CN113660221A - Joint anti-attack method, device and system combined with game - Google Patents
Joint anti-attack method, device and system combined with game Download PDFInfo
- Publication number
- CN113660221A CN113660221A CN202110857896.5A CN202110857896A CN113660221A CN 113660221 A CN113660221 A CN 113660221A CN 202110857896 A CN202110857896 A CN 202110857896A CN 113660221 A CN113660221 A CN 113660221A
- Authority
- CN
- China
- Prior art keywords
- equipment
- attack
- defense
- group
- joint
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/04—Real-time or near real-time messaging, e.g. instant messaging [IM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a joint anti-attack method, a joint anti-attack device and a joint anti-attack system combined with games, and relates to the technical field of network security. The method comprises the following steps: receiving a DDoS attack event reported by a device node of a user, and sending a joint defense request to other device nodes of a network system where the device node is located; acquiring the information of the equipment nodes receiving the joint defense, establishing a joint attack prevention equipment group, acquiring the information of all the equipment nodes receiving the joint defense and adding the information as contact objects into the group to form group members; and generating a visual attack and defense display picture in a group communication interaction interface of the group according to the DDoS attack information and the equipment node information participating in the joint defense in the group. The invention is convenient for users to intuitively and quickly acquire the node information of the equipment participating in defense and the real-time attack and defense information, and enriches the display effect of the defense information.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a joint anti-attack method, a joint anti-attack device and a joint anti-attack system combined with games.
Background
DDoS (Distributed Denial of service) attacks mainly send a large number of network packets that appear to be legitimate to a victim host through a plurality of hosts that are invaded or indirectly available by the attacker, thereby causing network congestion or exhaustion of server resources and resulting in Denial of service. Once the DDoS is implemented, the attack network packet will flood towards the victim host, thereby flooding the network packet of the legitimate user, and causing the legitimate user to be unable to normally access the network resource of the server, so the denial of service attack is also called as "flood attack". DDoS attacks can generally be divided into two forms: bandwidth resource consuming and server resource consuming. They all occupy a lot of network and equipment resources through a lot of legal or forged requests to achieve the purpose of paralysis network and system. With the increase of Internet bandwidth and the continuous release of various DDoS hacking tools, DDoS attacks are easier to implement, and with the increase of bandwidth, the cost of DDoS attacks is lower, and losses caused to users and society are larger and larger.
For DDoS attacks, the traditional defense means is basically a ratio of bandwidth to resources, a good defense effect cannot be achieved for unexpected DDoS traffic attacks, and attackers can easily form attack traffic far exceeding the bandwidth of a server network. On the other hand, most of the currently adopted DDoS attack defense measures and methods need a large amount of hardware and bandwidth investment, so that no matter a user establishes a DDoS attack defense system or rents DDoS attack defense service, network resources are wasted under normal flow, and the cost is increased.
Based on the above problems, the prior art also provides a scheme for defending against DDoS attacks using proxy nodes in a network system, such as chinese patent application CN201811606295.1, which discloses a dynamic transformation-based DDoS attack defense system: under normal flow, a small number of proxy nodes are adopted to transmit communication between a user and an application server, so that normal communication requirements are met and resources are saved; when suffering DDoS attack, a large number of dynamic proxy nodes are started to transmit communication between a user and an application server, standby proxy nodes are continuously used for replacing attacked proxy nodes, user flow is migrated to new proxy nodes, and the attacked proxy nodes are closed, so that the DDoS attack strength is rapidly reduced, and the goal of defending large-flow attack with smaller bandwidth is realized.
However, in the existing DDoS defense scheme, the problem that a user cannot know defense equipment and real-time attack and defense conditions in time generally exists. How to provide a technical scheme which is convenient for users to intuitively acquire defense equipment and real-time attack and defense conditions is a technical problem which needs to be solved urgently at present.
Disclosure of Invention
The invention aims to provide a joint anti-attack method, a device and a system combined with games, and the invention has the advantages that: after the equipment node information for receiving joint defense is acquired, a joint defense attack equipment group can be established in an instant communication tool based on the instant communication account of the user, and meanwhile, a visual attack and defense display picture is generated in a group communication interaction interface of the group according to the DDoS attack information and the equipment node information participating in the joint defense in the group, so that the user can intuitively and quickly acquire the equipment node information participating in the defense and the real-time attack and defense information, and the defense information display effect and the application scene of contact application are enriched.
In order to achieve the above object, the present invention provides the following technical solutions:
a joint anti-attack method combined with games comprises the following steps:
receiving a DDoS attack event reported by a device node of a user, and sending a joint defense request to other device nodes of a network system where the device node is located; the equipment node in the network system is a user terminal which passes the validity verification of the network system;
acquiring the information of the equipment nodes receiving the joint defense, establishing a joint anti-attack equipment group in an instant messaging tool based on the instant messaging account of the user, acquiring the information of all the equipment nodes receiving the joint defense, and adding the equipment nodes serving as contact objects into the joint anti-attack equipment group to form group members;
and generating a visual attack and defense display picture in a group communication interaction interface of the group according to the DDoS attack information and the information of the equipment nodes participating in the joint defense in the group, wherein the attack and defense display picture displays a game role image corresponding to the DDoS attack and a game role image corresponding to the equipment nodes participating in the joint defense.
Further, the size and/or the color of the game role image corresponding to the DDoS attack are set according to the size of the DDoS abnormal flow of the DDoS attack, and the size and/or the color of the corresponding game role image are set according to the size of resource information provided by the equipment nodes participating in the joint defense.
Further, based on preset unit time, detecting unit resource contribution amount of the equipment node participating in the joint defense, wherein the unit resource contribution amount is the resource amount which is input by the equipment node in unit time and is used for defending the DDoS attack; and converting the unit resource contribution amount into a virtual sub-launch with a corresponding size to the game role image corresponding to the DDoS attack.
And further, acquiring resource idle information of each equipment node in the group based on the time unit, and outputting the resource idle information of the equipment node through an ITEM of a group member corresponding to each equipment node.
Further, for each equipment node in the group, calculating a resource index assistance amount of the equipment node capable of participating in joint defense based on a preset resource index unit amount, wherein the resource index assistance amount is equal to a numerical value obtained by dividing an idle resource amount by the resource index unit amount and then rounding.
Further, acquiring quotation information of the equipment nodes accepting the joint defense, and unifying quotations of the equipment nodes to convert the quotations into unit quotations based on the resource index unit quantity; and selecting the equipment nodes needing to participate in the joint defense from the equipment nodes receiving the joint defense by combining the resource index assistance amount and unit quotation of each equipment node.
Further, the idle resource information includes the resource type of the equipment node and the idle resource amount corresponding to the resource type, a resource index unit amount and a resource index assistance amount are set corresponding to each type of resource, and the resource index assistance amount of each type of resource is equal to a numerical value obtained by dividing the idle resource amount of the type of resource by the corresponding resource index unit amount and then rounding;
setting a node resource index assistance amount corresponding to the equipment node, wherein the node resource index assistance amount is equal to the sum of the resource index assistance amounts of various resources contained in the equipment node; and outputting the node resource index assistance amount of the equipment node and the resource index assistance amount of various resources through the ITEM of the group member.
Further, acquiring current equipment node information participating in the joint defense, and displaying a comprehensive association identifier on a group member ITEM corresponding to the equipment node participating in the joint defense on a group member display interface of the joint attack prevention equipment group, wherein the comprehensive association identifier is formed by fusing or partially fusing the group member ITEM to form a fused ITEM, and the current attack and defense information is output corresponding to the fused ITEM.
The invention also provides a joint anti-attack device combined with the game, which comprises the following structures:
the information acquisition module is used for receiving a DDoS attack event reported by a device node of a user and sending a joint defense request to other device nodes of a network system where the device node is located; the equipment node in the network system is a user terminal which passes the validity verification of the network system;
the group establishing module is used for acquiring the information of the equipment nodes receiving the joint defense, establishing a joint anti-attack equipment group in the instant messaging tool based on the instant messaging account of the user, acquiring the information of all the equipment nodes receiving the joint defense and adding the equipment nodes serving as contact objects into the joint anti-attack equipment group to form group members;
and the attack and defense display module is used for generating a visual attack and defense display picture in a group communication interaction interface of the group according to the DDoS attack information and the equipment node information participating in the joint defense in the group, and the attack and defense display picture displays a game role image corresponding to the DDoS attack and a game role image corresponding to the equipment node participating in the joint defense.
The invention also provides a joint anti-attack system combined with games, which comprises a system server and at least 2 equipment nodes;
the equipment node is a user terminal which passes the validity verification of the system server and is in communication connection with the system server;
the system server is configured to: receiving a DDoS attack event reported by a device node of a user, and sending a joint defense request to other device nodes in the system; and acquiring the information of the equipment nodes accepting the joint defense, establishing a joint anti-attack equipment group in an instant communication tool based on the instant communication account of the user, acquiring the information of all the equipment nodes accepting the joint defense, adding the equipment nodes as contact objects into the joint anti-attack equipment group to form group members, and generating a visual attack and defense display picture in a group communication interaction interface of the group according to the DDoS attack information and the information of the equipment nodes participating in the joint defense in the group, wherein the attack and defense display picture displays a game role image corresponding to the DDoS attack and a game role corresponding to the equipment nodes participating in the joint defense.
Due to the adoption of the technical scheme, compared with the prior art, the invention has the following advantages and positive effects as examples: after the equipment node information for receiving joint defense is acquired, a joint defense attack equipment group can be established in an instant communication tool based on the instant communication account of the user, and meanwhile, a visual attack and defense display picture is generated in a group communication interaction interface of the group according to the DDoS attack information and the equipment node information participating in the joint defense in the group, so that the user can intuitively and quickly acquire the equipment node information participating in the defense and the real-time attack and defense information, and the defense information display effect is enriched.
