CN100362802C - Method for combatting rejection service attack - Google Patents
Method for combatting rejection service attack Download PDFInfo
- Publication number
- CN100362802C CN100362802C CNB2004100500511A CN200410050051A CN100362802C CN 100362802 C CN100362802 C CN 100362802C CN B2004100500511 A CNB2004100500511 A CN B2004100500511A CN 200410050051 A CN200410050051 A CN 200410050051A CN 100362802 C CN100362802 C CN 100362802C
- Authority
- CN
- China
- Prior art keywords
- message
- address
- tcp
- udp port
- system equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000012545 processing Methods 0.000 claims abstract description 7
- 239000000284 extract Substances 0.000 claims abstract description 6
- 230000011664 signaling Effects 0.000 claims description 37
- 238000006243 chemical reaction Methods 0.000 claims description 2
- 238000000605 extraction Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 9
- 230000015572 biosynthetic process Effects 0.000 description 9
- 238000005242 forging Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000013519 translation Methods 0.000 description 2
- 230000016571 aggressive behavior Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention provides a method for defending rejection service DOS attack. A system facility records the IP address of a controlled terminal and TCP/UDP port information. The method comprises the steps that after receiving a message, the system facility extracts the IP address and the TCP/UDP port information of the message, and then, the IP address and the TCP/UDP port information are retrieved in terminal information recorded by the system facility; if the IP address and the TCP/UDP port information are retrieved, the message is set into a high priority queue to be processed; else, the message is set into a low priority queue to be processed; besides, the system facility further judges whether the flow capacity of the message set into the high priority queue achieves the set upper limit of the speed rate or not; if true, the message is set into the low priority queue to be processed; else, the current processing is continued. The present invention has the functions that facilities in a VOIP system can defend DOS attack, and the influence on the process of VOIP connection establishment is reduced as much as possible.
Description
Technical field
The present invention relates to VOIP network system security technical field, be meant a kind of method that denial of service (DOS) is attacked of resisting especially.
Background technology
The basic structure of VOIP as shown in Figure 1 system comprises server (Server), acting server (Proxy) and terminal.Dotted line shown in Fig. 1 and solid line are represented the signaling message and the media message that transmit in the VOIP system respectively, and signaling message is handled by server or acting server, is used for controlling the interface channel of setting up Media Stream between the terminal; Media message transmits by the Media Stream interface channel of setting up between terminal and the terminal.Wherein, described server can be Softswitch or gatekeeper's equipment etc., below no longer explanation.
The signaling of VOIP system has adopted open protocol architecture at present, comprises H.323/SIP/MGCP/H.248 agreements such as (Megaco).Wherein, H.323 the code/decode format of agreement employing is the ASN.1 form, the code/decode format that Session Initiation Protocol adopts is the Text Command form of similar HTTP, and the coded format that the MGCP agreement adopts is a text formatting, and H.248 the coded format of (Megaco) agreement employing is ASN.1 or text formatting.
The coding-decoding operation of these protocol massages will consume the ample resources of server CPU, be the CPU of 1 GHz for frequency, approximately can only carry out the coding-decoding operation of the inferior protocol massages of hundreds of a second.When appearance each second more----needed encoding and decoding to handle as surpassing 1000 protocol massages, then server only can be busy with coding-decoding operation, and can't respond other service request again, just described denial of service (DOS, Denial of Service).The ability of the message of PC per second transmission at present is far longer than the order of magnitude of these " hundred times ", even frequency is the PC of 100MHz, can send up to ten thousand messages each second in the 10M network environment.PC sends the difference of message and server encoding and decoding protocol massages quantity, make and be easy to server be initiated dos attack by PC, just utilize rational service request to take the too much resource of server, thereby make server can't respond the service request of other validated users.
From the angle of network configuration, the equal subordinates of equipment such as the server of VOIP system and acting server along with the development of present IP network and popularizing in a large number of PC, make server very easily suffer external attack on the IP network platform.In case VOIP system equipment suffers dos attack, be easy to cause on these equipment operating-system resources to be consumed and totally work as machine, can't respond the normal service request of validated user again.In the NGN network,, will cause large-scale VOIP break in speech communications if work as machine as the server of Softswitch.
At present, be mainly at the dos attack mode of VOIP system: the signaling message of forging different source addresses is attacked, and the signaling message of forging the validated user that has existed is attacked.
Provide the dos attack preventing function on the part fire compartment wall at present, its principle is by the newly-built linking number of the one or more IP address signaling messages in restriction a period of time, resists too much service request, thereby takes precautions against dos attack.When the signaling message of forging different source IP addresss as the assailant carries out dos attack, will send a large amount of signaling messages of forging at short notice, and after fire compartment wall detects a large amount of new connection requests, then start the restriction of connection request quantity is resisted.This mode can be used for resisting the signaling message of forging different source addresses and attack, but, because legal message with forgery all can be blocked at outside the fire compartment wall, the legal signaling message that newly sends over also will be dropped, and can't set up thereby cause new signaling to connect; Nature also can't be set up at the Media Stream interface channel that needs Signalling exchange to consult to set up on the basis, thereby has influenced the foundation of the VOIP communication of validated user.
And when attacking for the signaling message that the assailant forges the connections that existed in a large number, owing to be to utilize the connection that has existed, fire compartment wall has the record of this connection, can think normal message, and make it pass through fire compartment wall, make the message of forging be able to the directtissima server, cause the generation of server DOS.That is to say that fire compartment wall does not still have processing method preferably for this attack at present.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method of resisting dos attack, makes the equipment of VOIP system can resist dos attack, and reduces VOIP is connected the influence of setting up process as far as possible.
Realize the method for resisting the denial of service dos attack of the present invention, need the IP address and the TCP/UDP port information of the system equipment record terminal of administering, and dispose the rate-limit information of corresponding message, further comprising the steps of:
After system equipment receives message, extract the IP address and the TCP/UDP port information of described message, then the IP address and the TCP/UDP port information of the described message of retrieval in the end message that system equipment write down;
If retrieve, system equipment is inserted high-priority queue with described message and is handled; And when the flow of judging described message reaches rate-limit, described message is inserted Low Priority Queuing handle;
If do not retrieve, then system equipment is inserted the Low Priority Queuing processing with described message.
Wherein, the IP address of the described system equipment record terminal of administering and the step of TCP/UDP port information comprise: the log-on message of system equipment receiving terminal, the IP address of extraction terminal and the TCP/UDP port information line item of going forward side by side.
Wherein, described IP address and TCP/UDP port information comprise IP address and the TCP/UDP port information after address-translating device NAT changes.
Wherein, described system equipment is the VOIP system equipment, and described message is the VOIP signaling message.
Wherein, source IP address and source TCP/UDP port and the purpose IP address and the purpose TCP/UDP port information of the Media Stream of foundation consulted in VOIP system equipment record according to the VOIP signaling message, this method further comprises: after the VOIP system equipment receives the VOIP media message, extract source IP address and source TCP/UDP port and the purpose IP address and the purpose TCP/UDP port information of described media message, retrieve this source IP address and source TCP/UDP port and purpose IP address and purpose TCP/UDP port information then in the information of the Media Stream that in the VOIP system equipment, is write down, if retrieve, described media message is received processing, otherwise abandon this media message.
Wherein, it is characterized in that the VOIP system equipment disposes its shared bandwidth to the Media Stream of described foundation, limits this Media Stream flow velocity.
Wherein, described VOIP system equipment is server or acting server.Wherein, described server is Softswitch or gatekeeper's equipment.
By said method as can be seen, the present invention resists the dos attack of forging different source addresses and port signaling message by the IP and the TCP/UDP port of the registration of record terminal to server; And by the flow control to same IP and TCP/UDP port, the dos attack that suppresses to forge already present validated user signaling message; And by adopting the different priorities formation, suspicious message is placed in the Low Priority Queuing, legal message is placed high-priority queue, guarantee the transmission of legal message.And, can also when signaling message is consulted to set up the Media Stream interface channel, write down the IP and the TCP/UDP port that are distributed and filter the Media Stream of forgery, realize strick precaution to the dos attack of Media Stream.
Description of drawings
Fig. 1 is the schematic diagram of VOIP system configuration.
Fig. 2 resists the flow chart of dos attack for the present invention.
Embodiment
In the VOIP system, terminal needs at first to register on the VOIP server, by the user profile such as IP address of VOIP server record terminal, just can carry out the VOIP communication then.When terminal call, the calling of acting server receiving terminal, called address information in the querying server is given called acting server or terminal called with call forward, sets up the VOIP communication between terminal and the terminal.
At first analyze the information of the IP and the TCP/UDP port of terminal in the registration process.Dynamic assignment can be carried out by server in the IP address behind accessing terminal to network, perhaps static allocation is carried out in the IP address to terminal when the network planning.That is to say, in case terminal behind server registration, its IP address just is determined.The employed TCP/UDP source port of signaling protocol determines that also normally used port is UDP 5060 when for example using Session Initiation Protocol simultaneously.Even when using address-translating device (NAT, Network Address Translation) conversion terminal address, also fix at IP address and TCP/UDP port after same source IP address and the source TCP/UDP port translation.In a word, for the server of VOIP system, the terminal of having registered always corresponding definite IP address and TCP/UDP port.
The present invention is write down the IP address and the TCP/UDP port information of terminal in its administration field by acting server, judge that according to the information of record whether the message that receives is from the known terminal in address, to determine whether being legal message, and the legal message that will judge and suspicious message place the formation of different priorities to handle respectively, realizes taking precautions against dos attack.
At first the IP address and the TCP/UDP port information of acting server record terminal carried out brief description below.
In the process of VOIP server registration, the log-on message of terminal can be transmitted to the VOIP server by acting server in terminal.After acting server receives the register command of terminal, write down the log-on message of terminal, comprise the IP address and the TCP/UDP port of terminal at least.If end message is changed via NAT device, then Ji Lu information is the information after the address transition.In addition, can also write down the login state of this terminal to the information of terminal loopback according to server, as registration do not finish, register finish, canceled etc.Therefore whether for the present invention, this process mainly is to be used for obtaining terminal information, rather than calls out, in fact during the log-on message in record endpoint registration process, can not go to comprehend this terminal registration process on server and finish.Above-mentioned terminal information can be recorded in the terminal information table that is provided with on the acting server, and this table content can be as shown in table 1 below.
| Project | Implication |
| IP address of terminal | The IP address of terminal, or through the IP address behind the NAT |
| Terminal prot | The TCP/UDP port that terminal adopts, or through the TCP/UDP port behind the NAT |
| SOT state of termination | The state that terminal is current, comprise registration do not finish, register finish, canceled etc. |
| Rate-limit | Expression allows the maximum stream flow of this terminal signaling message of reception, and when surpassing the flow of this setting, the message of this terminal will reduce priority. |
Table 1
Wherein, the rate-limit in this table is provided with according to the statistical conditions of reality by the keeper, and the different terminals rate corresponding upper limit can be different.
After preserving each terminal information of its compass of competency on the acting server, acting server just can use the information of these records to carry out the strick precaution of dos attack.For the influence that in the process of taking precautions against dos attack, reduces legal terminal call is continued as far as possible, also used the formation of different priorities above-mentioned to handle the message of receiving.The process that dos attack is taken precautions against in the formation of the end message of acting server service recorder and different priorities is elaborated below.
Step 201: after acting server receives certain signaling message, extract IP address and TCP/UDP port, and in terminal information table, retrieve, if retrieve this IP address and corresponding TCP/UDP port information, represent that then this message is from the legal terminal of having registered, this message is inserted high-priority queue, and execution in step 202; Otherwise this message is inserted Low Priority Queuing to be handled.
The present invention is provided with the formation of different priorities on acting server, and will insert high-priority queue from the signaling message of legal address and handle, the address of making a fresh start in the future, just the signaling message of unknown address is inserted Low Priority Queuing and is handled.According to actual conditions, different messages can also be carried out thinner classification, the formation of the more a plurality of different stages of corresponding use is handled respectively.For example, can insert the one-level Priority Queues for the message that is similar to 119 urgent call that identifies handles, the legal message that identifies can be inserted secondary priority query and be handled, the unidentified message that goes out can be inserted three grades of priority queries and be handled, and is actually the factor of having considered other in this case and the formation of setting up.When adopting a plurality of priority query, can adopt weight mechanism to avoid Low Priority Queuing to can not get handling always.For example, weight mechanism can be to use the priority height to handle each formation as weights, guarantees that Low Priority Queuing has certain probability can obtain handling.
By step 201, acting server can identify the different source IP addresss that write down and the signaling message of source TCP/UDP port, and places Low Priority Queuing to handle this class message.In the actual conditions, the gimmick that dos attack is adopted mostly is the attack of forging source IP address greatly, therefore, in this step, detected these Unrecorded messages can be placed Low Priority Queuing to handle, and for the signaling message from known terminal, then can place high-priority queue in time to handle, can not impact legal signaling message processing procedure.
Step 202: whether the signaling message flow of acting server current this source IP address of analysis and TCP/UDP port correspondence arrives the rate-limit of regulation, if, then this message is placed in the Low Priority Queuing, handle otherwise acting server keeps that this message is positioned at high-priority queue.
By step 202, when the flow from the signaling message of same source IP address and TCP/UDP port surpassed rate-limit, its message can be placed in Low Priority Queuing and handle, and can suppress to falsely use the dos attack of normal users signaling message like this.When carrying out this step, though to the call proceeding of the validated user falsely used influential, the more validated users for other then can not exert an influence.
According to the above scheme that provides as can be seen, acting server is when resisting dos attack, adopted identification to source IP address and source TCP/UDP port, and in conjunction with the mode of different priorities formation and rate-limit, take precautions against dos attack, can when taking precautions against dos attack, reduce as far as possible legal customer call and the influence that continues.
In addition, because the Media Stream interface channel is to set up on the basis that Signalling exchange is consulted, that is to say, the acting server of being responsible for the signaling message processing can obtain the information such as address of the Media Stream of being set up, and can also create and safeguard therefore that a medium stream information table shown in table 2 comes recording medium stream relevant information on acting server.
| Project | Implication |
| Source IP address | Source IP address |
| Source port | Source TCP/UDP port |
| Purpose IP address | Purpose IP address |
| Destination interface | Purpose TCP/UDP port |
| Maximum bandwidth | Represent that this Media Stream allows the maximum bandwidth that takies, this value can be used for Media Stream is carried out the restriction of bandwidth |
Table 2
Like this, when acting on behalf of the server reception and transmitting media stream message, at first take out source IP address and source port and the purpose IP address and the destination interface of Media Stream, compare with the corresponding contents in the medium stream information table of preserving, if there are not these information in this table, then show it is illegal Media Stream, can directly refuse; In addition, the bandwidth that also can further take Media Stream limits and resists dos attack.Be forged when carrying out dos attack when certain legal media message like this, though the media message that may cause this Media Stream passage to be forged takes, but because the bandwidth that the Media Stream that transmits this media message is taken limits, therefore can not influence the employed Media Stream passage of other users, just can the communication of other validated users not impacted yet.
Signaling message generally is from fixing source IP address and source TCP/UDP port, is sent to fixing purpose IP address and purpose TCP/UDP port, the relatively good forgery of signaling message, and the dos attack meaning of therefore taking precautions against signaling message is bigger.Media Stream is compared with signaling flow, and the time of existence is generally shorter, and the IP address and the TCP/UDP port information of each Media Stream generally all are different.Therefore if forge already present legal Media Stream, need forge dynamic source IP address and source TCP/UDP port and dynamic purpose IP address and purpose TCP/UDP port simultaneously, difficulty is very big, we can say that from the angle of probability the basic probability of the dos attack of forging already present legal Media Stream is minimum.Even the dos attack of Media Stream has taken place, also can limit this Media Stream by bandwidth control, reduce influence to other validated users.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (8)
1. a method of resisting the denial of service dos attack is characterized in that, system equipment writes down the IP address and the TCP/UDP port information of the terminal of administering, and disposes the rate-limit information of corresponding message, and this method is further comprising the steps of:
After system equipment receives message, extract the IP address and the TCP/UDP port information of described message, then the IP address and the TCP/UDP port information of the described message of retrieval in the end message that system equipment write down;
If retrieve, system equipment is inserted high-priority queue with described message and is handled; And when the flow of judging described message reaches rate-limit, described message is inserted Low Priority Queuing handle;
If do not retrieve, then system equipment is inserted the Low Priority Queuing processing with described message.
2. method according to claim 1, it is characterized in that, the IP address of the described system equipment record terminal of administering and the step of TCP/UDP port information comprise: the log-on message of system equipment receiving terminal, the IP address of extraction terminal and the TCP/UDP port information line item of going forward side by side.
3. method according to claim 1 and 2 is characterized in that, described IP address and TCP/UDP port information comprise IP address and the TCP/UDP port information after the address-translating device NAT conversion.
4. method according to claim 1 and 2 is characterized in that, described system equipment is the VOIP system equipment, and described message is the VOIP signaling message.
5. method according to claim 4, it is characterized in that, source IP address and source TCP/UDP port and the purpose IP address and the purpose TCP/UDP port information of the VOIP system equipment record Media Stream that negotiation is set up according to the VOIP signaling message, this method further comprises:
After the VOIP system equipment receives the VOIP media message, extract source IP address and source TCP/UDP port and the purpose IP address and the purpose TCP/UDP port information of described media message, retrieve source IP address and source TCP/UDP port and the purpose IP address and the purpose TCP/UDP port information of described media message then in the information of the Media Stream that in the VOIP system equipment, is write down, if retrieve, described media message is received processing, otherwise abandon this media message.
6. method according to claim 5 is characterized in that, the VOIP system equipment disposes its shared bandwidth to the Media Stream of described foundation, limits this Media Stream flow velocity.
7. method according to claim 4 is characterized in that, described VOIP system equipment is server or acting server.
8. method according to claim 7 is characterized in that, described server is Softswitch or gatekeeper's equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100500511A CN100362802C (en) | 2004-06-29 | 2004-06-29 | Method for combatting rejection service attack |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100500511A CN100362802C (en) | 2004-06-29 | 2004-06-29 | Method for combatting rejection service attack |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1716868A CN1716868A (en) | 2006-01-04 |
| CN100362802C true CN100362802C (en) | 2008-01-16 |
Family
ID=35822328
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100500511A Expired - Lifetime CN100362802C (en) | 2004-06-29 | 2004-06-29 | Method for combatting rejection service attack |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100362802C (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101917445A (en) * | 2010-08-27 | 2010-12-15 | 电子科技大学 | Method for detecting denial of service attack of number segment in soft switching platform |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE102006004202B4 (en) * | 2006-01-27 | 2008-02-14 | Nec Europe Ltd. | Method for protecting SIP based applications |
| US7721091B2 (en) * | 2006-05-12 | 2010-05-18 | International Business Machines Corporation | Method for protecting against denial of service attacks using trust, quality of service, personalization, and hide port messages |
| CN101106518B (en) * | 2006-07-10 | 2011-10-26 | 中兴通讯股份有限公司 | Service denial method for providing load protection of central processor |
| US8914885B2 (en) * | 2006-11-03 | 2014-12-16 | Alcatel Lucent | Methods and apparatus for delivering control messages during a malicious attack in one or more packet networks |
| CN101001249A (en) * | 2006-12-31 | 2007-07-18 | 华为技术有限公司 | Method and device for preventing IGMP message attack |
| CN100579004C (en) * | 2007-08-08 | 2010-01-06 | 华为技术有限公司 | Method and network device for preventing invalid packet attack |
| CN101483512B (en) * | 2009-02-10 | 2012-05-23 | 中兴通讯股份有限公司 | Packet filtering method and apparatus |
| CN102014110A (en) * | 2009-09-08 | 2011-04-13 | 华为技术有限公司 | Method for authenticating communication flows, communication system and protective device |
| CN102111383A (en) * | 2009-12-28 | 2011-06-29 | 北京安码科技有限公司 | Method for preventing DOS attack by utilizing priority queue |
| WO2014094254A1 (en) * | 2012-12-19 | 2014-06-26 | 华为技术有限公司 | Method, apparatus and network device for monitoring network |
| CN104702560A (en) * | 2013-12-04 | 2015-06-10 | 华为技术有限公司 | Method and device for preventing message attack |
| CN109818773B (en) * | 2017-11-22 | 2021-03-12 | 大唐移动通信设备有限公司 | Communication method and device for network management and managed device |
| CN110120963B (en) * | 2018-02-06 | 2022-08-12 | 斑马智行网络(香港)有限公司 | Data processing method, device, equipment and machine readable medium |
| CN108667831B (en) * | 2018-04-27 | 2021-01-01 | 河海大学常州校区 | DDOS (distributed denial of service) prevention service system easy to deploy and capable of protecting privacy |
| CN112910927B (en) * | 2021-03-19 | 2023-08-15 | 厦门星纵数字科技有限公司 | SIP registration method for defending foreign network attack |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003010548A1 (en) * | 2001-07-26 | 2003-02-06 | International Business Machines Corporation | Guarding against a 'denial-of-service' |
| WO2004012089A1 (en) * | 2002-07-29 | 2004-02-05 | International Business Machines Corporation | Method and apparatus for improving the resilience of content distribution networks to distributed denial of service attacks |
| CN1505308A (en) * | 2002-12-04 | 2004-06-16 | �Ҵ���˾ | Protection against denial of service attacks |
-
2004
- 2004-06-29 CN CNB2004100500511A patent/CN100362802C/en not_active Expired - Lifetime
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003010548A1 (en) * | 2001-07-26 | 2003-02-06 | International Business Machines Corporation | Guarding against a 'denial-of-service' |
| WO2004012089A1 (en) * | 2002-07-29 | 2004-02-05 | International Business Machines Corporation | Method and apparatus for improving the resilience of content distribution networks to distributed denial of service attacks |
| CN1505308A (en) * | 2002-12-04 | 2004-06-16 | �Ҵ���˾ | Protection against denial of service attacks |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101917445A (en) * | 2010-08-27 | 2010-12-15 | 电子科技大学 | Method for detecting denial of service attack of number segment in soft switching platform |
| CN101917445B (en) * | 2010-08-27 | 2013-02-13 | 电子科技大学 | Method for detecting denial of service attack of number segment in soft switching platform |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1716868A (en) | 2006-01-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100362802C (en) | Method for combatting rejection service attack | |
| Arango et al. | Media gateway control protocol (MGCP) version 1.0 | |
| AU2005232263B2 (en) | Method and apparatus for signaling VoIP call based on class of service in VoIP service system | |
| JP3872477B2 (en) | Multiple call system and method through local IP network | |
| US8068413B2 (en) | Overload control method for access media gateway and corresponding access media gateway | |
| US6526377B1 (en) | Virtual presence | |
| US7535993B2 (en) | Call control component employment of one or more criteria for internet protocol call selection for eavesdrop component monitoring | |
| US20070159979A1 (en) | System and method for detection of data traffic on a network | |
| CN102075737A (en) | Video monitoring conversation method | |
| US8082580B1 (en) | Session layer pinhole management within a network security device | |
| CN101690098A (en) | Method and apparatus for providing protocol translation in support of IMS services | |
| CN104168259A (en) | Session manager anti-looping | |
| US7154883B2 (en) | Internet telephone system | |
| CN101904148B (en) | Method and arrangement for network roaming of corporate extension identities | |
| JP2006331015A (en) | Server device protection system | |
| CN101238678A (en) | Security gatekeeper for a packetized voice communication network | |
| US20020112071A1 (en) | System and method for exchanging online information along optimum path | |
| KR101287588B1 (en) | Security System of the SIP base VoIP service | |
| US7729344B2 (en) | Methods and apparatus for controlling signaling associated with a private branch exchange within a session over internet protocol network | |
| CN100502386C (en) | Method for converting static addresses in multiple media system | |
| EP2375649B1 (en) | Number reception method based on media gateway control protocol and media gateway controller | |
| CN100413376C (en) | Method and terminal for increasing communication safety of net generation network terminal | |
| KR20110043373A (en) | Sip dos attack detection and prevention system and method using hidden markov model | |
| CN100452769C (en) | System of soft exchange network passing through firewall based on ALG+MP and its method | |
| CN101552767B (en) | Method, device and system for processing signal tone in media stream |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180426 Address after: California, USA Patentee after: Global innovation polymerization LLC Address before: London, England Patentee before: GW partnership Co.,Ltd. Effective date of registration: 20180426 Address after: London, England Patentee after: GW partnership Co.,Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd. |
|
| CX01 | Expiry of patent term | ||
| CX01 | Expiry of patent term |
Granted publication date: 20080116 |