CN111865954A - Data hedging type computer network security system and working method thereof - Google Patents

Data hedging type computer network security system and working method thereof Download PDF

Info

Publication number
CN111865954A
CN111865954A CN202010662857.5A CN202010662857A CN111865954A CN 111865954 A CN111865954 A CN 111865954A CN 202010662857 A CN202010662857 A CN 202010662857A CN 111865954 A CN111865954 A CN 111865954A
Authority
CN
China
Prior art keywords
data
module
attack
address
external
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202010662857.5A
Other languages
Chinese (zh)
Inventor
徐建红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Taicang Hongma Software Technology Co ltd
Original Assignee
Taicang Hongma Software Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taicang Hongma Software Technology Co ltd filed Critical Taicang Hongma Software Technology Co ltd
Priority to CN202010662857.5A priority Critical patent/CN111865954A/en
Publication of CN111865954A publication Critical patent/CN111865954A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/164Adaptation or special uses of UDP protocol

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention relates to a data hedging type computer network security system and a working method thereof, wherein the data hedging type computer network security system comprises the following steps: the first firewall module is used for blocking the transmission of external data; the external data identification module identifies external data of the Internet; the protocol identification module identifies a user datagram protocol data packet and the size in the external data; the IP address inspection module is used for inspecting the external data and the IP address of the user datagram protocol data packet; the IP address judging module is used for judging the consistency of the IP address of the external data and the IP address of the user datagram protocol data packet; the attack judgment module is used for judging UDP Flood attack data; the target identification module is used for judging an attack target of UDP Flood attack data; the hedge data module is used for providing corresponding hedge data according to the attack target of the UDP Flood attack data judged by the target identification module and mixing the hedge data into the UDP Flood attack data; the execution module is used for carrying out appointed data impact; and the second firewall module isolates UDP flow attack data in the mixed data.

Description

Data hedging type computer network security system and working method thereof
Technical Field
The invention relates to the field of network security, in particular to a data hedging type computer network security system and a working method thereof.
Background
Since the advent of computers, network security problems have existed, and users have not paid sufficient attention to it, but with the development of information technology, network security problems have become increasingly prominent. One of the biggest and most challenging problems in network security is Distributed Denial of Service (DDoS) attack, which is a Distributed large-scale attack mode and is implemented by controlling a puppet on the internet to launch an attack on a target server, so that a large amount of data streams are rushed to the target server, and system resources and bandwidth of the server are consumed, or a link is full, thereby affecting access of a legitimate user. However, UDP Flood attack is an increasingly rampant DDoS attack, and an attacker uses a large number of UDP packets to launch the attack, which causes network paralysis of enterprises and users and makes it impossible to provide normal services, so that it is urgently needed to provide a network security system capable of effectively detecting and preventing UDP Flood attack.
Disclosure of Invention
The purpose of the invention is as follows:
aiming at the problem of providing a network security system capable of effectively detecting and preventing UDP Flood attacks, the invention provides a data hedging type computer network security system and a working method thereof.
The technical scheme is as follows:
a data-flushing computer network security system for network security defense against UDP Flood attacks, comprising:
the first firewall module is used for blocking the transmission of all external data;
the external data identification module is used for identifying external data sent to the computer by the Internet;
the protocol identification module is used for identifying a user datagram protocol data packet in external data and the size of the user datagram protocol data packet;
the IP address inspection module is used for inspecting the IP address of the external data transmitted to the computer and the IP address of a user datagram protocol data packet in the external data;
the IP address judging module is used for judging the consistency of the IP address of the external data transmitted to the computer and the IP address of the user datagram protocol data packet in the external data;
the attack judgment module is used for judging UDP Flood attack data according to the working contents of the protocol identification module and the IP address judgment module;
the target identification module is used for judging an attack target of UDP Flood attack data;
the hedge data module is used for providing corresponding hedge data according to the attack target of the UDP Flood attack data judged by the target identification module and mixing the hedge data into the UDP Flood attack data;
The execution module is used for carrying out appointed data impact on an attack target of the UDP Flood attack data by utilizing the hedge data provided by the hedge data module;
and the second firewall module is used for isolating UDP Flood attack data in the mixed data.
As a preferred mode of the present invention, after the attack determination module determines that UDP Flood attack data exists, the first firewall module prevents transmission of all external data; and when the hedge data module provides hedge data, the first firewall module allows all external data to be transmitted.
As a preferred embodiment of the present invention, for the object identification module, the identified object includes a DNS server, a Radius authentication server, and a streaming video server.
As a preferred mode of the present invention, the protocol identification module sets a data packet threshold, and the protocol identification module determines whether external data of a current user datagram protocol data packet is UDP Flood attack data according to the data packet threshold.
As a preferable mode of the present invention, the attack determination module determines the basis of the UDP Flood attack data, including the size of the datagram protocol packet transmitted by the external data and the correspondence between the IP address of the external data and the IP address of the user datagram protocol packet in the external data.
As a preferred mode of the present invention, the hedged data module includes:
the data simulation module is used for simulating a temporary data packet corresponding to an attack target of UDP Flood attack data according to the historical data packet;
and the emergency data adding module is used for adding emergency encrypted data to the temporary data packet simulated by the data simulation module.
A working method of a data hedge type computer network security system comprises the following steps:
s01: the external data identification module identifies external data sent to a computer by the Internet;
s02: the protocol identification module identifies a user datagram protocol data packet from external data;
s03: the protocol identification module judges whether the size of a user datagram protocol data packet is smaller than a data packet threshold value, if so, the step enters S04;
s04: the IP address checking module checks the IP address of the current external data and the IP address of a user datagram protocol data packet in the current external data;
s05: the IP address judging module judges whether the IP address of the current external data is consistent with the IP address of the user datagram protocol data packet in the current external data, if not, the step enters S06;
s06: the attack judgment module judges that UDP Flood attack data currently exist;
S07: the first firewall module starts a first firewall;
s08: the target identification module identifies an attack target of UDP flow attack data in the external data transmitted before the first firewall module is closed;
s09: the hedge data module simulates a temporary data packet through the data simulation module;
s10: the emergency data adding module adds emergency encrypted data to the temporary data packet and forms hedge data;
s11: the execution module initiates an attack to an attack target of UDP Flood attack data by utilizing the hedge data;
s12: the first firewall module closes a first firewall;
s13: and the second firewall module isolates the data packet which cannot be analyzed by the attack target of the UDP flow attack data.
In a preferred embodiment of the present invention, in S07, the first firewall module corresponds to the first firewall, and the first firewall module is disposed at the beginning of the transmission path on the external data transmission path.
In a preferred embodiment of the present invention, in S10, the encrypted data is computer internal warning data.
The invention realizes the following beneficial effects:
the simulated Trojan data which is easy to isolate is added in front of the UDP packet of the UDP Flood attack data, so that the UDP Flood attack data becomes discontinuous, and a large number of UDP packets can not be continuously used for impacting the DNS server, the Radius authentication server and the streaming media video server, so that a firewall system of the computer can process the UDP packet while processing the simulated Trojan data in time, the UDP Flood attack data can not generate effective attack in a short time, the computer can obtain longer processing time of the UDP Flood attack data, and the computer can be protected conveniently.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.
FIG. 1 is a system framework diagram of the present invention;
FIG. 2 is a diagram of the working steps of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
The first embodiment is as follows:
the reference figures are figures 1-2. A data-flushing computer network security system for network security defense against UDP Flood attacks, comprising:
the first firewall module 1 is used for blocking transmission of all external data;
the external data identification module 2 is used for identifying external data sent to a computer by the Internet;
the protocol identification module 3 is used for identifying a user datagram protocol data packet in external data and the size of the user datagram protocol data packet;
an IP address checking module 4 for checking the IP address of the external data transmitted to the computer and the IP address of the user datagram protocol data packet in the external data;
An IP address judging module 5, which is used for judging the consistency of the IP address of the external data transmitted to the computer and the IP address of the user datagram protocol data packet in the external data;
the attack judgment module 6 is used for judging UDP Flood attack data according to the working contents of the protocol identification module 3 and the IP address judgment module 5;
the target identification module 7 is used for judging an attack target of UDP Flood attack data;
the hedge data module 8 is configured to provide corresponding hedge data according to the attack target of the UDP Flood attack data determined by the target identification module 7, and mix the hedge data into the UDP Flood attack data;
the execution module 9 is configured to perform specified data impact on an attack target of UDP Flood attack data by using the hedge data provided by the hedge data module 8;
and the second firewall module 10 is used for isolating UDP Flood attack data in the mixed data.
As a preferred mode of the present invention, after the attack determination module 6 determines that there is UDP Flood attack data, the first firewall module 1 prevents transmission of all external data; after the hedged data module 8 provides the hedged data, the first firewall module 1 allows all external data transmission.
As a preferred embodiment of the present invention, for the object identification module 7, the identified object includes a DNS server, a Radius authentication server, and a streaming video server.
As a preferred mode of the present invention, the protocol identification module 3 sets a data packet threshold, and the protocol identification module 3 determines whether the external data of the current user datagram protocol data packet is UDP Flood attack data according to the data packet threshold.
As a preferred mode of the present invention, the attack determination module 6 determines the basis of the UDP Flood attack data, including the size of the datagram protocol packet transmitted by the external data and the correspondence between the IP address of the external data and the IP address of the user datagram protocol packet in the external data.
As a preferred embodiment of the present invention, the hedged data module 8 includes:
the data simulation module 11 is used for simulating a temporary data packet corresponding to an attack target of UDP Flood attack data according to the historical data packet;
an emergency data adding module 12, configured to add emergency encrypted data to the temporary data packet simulated by the data simulating module 11.
A working method of a data hedge type computer network security system comprises the following steps:
S01: the external data identification module 2 identifies external data sent to a computer by the Internet;
s02: the protocol identification module 3 identifies a user datagram protocol data packet from external data;
s03: the protocol identification module 3 judges whether the size of the user datagram protocol data packet is smaller than a data packet threshold value, if so, the step enters S04;
s04: the IP address checking module 4 checks the IP address of the current external data and the IP address of the user datagram protocol data packet in the current external data;
s05: the IP address determining module 5 determines whether the IP address of the current external data is consistent with the IP address of the user datagram protocol packet in the current external data, if not, the process goes to S06;
s06: the attack determination module 6 determines that UDP Flood attack data currently exists;
s07: the first firewall module 1 opens a first firewall;
s08: the target identification module 7 identifies an attack target of UDPFlood attack data in external data transmitted before the first firewall module 1 is closed;
s09: the hedge data module 8 simulates a temporary data packet through the data simulation module 11;
s10: the emergency data adding module 12 adds emergency encrypted data to the temporary data packet and forms hedge data;
S11: the execution module 9 initiates an attack to an attack target of the UDP Flood attack data by using the hedge data;
s12: the first firewall module 1 closes the first firewall;
s13: the second firewall module 10 isolates the data packet that cannot be resolved by the attack target of the UDP Flood attack data.
In a preferred embodiment of the present invention, in S07, the first firewall module 1 corresponds to the first firewall, and the first firewall module 1 is installed at the beginning of a transmission path on a path of external data transmission.
In a preferred embodiment of the present invention, in S10, the encrypted data is computer internal warning data.
In the specific implementation process, for each module, the "positions" of each module can be simply arranged according to the sequence of modules through which external data passes when being transmitted in the security system: the firewall comprises a first firewall module 1, an external data identification magic block, a protocol identification module 3, an IP address inspection module 4, an IP address judgment module 5, an attack judgment module 6, a target identification module 7, a hedge data module 8, an execution module 9 and a second firewall module 10.
When the computer is connected with the internet and receives data from a certain website on the internet, the data stream is used as external data, and when the external data is transmitted, the first firewall under the control of the first firewall module 1 is in a closed state, that is, any data can be transmitted into the computer through the first firewall and transmitted in sequence. When external data is transmitted to a computer through a first firewall, the external data is firstly identified by an external data identification module 2, the external data identification module 2 identifies the data content of the external data, it is worth mentioning that the external data identification module 2 judges the security of the content through the identified data content, when the content is judged to be unsafe data content, the external data is directly isolated, otherwise, the external data can be continuously transmitted.
After determining that the external data is the secure external data, the protocol identification module 3 will determine the user datagram protocol in the external data, detecting the header and payload fields of the user datagram protocol by the source port number, the destination port number, the datagram length, the check value, etc., and determining the user datagram protocol in the external data, further, the protocol recognition module 3 recognizes the packet of the user datagram protocol and judges the size of the packet, the protocol recognition module 3 sets a packet threshold, when the protocol identification module 3 determines that the size of the user datagram protocol packet is less than the packet threshold, the protocol identification module 3 takes the current user datagram protocol packet as a UDP packet, namely, the data packet of the attack data, so as to determine the current external data with the UDP packet as the potential UDP Flood attack data.
Furthermore, the IP address checking module 4 checks the IP address of the external data and the source IP address of the corresponding user datagram protocol data packet in the external data, and for the IP address of the external data, the IP address judging module 5 also determines whether the IP address is a known secure IP address or a secure IP address that has been proved in the use history of the computer used by the user, and if not, directly controls the first firewall module 1 to reject the external data corresponding to the IP address; if yes, the IP address is judged to be a safe address, and then the IP address judgment module 5 judges whether the IP address of the current external data is consistent with the IP address corresponding to the user datagram protocol data packet in the external data, if yes, the user datagram protocol data packets are judged not to be UDP packets adopted by UDP flow attack data, and then the external data are judged not to be UDP flow attack data; if not, the user datagram protocol data packet at the moment is judged to be a UDP packet adopted by UDP Flood attack data.
When the current external data is determined to be UDP Flood attack data for the first time or UDP Flood attack data may exist in the current external data, the first firewall module 1 directly controls the entire opening of the first firewall, and temporarily blocks all the external data. Since the UDP packet with the UDP Flood attack data that has been identified at the beginning before isolation enters the computer, the UDP packet attacks the attack target, so that the target identification module 7 identifies the attack target of the UDP packet, that is, the attack target of the UDP Flood attack data, and further, the data simulation module 11 of the flushing data module 8 simulates a temporary data packet according to the type of the attack target of the UDP Flood attack data, and the temporary data packet serves as a self-attack of the computer on the system, and the emergency data addition module 12 adds the emergency encryption data to the temporary data packet, for example, the ordinary computer firewall system warns some trojans, so that the system itself has a certain priority for processing the temporary data, and thus the temporary data can be processed preferentially in the transmission process, specifically, when the UDP packet of the UDP Flood attack data is identified according to the process, the hedge data module 8 directly adds a plurality of temporary data packets before the external data is transmitted to the position of the hedge data module 8 and the execution module 9 executes the attack command, thereby leading the temporary data packet to be attacked preferentially before the single UDP Flood attacking data attack, and the temporary data packet simulates Trojan implantation, the response of a common firewall to the Trojan implantation is usually quick, and the firewall can easily isolate the Trojan, in the embodiment, a third firewall may be provided, which is specially used for processing the temporary data packet in the attack target of UDP Flood attack data, and when data that cannot be processed by the third firewall occurs, namely, the UDP packet of the UDP Flood attack data, and the second firewall module 10 processes the UDP packet of the UDP Flood attack data through the second firewall.
The above embodiments are merely illustrative of the technical ideas and features of the present invention, and are intended to enable those skilled in the art to understand the contents of the present invention and implement the present invention, and not to limit the scope of the present invention. All equivalent changes or modifications made according to the spirit of the present invention should be covered within the protection scope of the present invention.

Claims (9)

1. A data-flushing computer network security system for network security defense against UDP Flood attacks, comprising:
the first firewall module is used for blocking the transmission of all external data;
the external data identification module is used for identifying external data sent to the computer by the Internet;
the protocol identification module is used for identifying a user datagram protocol data packet in external data and the size of the user datagram protocol data packet;
the IP address inspection module is used for inspecting the IP address of the external data transmitted to the computer and the IP address of a user datagram protocol data packet in the external data;
the IP address judging module is used for judging the consistency of the IP address of the external data transmitted to the computer and the IP address of the user datagram protocol data packet in the external data;
The attack judgment module is used for judging UDP Flood attack data according to the working contents of the protocol identification module and the IP address judgment module;
the target identification module is used for judging an attack target of UDP Flood attack data;
the hedge data module is used for providing corresponding hedge data according to the attack target of the UDP Flood attack data judged by the target identification module and mixing the hedge data into the UDP Flood attack data;
the execution module is used for carrying out appointed data impact on an attack target of the UDP Flood attack data by utilizing the hedge data provided by the hedge data module;
and the second firewall module is used for isolating UDP Flood attack data in the mixed data.
2. A data-hedged computer network security system according to claim 1, wherein: after the attack determination module determines that UDP Flood attack data exists, the first firewall module prevents all external data from being transmitted; and when the hedge data module provides hedge data, the first firewall module allows all external data to be transmitted.
3. A data-hedged computer network security system according to claim 2, wherein: for the target identification module, the identified target comprises a DNS server, a Radius authentication server and a streaming media video server.
4. A data-hedged computer network security system according to claim 3, wherein: the protocol identification module sets a data packet threshold value, and judges whether the external data of the current user datagram protocol data packet is UDP flow attack data or not according to the data packet threshold value.
5. A data-hedged computer network security system according to claim 4, wherein: the attack determination module determines the consistency of the UDP Flood attack data according to the size of a datagram protocol data packet transmitted by external data and the IP address of the external data and the IP address of a user datagram protocol data packet in the external data.
6. A data-hedged computer network security system according to claim 5, wherein: the hedge data module comprises:
the data simulation module is used for simulating a temporary data packet corresponding to an attack target of UDP Flood attack data according to the historical data packet;
and the emergency data adding module is used for adding emergency encrypted data to the temporary data packet simulated by the data simulation module.
7. A method of operating a data-directed computer network security system, using a data-directed computer network security system of claim 6, the method comprising: the method comprises the following steps:
S01: the external data identification module identifies external data sent to a computer by the Internet;
s02: the protocol identification module identifies a user datagram protocol data packet from external data;
s03: the protocol identification module judges whether the size of a user datagram protocol data packet is smaller than a data packet threshold value, if so, the step enters S04;
s04: the IP address checking module checks the IP address of the current external data and the IP address of a user datagram protocol data packet in the current external data;
s05: the IP address judging module judges whether the IP address of the current external data is consistent with the IP address of the user datagram protocol data packet in the current external data, if not, the step enters S06;
s06: the attack judgment module judges that UDP Flood attack data currently exist;
s07: the first firewall module starts a first firewall;
s08: the target identification module identifies an attack target of UDP flow attack data in the external data transmitted before the first firewall module is closed;
s09: the hedge data module simulates a temporary data packet through the data simulation module;
s10: the emergency data adding module adds emergency encrypted data to the temporary data packet and forms hedge data;
S11: the execution module initiates an attack to an attack target of UDP Flood attack data by utilizing the hedge data;
s12: the first firewall module closes a first firewall;
s13: and the second firewall module isolates the data packet which cannot be analyzed by the attack target of the UDP flow attack data.
8. A method of operating a data hedged computer network security system according to claim 7, wherein: for the S07, the first firewall module corresponds to the first firewall, and on the external data transmission path, the first firewall module is disposed at the beginning of the transmission path.
9. A method of operating a data hedged computer network security system according to claim 7, wherein: in S10, the encrypted data is computer internal warning data.
CN202010662857.5A 2020-07-10 2020-07-10 Data hedging type computer network security system and working method thereof Withdrawn CN111865954A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010662857.5A CN111865954A (en) 2020-07-10 2020-07-10 Data hedging type computer network security system and working method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010662857.5A CN111865954A (en) 2020-07-10 2020-07-10 Data hedging type computer network security system and working method thereof

Publications (1)

Publication Number Publication Date
CN111865954A true CN111865954A (en) 2020-10-30

Family

ID=73153198

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010662857.5A Withdrawn CN111865954A (en) 2020-07-10 2020-07-10 Data hedging type computer network security system and working method thereof

Country Status (1)

Country Link
CN (1) CN111865954A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112738032A (en) * 2020-12-17 2021-04-30 公安部第三研究所 Communication system for preventing IP deception

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112738032A (en) * 2020-12-17 2021-04-30 公安部第三研究所 Communication system for preventing IP deception
CN112738032B (en) * 2020-12-17 2022-10-11 公安部第三研究所 Communication system for preventing IP deception

Similar Documents

Publication Publication Date Title
EP2289221B1 (en) Network intrusion protection
US7797749B2 (en) Defending against worm or virus attacks on networks
US7725936B2 (en) Host-based network intrusion detection systems
EP2555486B1 (en) Multi-method gateway-based network security systems and methods
KR101010465B1 (en) Network security elements using endpoint resources
US8356349B2 (en) Method and system for intrusion prevention and deflection
Chao-Yang DOS attack analysis and study of new measures to prevent
US10693908B2 (en) Apparatus and method for detecting distributed reflection denial of service attack
US20030065943A1 (en) Method and apparatus for recognizing and reacting to denial of service attacks on a computerized network
US20050198519A1 (en) Unauthorized access blocking apparatus, method, program and system
CN101202742A (en) Method and system for preventing refusal service attack
JP7388613B2 (en) Packet processing method and apparatus, device, and computer readable storage medium
JP2002073433A (en) Break-in detecting device and illegal break-in measures management system and break-in detecting method
Trabelsi et al. Denial of firewalling attacks (dof): The case study of the emerging blacknurse attack
CN111865954A (en) Data hedging type computer network security system and working method thereof
US11552973B2 (en) Network malicious behavior detection method and networking system using same
JP3790486B2 (en) Packet relay device, packet relay system, and story guidance system
JP4391455B2 (en) Unauthorized access detection system and program for DDoS attack
JP2006501527A (en) Method, data carrier, computer system, and computer program for identifying and defending attacks against server systems of network service providers and operators
KR101639428B1 (en) System for uni direction protocol control on board
KR102062718B1 (en) Honeynet system for internet of things using packet virtualization
KR102621652B1 (en) Server computer equipped with DRDoS attack response method, DRDoS attack response program and DRDoS attack response method
KR20190041324A (en) Apparatus and method for blocking ddos attack
US11451584B2 (en) Detecting a remote exploitation attack
JP2006094377A (en) Access control apparatus, access control method, and access control program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20201030

WW01 Invention patent application withdrawn after publication