Drawings
Fig. 1 is a flowchart of a joint anti-attack method combined with a game according to an embodiment of the present invention.
Fig. 2 is a diagram of an example of a group display interface of a joint attack prevention device group according to an embodiment of the present invention.
Fig. 3 is a diagram illustrating a display example of an attack and defense display screen according to an embodiment of the present invention.
Fig. 4 is a schematic block diagram of an apparatus according to an embodiment of the present invention.
Fig. 5 is a schematic structural diagram of a system according to an embodiment of the present invention.
Description of reference numerals:
the IM tool main interface 100, the user head portrait 110, the group list 120, the joint attack prevention device group 121 and the group member 121-1;
a group communication interactive interface 200, a group name 210, a group information display field 220, a group information input field 230, a group status display field 240, and a group member display field 250;
the device 300, an information acquisition module 310, a group establishment module 320 and an attack and defense display module 330;
Detailed Description
The joint anti-attack method, device and system combined with the game disclosed by the invention are further described in detail with reference to the accompanying drawings and specific embodiments. It should be noted that technical features or combinations of technical features described in the following embodiments should not be considered as being isolated, and they may be combined with each other to achieve better technical effects. In the drawings of the embodiments described below, the same reference numerals appearing in the respective drawings denote the same features or components, and may be applied to different embodiments. Thus, once an item is defined in one drawing, it need not be further discussed in subsequent drawings.
It should be noted that the structures, proportions, sizes, and other dimensions shown in the drawings and described in the specification are only for the purpose of understanding and reading the present disclosure, and are not intended to limit the scope of the invention, which is defined by the claims, and any modifications of the structures, changes in the proportions and adjustments of the sizes and other dimensions, should be construed as falling within the scope of the invention unless the function and objectives of the invention are affected. The scope of the preferred embodiments of the present invention includes additional implementations in which functions may be executed out of order from that described or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the embodiments of the present invention.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate. In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
Examples
Referring to fig. 1, a joint anti-attack method combined with a game is provided for an embodiment of the present invention. The method comprises the following steps:
s100, receiving a DDoS attack event reported by a device node of a user, and sending a joint defense request to other device nodes of a network system where the device node is located; the equipment node in the network system is the user terminal which passes the validity verification of the network system.
The user terminal is a computer terminal set for a user, and includes but is not limited to various computing devices such as a mobile phone, a tablet computer, a desktop computer, an ore machine, a server and the like. The object for operating the user terminal may be any one or more users.
In a preferred embodiment, each device node in the network system constitutes a block chain protection network system. An equipment information sharing intelligent contract and an equipment cleaning intelligent contract can be arranged in a system server of the block chain protective network system, and all equipment nodes in the system form a consensus node based on a consensus algorithm so as to realize information sharing.
In a typical implementation manner, when a certain device node in the system has a DDoS attack, the device node may upload an information summary of DDoS abnormal traffic information to a system server of the block chain protection network system based on a device information sharing intelligent contract. And then, the system server of the blockchain protective network system synchronizes the information summary of the DDoS abnormal flow information to other equipment nodes based on a blockchain consensus algorithm. Meanwhile, a system server of the blockchain protective network system can also select one or more other equipment nodes in the system through an equipment cleaning intelligent contract based on the joint defense request, then send DDoS attack equipment cleaning information to the other equipment nodes, and filter and clean network traffic through the equipment nodes.
It should be noted that the blockchain refers to an architecture design method for implementing a product with data disclosure, transparency, and traceability, and is calculated as a generalized blockchain. The generalized block chain comprises 4 aspects of point-to-point network design, encryption technology application, distributed algorithm implementation, data storage technology use and the like, and others may relate to distributed storage, machine learning, VR, the Internet of things, big data and the like. While the narrowly defined block chain only relates to data storage technology, database or file operation and the like. The block chain in this application refers to a generalized block chain.
Optionally, before sending the joint defense request, user permission information of the attacked device node may be collected. And after collecting the permission of the user to start the joint defense, sending the joint defense request again.
S200, acquiring the information of the equipment nodes receiving the joint defense, establishing a joint anti-attack equipment group in the instant messaging tool based on the instant messaging account of the user, acquiring the information of all the equipment nodes receiving the joint defense, and adding the equipment nodes serving as contact objects into the joint anti-attack equipment group to form group members.
The instant messenger, also called instant messenger, is commonly referred to in the art as a client with instant messaging capability, such as WeChat, QQ, and nailing. By way of example and not limitation, the instant messaging tool may be a web application, a PC application, or a handheld APP application.
In the prior art, a user logs in an instant messaging tool to establish a connection between an instant messaging client and an instant messaging server. The instant communication tool outputs a user main interface to a user through a display screen of the user terminal.
Referring to fig. 2, the user main interface may display a user avatar 110, a search bar, an instant messaging message and contact information pushed by an instant messaging server, and the like. Specifically, the user main interface may display a contact list and group list information pushed by the instant messaging server, where the contact list records the head portrait, nickname, signature, online status, session message, and friend information such as ranking of a friend (contact object); the group list records the group member information such as head portrait, nickname, signature, online status, session message, and ranking of the chat group. Referring to fig. 2, after the user selects a group control (or called group chat control), the information of the group list 120 of the user is output, and the user may trigger a communication interaction operation for a certain chat group in the group list 120, where the communication interaction operation is commonly used, for example, a corresponding group avatar is triggered by clicking, and a group communication interaction interface is generated accordingly.
In this embodiment, a joint anti-attack device group 121 corresponding to a device node accepting joint defense is established in an instant messenger, and the joint anti-attack device group 121 may be displayed in a group list 120 as in other conventional chat groups, as shown in fig. 2. And simultaneously acquiring information of all the equipment nodes receiving the joint defense, and adding the equipment nodes serving as contact objects into the joint attack prevention equipment group 121 to form a group member 121-1. Each equipment node receiving the joint defense is a group member, and each equipment node serving as a group member corresponds to own equipment name, equipment identification number (with uniqueness, such as a mobile equipment identification code IMEI of a mobile phone) and other equipment node related information. For example, the group list 120 may display a conventional group and a joint attack prevention device group, where the conventional group corresponds to a conventional chat group in the prior art, and the joint attack prevention device group corresponds to a device group for defending against DDoS attack, and unlike the conventional chat group, group members in the device group correspond to information about device nodes for accepting joint defense, and group members in the conventional chat group are chat objects of users.
Optionally, the name and/or the device identification number are/is used as a nickname of a group member corresponding to the device node, and a head portrait of the corresponding group member is generated based on the device type of the device node, for example, when the device node is a certain model mobile phone of a certain brand, the head portrait of the corresponding group member is an image of the model mobile phone of the brand.
And S300, generating a visual attack and defense display picture in a group communication interaction interface of the group according to the DDoS attack information and the information of the equipment nodes participating in the joint defense in the group, wherein the attack and defense display picture displays a game role image corresponding to the DDoS attack and a game role image corresponding to the equipment nodes participating in the joint defense.
Specifically, the size and/or color of the game role image corresponding to DDoS attack can be set according to the size of DDoS abnormal traffic of DDoS attack, and the size and/or color of the corresponding game role image can be set according to the size of resource information provided by the device nodes participating in joint defense.
Referring to FIG. 3, a typical group communication interactive interface 200 is illustrated. When a user triggers an ITEM of the joint attack prevention device group, such as double-clicking a group avatar or a group name, the group communication interactive interface 200 shown in fig. 3 can be popped up, and the user can acquire or input information in the group communication interactive interface. The group communication interface 200 may specifically include a group name 210, a group information display field 220, a group information input field 230, a group status display field 240, and a group member display field 250.
The attack and defense display screen is preferably output through the group information display column 220.
The group information input field 230 is used to collect information sent by the user, for example, the user may input barrage information, comment information, and the like that the user wants to output on the attack and defense display screen through the group information input field 230.
The group status display bar 240 is used to display the status of the current joint attack prevention device group, for example, whether the group is currently in a DDoS defense state.
In another implementation manner of this embodiment, a unit resource contribution amount of a device node participating in joint defense may be detected based on a preset unit time, where the unit resource contribution amount is a resource amount, which is invested by the device node in the unit time and is used for defending against the DDoS attack; and converting the unit resource contribution amount into a virtual sub-launch with a corresponding size to the game role image corresponding to the DDoS attack. Referring to fig. 3, a picture illustrating that two device nodes participating in joint defense attack on a game character corresponding to a DDoS attack is shown, in fig. 3, the size of a bullet at the device node "huawei 2345E" is larger than the size of a bullet launched by the device node "xiaomi jelly", that is, the unit resource contribution amount provided by the device node "huawei 2345E" is larger than the unit resource contribution amount provided by the device node "xiaomi jelly".
In this embodiment, the resource idle information of each device node in the group may also be obtained based on the time unit, and the resource idle information of the device node is output through the ITEM of the group member corresponding to each device node.
Optionally, for each device node in the group, a resource index assistance amount that the device node can participate in the joint defense may be calculated based on a preset resource index unit amount, where the resource index assistance amount is equal to a value obtained by dividing the idle resource amount by the resource index unit amount and then rounding.
In this embodiment, when selecting an equipment node that needs to participate in joint defense from equipment nodes that accept joint defense, considering that an equipment node that can provide multiple resource assistance amounts during defense is obviously superior to an equipment node that can only provide few resource assistance amounts, the resource index assistance amounts and unit quotations may also be combined when selecting cleaning equipment, so that joint defense efficiency and economy may be balanced.
Specifically, acquiring quotation information of equipment nodes accepting the joint defense, and unifying quotations of the equipment nodes to convert the quotations into unit quotations based on resource index unit quantity; and selecting the equipment nodes needing to participate in the joint defense from the equipment nodes receiving the joint defense by combining the resource index assistance amount and unit quotation of each equipment node. In a typical embodiment, for example, when the resource indicator assistance amounts are the same or similar (the similarity refers to that the difference between the resource indicator assistance amounts provided by the two device nodes is smaller than a preset value), the device node with a lower unit bid price is selected from the device nodes receiving the joint defense to participate in the joint defense.
In this embodiment, the idle resource information may include a resource type of the device node and an idle resource amount corresponding to the resource type, and a resource indicator unit amount and a resource indicator assistance amount are set for each type of resource, where the resource indicator assistance amount of each type of resource is equal to a value obtained by dividing the idle resource amount of the type of resource by the corresponding resource indicator unit amount and then rounding.
Setting a node resource index assistance amount corresponding to the equipment node, wherein the node resource index assistance amount is equal to the sum of the resource index assistance amounts of various resources contained in the equipment node; and outputting the node resource index assistance amount of the equipment node and the resource index assistance amount of various resources through the ITEM of the group member.
Specifically, as a preference of a typical manner, for example, the resource type may include at least a physical resource type and a virtual resource type. The physical resources may include, by way of example and not limitation, CPU load, and communication bandwidth. The virtual resources may include, by way of example and not limitation, a number of database reads per unit of time, a number of database writes per unit of time, a number of requests per unit of time, and a number of simultaneous sessions, for example.
The physical resource indicator unit amount N1 is set corresponding to the physical resource, and the physical resource indicator assistance amount K1 of a certain device node is equal to the value obtained by dividing the physical resource idle resource amount M1 by the physical resource indicator unit amount N1 and then rounding up, i.e., K1= [ M1/N1 ].
The virtual resource indicator unit amount N2 is set corresponding to the virtual resource, and the virtual indicator assist amount K2 of a certain device node is equal to the value obtained by dividing the virtual resource idle resource amount M2 by the virtual resource indicator unit amount and then rounding, that is, K2= [ M2/N2 ].
The node resource index assistance amount is equal to the sum of the resource index assistance amounts of the various types of resources contained in the equipment node, namely K = K1+ K2.
K, K1 and K2 values of the device node are output through the ITEM entries of the group members corresponding to the device node, and referring to FIG. 2, taking the device node "huawei 2345E" as an example, 80 represents the K value of the device node, wherein K1=60 and K2= 20.
In another implementation manner of this embodiment, information of a device node currently participating in joint defense may also be acquired, and a collective association identifier is displayed on a group member display interface of the joint attack prevention device group for a group member ITEM corresponding to the device node participating in joint defense. And the overall association identifier is used for fusing or partially fusing the group member ITEM to form a fused ITEM, and outputting current attack and defense information corresponding to the fused ITEM.
And sending a joint defense ending instruction when detecting that the equipment node of the user recovers to a normal condition; and releasing the overall associated identification according to the joint defense finishing instruction, and canceling the fusion ITEM so as to restore the ITEM of the related group member to an initial independent display state.
In another implementation manner of this embodiment, associated contact information set by the device node may also be obtained, where the associated contact information at least includes instant messaging account information of the associated contact. After the instant messaging account information of the associated contact is obtained, the associated contact may be added to the joint anti-attack device group as a group member, and different from the group member of the corresponding device node in the joint anti-attack device group 121, the group member corresponding to the associated contact corresponds to a chat object capable of performing communication interaction (chat), so that a user may perform chat with an associated user, which is usually a user of the device node, such as an owner of a mobile phone, set by the group member and the device node, such as sending thank you information.
Referring to fig. 4, another embodiment of the present invention provides a joint anti-attack device combined with a game.
The device 300 includes an information collecting module 310, a group establishing module 320 and an attack and defense display module 330.
The information acquisition module 310 is configured to receive a DDoS attack event reported by a device node of a user, and send a joint defense request to another device node of a network system in which the device node is located. The equipment node in the network system is the user terminal which passes the validity verification of the network system.
The group establishing module 320 is configured to acquire device node information for accepting the joint defense, establish a joint attack prevention device group in the instant messaging tool based on the instant messaging account of the user, acquire all device node information for accepting the joint defense, and add the device nodes as contact objects into the joint attack prevention device group to form group members.
The attack and defense display module 330 is configured to generate a visual attack and defense display picture in a group communication interaction interface of the group according to DDoS attack information and device node information participating in joint defense in the group, where the attack and defense display picture displays a game role image corresponding to DDoS attack and a game role image corresponding to a device node participating in joint defense.
Other technical features refer to the foregoing embodiments, and each module may be configured to perform corresponding information acquisition, information transmission, and information processing processes, which are not described herein again.
Referring to fig. 5, another embodiment of the present invention provides a joint anti-attack system combined with a game.
The system includes at least 2 device nodes 410 and a system server 420.
The device node 410 is a user terminal that passes the validity verification of the aforementioned system server. Each device node 410 is communicatively coupled to the aforementioned system server 420, and is capable of peer-to-peer communication between multiple device nodes. The communication mode may be wireless communication or wired communication, which is not limited herein.
In a preferred embodiment, each device node in the system constitutes a block chain protection network system. An equipment information sharing intelligent contract and an equipment cleaning intelligent contract can be arranged in a system server 420 of the block chain protective network system, and all equipment nodes 410 in the system form a consensus node based on a consensus algorithm to realize information sharing.
In a typical implementation manner, when a certain device node in the system has a DDoS attack, the device node may upload an information summary of DDoS abnormal traffic information to a system server of the block chain protection network system based on a device information sharing intelligent contract. And then, the system server of the blockchain protective network system synchronizes the information summary of the DDoS abnormal flow information to other equipment nodes based on a blockchain consensus algorithm. Meanwhile, a system server of the blockchain protective network system can also select one or more other equipment nodes in the system through an equipment cleaning intelligent contract based on the joint defense request, then send DDoS attack equipment cleaning information to the other equipment nodes, and filter and clean network traffic through the equipment nodes.
In this embodiment, the system server is configured to: receiving a DDoS attack event reported by a device node of a user, and sending a joint defense request to other device nodes in the system; and acquiring the information of the equipment nodes accepting the joint defense, establishing a joint anti-attack equipment group in an instant communication tool based on the instant communication account of the user, acquiring the information of all the equipment nodes accepting the joint defense, adding the equipment nodes as contact objects into the joint anti-attack equipment group to form group members, and generating a visual attack and defense display picture in a group communication interaction interface of the group according to the DDoS attack information and the information of the equipment nodes participating in the joint defense in the group, wherein the attack and defense display picture displays a game role image corresponding to the DDoS attack and a game role corresponding to the equipment nodes participating in the joint defense.
Other technical features refer to the foregoing embodiments, and each component may be configured to perform corresponding information acquisition, information transmission, and information processing processes, which are not described herein again.
It should be noted that, in the present invention, whether a DDoS attack event occurs to a device node may be analyzed based on a traffic state and/or a resource utilization condition of the device node. The specific steps may be as follows: and detecting the traffic state and/or the resource utilization condition of the equipment node. Judging whether the ratio of the average network rate of the equipment nodes to the total system bandwidth and/or the average system resource utilization rate of the equipment nodes is larger than a corresponding normal standard value in a detection time window; the normal standard value refers to the average value of the ratio of the network rate of the system to the total bandwidth of the system and/or the average resource utilization rate of the system under the condition of no attack. And when the value is larger than the normal standard value, judging that the DDoS attack event occurs on the equipment node.
Of course, other methods in the prior art may also be used to determine whether the device node is attacked by DDoS, which is not described herein again.
In the foregoing description, the disclosure of the present invention is not intended to limit itself to these aspects. Rather, the various components may be selectively and operatively combined in any number within the intended scope of the present disclosure. In addition, terms like "comprising," "including," and "having" should be interpreted as inclusive or open-ended, rather than exclusive or closed-ended, by default, unless explicitly defined to the contrary. All technical, scientific, or other terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs unless defined otherwise. Common terms found in dictionaries should not be interpreted too ideally or too realistically in the context of related art documents unless the present disclosure expressly limits them to that. Any changes and modifications of the present invention based on the above disclosure will be within the scope of the appended claims.
Claims (10)
1. A joint anti-attack method combined with a game, characterized by comprising the steps of:
receiving a DDoS attack event reported by a device node of a user, and sending a joint defense request to other device nodes of a network system where the device node is located; the equipment node in the network system is a user terminal which passes the validity verification of the network system;
acquiring the information of the equipment nodes receiving the joint defense, establishing a joint anti-attack equipment group in an instant messaging tool based on the instant messaging account of the user, acquiring the information of all the equipment nodes receiving the joint defense, and adding the equipment nodes serving as contact objects into the joint anti-attack equipment group to form group members;
and generating a visual attack and defense display picture in a group communication interaction interface of the group according to the DDoS attack information and the information of the equipment nodes participating in the joint defense in the group, wherein the attack and defense display picture displays a game role image corresponding to the DDoS attack and a game role image corresponding to the equipment nodes participating in the joint defense.
2. The method of claim 1, wherein: and setting the size and/or color of a game role image corresponding to the DDoS attack according to the size of the DDoS abnormal flow of the DDoS attack, and setting the size and/or color of the corresponding game role image according to the size of resource information provided by the equipment nodes participating in the joint defense.
3. The method of claim 2, wherein: detecting the unit resource contribution amount of the equipment node participating in the joint defense based on preset unit time, wherein the unit resource contribution amount is the resource amount which is input by the equipment node in unit time and is used for defending the DDoS attack; and converting the unit resource contribution amount into a virtual sub-launch with a corresponding size to the game role image corresponding to the DDoS attack.
4. The method of claim 3, wherein: and acquiring resource idle information of each equipment node in the group based on the time unit, and outputting the resource idle information of the equipment node through an ITEM of a group member corresponding to each equipment node.
5. The method of claim 4, wherein: for each equipment node in the group, calculating the resource index assistance amount of the equipment node capable of participating in joint defense based on a preset resource index unit amount, wherein the resource index assistance amount is equal to a numerical value obtained by dividing the idle resource amount by the resource index unit amount and then rounding.
6. The method of claim 5, wherein: acquiring quotation information of equipment nodes accepting the joint defense, and unifying quotations of the equipment nodes to convert the quotations into unit quotations based on resource index unit quantity; and selecting the equipment nodes needing to participate in the joint defense from the equipment nodes receiving the joint defense by combining the resource index assistance amount and unit quotation of each equipment node.
7. The method of claim 4, wherein: the idle resource information comprises the resource type of the equipment node and the idle resource amount corresponding to the equipment node, a resource index unit amount and a resource index assisting amount are set corresponding to each type of resource, and the resource index assisting amount of each type of resource is equal to the numerical value obtained by dividing the idle resource amount of the type of resource by the corresponding resource index unit amount and then rounding;
setting a node resource index assistance amount corresponding to the equipment node, wherein the node resource index assistance amount is equal to the sum of the resource index assistance amounts of various resources contained in the equipment node; and outputting the node resource index assistance amount of the equipment node and the resource index assistance amount of various resources through the ITEM of the group member.
8. The method of claim 1, wherein: acquiring current equipment node information participating in joint defense, and displaying a general association identifier on a group member ITEM corresponding to the equipment node participating in joint defense on a group member display interface of a joint attack prevention equipment group, wherein the general association identifier is used for fusing or partially fusing the group member ITEM to form a fused ITEM, and outputting the current attack and defense information corresponding to the fused ITEM.
9. A joint anti-attack device combined with a game, characterized by comprising the following structures:
the information acquisition module is used for receiving a DDoS attack event reported by a device node of a user and sending a joint defense request to other device nodes of a network system where the device node is located; the equipment node in the network system is a user terminal which passes the validity verification of the network system;
the group establishing module is used for acquiring the information of the equipment nodes receiving the joint defense, establishing a joint anti-attack equipment group in the instant messaging tool based on the instant messaging account of the user, acquiring the information of all the equipment nodes receiving the joint defense and adding the equipment nodes serving as contact objects into the joint anti-attack equipment group to form group members;
and the attack and defense display module is used for generating a visual attack and defense display picture in a group communication interaction interface of the group according to the DDoS attack information and the equipment node information participating in the joint defense in the group, and the attack and defense display picture displays a game role image corresponding to the DDoS attack and a game role image corresponding to the equipment node participating in the joint defense.
10. A joint anti-attack system combined with a game comprises a system server and at least 2 device nodes, and is characterized in that:
the equipment node is a user terminal which passes the validity verification of the system server and is in communication connection with the system server;
the system server information is configured to: receiving a DDoS attack event reported by a device node of a user, and sending a joint defense request to other device nodes in the system; and acquiring the information of the equipment nodes accepting the joint defense, establishing a joint anti-attack equipment group in an instant communication tool based on the instant communication account of the user, acquiring the information of all the equipment nodes accepting the joint defense, adding the equipment nodes as contact objects into the joint anti-attack equipment group to form group members, and generating a visual attack and defense display picture in a group communication interaction interface of the group according to the DDoS attack information and the information of the equipment nodes participating in the joint defense in the group, wherein the attack and defense display picture displays a game role image corresponding to the DDoS attack and a game role corresponding to the equipment nodes participating in the joint defense.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110857896.5A CN113660221B (en) | 2021-07-28 | 2021-07-28 | Joint anti-attack method, device and system combined with game |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110857896.5A CN113660221B (en) | 2021-07-28 | 2021-07-28 | Joint anti-attack method, device and system combined with game |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113660221A true CN113660221A (en) | 2021-11-16 |
| CN113660221B CN113660221B (en) | 2023-03-14 |
Family
ID=78490765
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110857896.5A Active CN113660221B (en) | 2021-07-28 | 2021-07-28 | Joint anti-attack method, device and system combined with game |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113660221B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114272608A (en) * | 2022-01-24 | 2022-04-05 | 腾讯科技(深圳)有限公司 | Control method, device, terminal, storage medium and program product of virtual role |
| CN114666239A (en) * | 2022-03-21 | 2022-06-24 | 北京永信至诚科技股份有限公司 | Visual display method, device and equipment for network shooting range and readable storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150295948A1 (en) * | 2012-10-23 | 2015-10-15 | Suzanne P. Hassell | Method and device for simulating network resiliance against attacks |
| CN107172085A (en) * | 2017-06-30 | 2017-09-15 | 江苏华信区块链产业研究院有限公司 | Active defense method and node based on the intelligent contract of block chain |
| US10282786B1 (en) * | 2014-05-29 | 2019-05-07 | United Services Automobile Association | Techniques to visualize and gamify risk management services |
| CN111917708A (en) * | 2020-05-31 | 2020-11-10 | 上海纽盾科技股份有限公司 | Multi-target cooperative network security monitoring method, client and system |
| CN112152837A (en) * | 2020-08-14 | 2020-12-29 | 上海纽盾科技股份有限公司 | Method, device and system for realizing intelligent supervision of network security equipment |
| CN112152838A (en) * | 2020-08-14 | 2020-12-29 | 上海纽盾科技股份有限公司 | Intelligent supervision method, device and system for network security equipment |
-
2021
- 2021-07-28 CN CN202110857896.5A patent/CN113660221B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150295948A1 (en) * | 2012-10-23 | 2015-10-15 | Suzanne P. Hassell | Method and device for simulating network resiliance against attacks |
| US10282786B1 (en) * | 2014-05-29 | 2019-05-07 | United Services Automobile Association | Techniques to visualize and gamify risk management services |
| CN107172085A (en) * | 2017-06-30 | 2017-09-15 | 江苏华信区块链产业研究院有限公司 | Active defense method and node based on the intelligent contract of block chain |
| CN111917708A (en) * | 2020-05-31 | 2020-11-10 | 上海纽盾科技股份有限公司 | Multi-target cooperative network security monitoring method, client and system |
| CN112152837A (en) * | 2020-08-14 | 2020-12-29 | 上海纽盾科技股份有限公司 | Method, device and system for realizing intelligent supervision of network security equipment |
| CN112152838A (en) * | 2020-08-14 | 2020-12-29 | 上海纽盾科技股份有限公司 | Intelligent supervision method, device and system for network security equipment |
Non-Patent Citations (2)
| Title |
|---|
| 李俊青等: "蚁群优化在P2P网络防范DDoS攻击中的应用研究", 《计算机应用研究》 * |
| 谢嘉辰等: "基于蚁群优化的DDoS防御技术研究", 《计算机工程》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114272608A (en) * | 2022-01-24 | 2022-04-05 | 腾讯科技(深圳)有限公司 | Control method, device, terminal, storage medium and program product of virtual role |
| CN114272608B (en) * | 2022-01-24 | 2023-07-21 | 腾讯科技(深圳)有限公司 | Virtual character control method, device, terminal, storage medium and program product |
| CN114666239A (en) * | 2022-03-21 | 2022-06-24 | 北京永信至诚科技股份有限公司 | Visual display method, device and equipment for network shooting range and readable storage medium |
| CN114666239B (en) * | 2022-03-21 | 2023-01-20 | 北京永信至诚科技股份有限公司 | Visual display method, device and equipment for network shooting range and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113660221B (en) | 2023-03-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113660221B (en) | Joint anti-attack method, device and system combined with game | |
| US20210352090A1 (en) | Network security monitoring method, network security monitoring device, and system | |
| US11388189B2 (en) | Method for detecting brute force attack and related apparatus | |
| CA2717708C (en) | Multiple-layer chat filter system and method | |
| CN105516080B (en) | The processing method of TCP connection, apparatus and system | |
| CN106453669B (en) | Load balancing method and server | |
| CN106411828B (en) | The method, apparatus and system of quantization defence result | |
| CN103346952B (en) | A kind of method and device adding group | |
| CN112615854B (en) | Terminal access control method, device, access server and storage medium | |
| JP4713524B2 (en) | IP address visualization device, program, and recording medium | |
| CN106506443A (en) | A kind of information inspection method and device | |
| CN113872928A (en) | Method, client and system for obtaining benefits through network security defense | |
| CN113630398B (en) | Joint anti-attack method, client and system in network security | |
| CN113630400B (en) | Communication method, device and system for joint attack prevention in network security | |
| CN108600145A (en) | A kind of method and device of determining ddos attack equipment | |
| WO2019043804A1 (en) | Log analysis device, log analysis method, and computer-readable recording medium | |
| CN109194685A (en) | Man-in-the-middle attack defence policies based on safe game theory | |
| CN115225347B (en) | Method and device for monitoring target range resources | |
| CN114760216B (en) | Method and device for determining scanning detection event and electronic equipment | |
| TWI717454B (en) | Method, device and system for quantifying defense results | |
| EP4131873A1 (en) | Traffic identification method and traffic identification device | |
| CN112714116B (en) | Power dispatching data network terminal network access behavior auditing and monitoring system | |
| CN112134732B (en) | Evidence obtaining method and system for DDoS attack | |
| Curtin et al. | A brute force search of DES keyspace | |
| CN103716199B (en) | Cross protocol P2P security content monitoring method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |