attacking stopping, recovering to be seized on both sides by the arms the normal access of IP.After disposing distributed attack protection system, can need not continue to inside client source station dispose fire wall.
The embodiment of the distributed preventing malicious attack system of content-based distribution network
Fig. 4 illustrates the principle of the preferred embodiment of the distributed preventing malicious attack system of the content-based distribution network of the present invention.Referring to Fig. 4, the distributed preventing malicious attack system of the present embodiment includes: request region recognition device 10, region distributor 11, node machine sharing device 12, malicious attack request process device 13.
Refer to the system operational process shown in Fig. 5, request region recognition device 10 identifies the malicious attack request of zones of different.Request region recognition device 10 is by existing intelligence amortization techniques, it is possible to identify the query-attack of zones of different.
The malicious attack of zones of different is asked to be assigned to the content distributing network attack protection node group of each region independence by region distributor 11, it is achieved the distributed malicious attack sharing big flow.
Node machine sharing device 12 is for, in content distributing network attack protection node group, again sharing different attack protection node machine by the malicious attack being assigned to respective region.Node machine sharing device 12 is to utilize existing application layer load-balancing technique, it is possible to the malicious attack being assigned to respective region is shared different attack protection node machine again.
Malicious attack request processes in device 13, and attack protection node machine, for being identified as the request of malicious attack, is forbidden that it continues to access, to being identified as the request that non-malicious is attacked, forwarded a request to source station, so that normal response is made after receiving request in source station.
Malicious attack request processes device 13 and farther includes: blacklist judge module 130, access count module 131 and blacklist more new module 132.
In blacklist judge module 130, by blacklist, the attack protection node machine of content distributing network judges whether the IP of request user is attack IP, if not in blacklist, dynamic requests normally connects back to source.
The processing procedure of access count module 131 is: blacklist judges while; access IP number for user to count; within the unit interval, judge whether the dynamic requests number of times of user exceedes preset value; once reach preset value, judge that this user is as assailant; the IP of this user is piped off; opening timer, from the moment being judged as assailant to the default time period, source dynamic requests all can not be normally returned in all requests from this User IP simultaneously.
The processing procedure of blacklist more new module 132 is: if the request IP time in blacklist has exceeded preset value, then removed from blacklist by this request IP, counts so that restarting that user accesses IP number time next time accesses.
Above-described embodiment is available to those of ordinary skill in the art and realizes and use the present invention's; those of ordinary skill in the art can be without departing from the present invention in the case of the inventive idea; above-described embodiment is made various modifications or change; thus protection scope of the present invention is not limit by above-described embodiment, and the maximum magnitude of the inventive features that claims are previously mentioned should be consistent with.
Claims (8)
1. a distributed preventing malicious attack method for content-based distribution network, including:
Identify the malicious attack request of zones of different;
Utilize dynamic and intelligent technology that the malicious attack of zones of different asks to be assigned to the content distributing network attack protection node group of each region independence, it is achieved the distributed malicious attack sharing big flow;
In content distributing network attack protection node group, utilize application layer load-balancing technique that the malicious attack being assigned to respective region is shared different attack protection node machine again;
Attack protection node machine, for being identified as the request of malicious attack, is forbidden that it continues to access, to being identified as the request that non-malicious is attacked, is forwarded a request to source station, so that normal response is made after receiving request in source station.
2. the distributed preventing malicious attack method of content-based distribution network according to claim 1, it is characterised in that the identification to malicious attack of the attack protection node machine and process are farther included:
By blacklist, the attack protection node machine of content distributing network judges whether the IP of request user is attack IP, if not in blacklist, dynamic requests normally connects back to source.
3. the distributed preventing malicious attack method of content-based distribution network according to claim 2, it is characterised in that the identification to malicious attack of the attack protection node machine and process are farther included:
While blacklist judges, accessing IP number for user and count, within the unit interval, judge whether the dynamic requests number of times of user exceedes preset value, once reach preset value, judging that this user is as assailant, pipes off the IP of this user;
Opening timer, from the moment being judged as assailant to the default time period, source dynamic requests all can not be normally returned in all requests from this User IP simultaneously.
4. the distributed preventing malicious attack method of content-based distribution network according to claim 3, it is characterised in that the identification to malicious attack of the attack protection node machine and process are farther included:
If the request IP time in blacklist has exceeded preset value, then this request IP being removed from blacklist, counting so that restarting that user is accessed IP number time next time accesses.
5. a distributed preventing malicious attack system for content-based distribution network, including:
Request region recognition device, identifies the malicious attack request of zones of different;
Region distributor, utilizes dynamic and intelligent technology that the malicious attack of zones of different asks to be assigned to the content distributing network attack protection node group of each region independence, it is achieved the distributed malicious attack sharing big flow;
Node machine sharing device, in content distributing network attack protection node group, utilizes application layer load-balancing technique that the malicious attack being assigned to respective region is shared different attack protection node machine again;
Malicious attack request processes device, and attack protection node machine, for being identified as the request of malicious attack, is forbidden that it continues to access, to being identified as the request that non-malicious is attacked, forwarded a request to source station, so that normal response is made after receiving request in source station.
6. the distributed preventing malicious attack system of content-based distribution network according to claim 5, it is characterised in that malicious attack request processes device and farther includes:
Blacklist judge module, by blacklist, the attack protection node machine of content distributing network judges whether the IP of request user is attack IP, if not in blacklist, dynamic requests normally connects back to source.
7. the distributed preventing malicious attack system of content-based distribution network according to claim 6, it is characterised in that malicious attack request processes device and farther includes:
Access count module; while blacklist judges; access IP number for user to count; within the unit interval, judge whether the dynamic requests number of times of user exceedes preset value; once reach preset value, judging that this user is as assailant, pipes off the IP of this user, opening timer simultaneously; from the moment being judged as assailant to the default time period, source dynamic requests all can not be normally returned in all requests from this User IP.
8. the distributed preventing malicious attack system of content-based distribution network according to claim 7, it is characterised in that malicious attack request processes device and farther includes:
Blacklist is new module more, if the request IP time in blacklist has exceeded preset value, is then removed from blacklist by this request IP, counts so that restarting that user accesses IP number time next time accesses.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210501570.XA CN102932380B (en) | 2012-11-30 | 2012-11-30 | The distributed preventing malicious attack method and system of content-based distribution network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210501570.XA CN102932380B (en) | 2012-11-30 | 2012-11-30 | The distributed preventing malicious attack method and system of content-based distribution network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102932380A CN102932380A (en) | 2013-02-13 |
| CN102932380B true CN102932380B (en) | 2016-06-29 |
Family
ID=47647082
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210501570.XA Active CN102932380B (en) | 2012-11-30 | 2012-11-30 | The distributed preventing malicious attack method and system of content-based distribution network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102932380B (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475637B (en) * | 2013-04-24 | 2018-03-27 | 携程计算机技术(上海)有限公司 | The method for network access control and system of behavior are accessed based on IP |
| CN103685253A (en) * | 2013-12-05 | 2014-03-26 | 北京奇虎科技有限公司 | Method and device for defending CDN flow amplification attacks |
| CN107454039B (en) * | 2016-05-31 | 2020-05-01 | 北京京东尚科信息技术有限公司 | Network attack detection system, method and computer readable storage medium |
| CN106507364B (en) * | 2016-11-23 | 2019-09-27 | 广东工业大学 | A kind of method and system avoiding indoor wireless communication malicious attack |
| CN106790073B (en) * | 2016-12-21 | 2020-06-05 | 北京启明星辰信息安全技术有限公司 | Blocking method and device for malicious attack of Web server and firewall |
| CN106603554B (en) * | 2016-12-29 | 2019-11-15 | 北京奇艺世纪科技有限公司 | A kind of anti-cheat method and device of adaptive real time video data |
| CN107704761B (en) * | 2017-09-27 | 2020-09-01 | 北京星选科技有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN110944027B (en) * | 2018-09-21 | 2023-04-07 | 阿里巴巴集团控股有限公司 | Access processing method, device, equipment and system |
| CN109246224A (en) * | 2018-09-25 | 2019-01-18 | 麒麟合盛网络技术股份有限公司 | The containerization dispositions method and device of CDN system |
| CN111193692A (en) * | 2018-11-15 | 2020-05-22 | 北京金山云网络技术有限公司 | Request response method, device, edge node and authentication system |
| CN110177110A (en) * | 2019-06-04 | 2019-08-27 | 湖北五五互联科技有限公司 | Contents access method, equipment and computer readable storage medium |
| CN110795677A (en) * | 2019-11-12 | 2020-02-14 | 成都知道创宇信息技术有限公司 | CDN node distribution method and device |
| CN111147448B (en) * | 2019-12-06 | 2022-06-07 | 中科曙光(南京)计算技术有限公司 | CAN bus flood attack defense system and method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102137111A (en) * | 2011-04-20 | 2011-07-27 | 北京蓝汛通信技术有限责任公司 | Method and device for preventing CC (Challenge Collapsar) attack and content delivery network server |
| CN102687480A (en) * | 2009-12-12 | 2012-09-19 | 阿卡麦科技公司 | Cloud-based firewall system and service |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7836295B2 (en) * | 2002-07-29 | 2010-11-16 | International Business Machines Corporation | Method and apparatus for improving the resilience of content distribution networks to distributed denial of service attacks |
| CN101222424B (en) * | 2007-12-24 | 2011-02-09 | 中国电信股份有限公司 | Content distribution network and scheduling method based on content in the network |
| CN101287011A (en) * | 2008-05-26 | 2008-10-15 | 蓝汛网络科技(北京)有限公司 | Method, system and device for responding service request from user in content distributing network |
-
2012
- 2012-11-30 CN CN201210501570.XA patent/CN102932380B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102687480A (en) * | 2009-12-12 | 2012-09-19 | 阿卡麦科技公司 | Cloud-based firewall system and service |
| CN102137111A (en) * | 2011-04-20 | 2011-07-27 | 北京蓝汛通信技术有限责任公司 | Method and device for preventing CC (Challenge Collapsar) attack and content delivery network server |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102932380A (en) | 2013-02-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102932380B (en) | The distributed preventing malicious attack method and system of content-based distribution network | |
| Wang et al. | Intrusion prevention system design | |
| US10075468B2 (en) | Denial-of-service (DoS) mitigation approach based on connection characteristics | |
| CN103458003B (en) | A kind of self adaptation cloud computing environment virtual secure domain browsing control method and system | |
| CN103023924B (en) | The ddos attack means of defence of the cloud distribution platform of content-based distributing network and system | |
| WO2016177156A1 (en) | Traffic processing method, device and system | |
| KR101812403B1 (en) | Mitigating System for DoS Attacks in SDN | |
| CN111181926B (en) | Security device based on mimicry defense idea and operation method thereof | |
| CN105282169A (en) | DDoS attack warning method and system based on SDN controller threshold | |
| US10944720B2 (en) | Methods and systems for network security | |
| CN112351012A (en) | Network security protection method, device and system | |
| CN104104679A (en) | Data processing method based on private cloud | |
| CN105245549A (en) | Active defense method against DDoS attacks | |
| US20180191774A1 (en) | Method and system for shunting reflective ddos traffic | |
| CN108092940B (en) | DNS protection method and related equipment | |
| CN103916387A (en) | DDOS attack protection method and system | |
| CN107566359A (en) | A kind of intelligent fire-proofing wall system and means of defence | |
| CN107426241A (en) | A kind of method and device of network safety prevention | |
| CN105429975B (en) | A kind of data safety system of defense, method and cloud terminal security system based on cloud terminal | |
| CN106534346B (en) | Flow control method, device and system based on virtual WAF | |
| CN1350231A (en) | By-pass investigation and remisson method for rejecting service attack | |
| Srivastava et al. | A Review on Protecting SCADA Systems from DDOS Attacks | |
| CN106953830A (en) | DNS security means of defence, device and DNS | |
| KR20120119315A (en) | Device for protecting web server | |
| CN111262815A (en) | Virtual host management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |