CN100561492C - 网络攻击检测的方法和装置 - Google Patents

网络攻击检测的方法和装置 Download PDF

Info

Publication number
CN100561492C
CN100561492C CNB2006800091644A CN200680009164A CN100561492C CN 100561492 C CN100561492 C CN 100561492C CN B2006800091644 A CNB2006800091644 A CN B2006800091644A CN 200680009164 A CN200680009164 A CN 200680009164A CN 100561492 C CN100561492 C CN 100561492C
Authority
CN
China
Prior art keywords
user system
originating user
router
message
messages
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2006800091644A
Other languages
English (en)
Chinese (zh)
Other versions
CN101147153A (zh
Inventor
J·F·赖尔登
D·M·赞波尼
Y·杜邦彻
R·里斯曼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of CN101147153A publication Critical patent/CN101147153A/zh
Application granted granted Critical
Publication of CN100561492C publication Critical patent/CN100561492C/zh
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)
CNB2006800091644A 2005-03-24 2006-02-21 网络攻击检测的方法和装置 Expired - Fee Related CN100561492C (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP05006462 2005-03-24
EP05006462.5 2005-03-24

Publications (2)

Publication Number Publication Date
CN101147153A CN101147153A (zh) 2008-03-19
CN100561492C true CN100561492C (zh) 2009-11-18

Family

ID=36716621

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2006800091644A Expired - Fee Related CN100561492C (zh) 2005-03-24 2006-02-21 网络攻击检测的方法和装置

Country Status (9)

Country Link
US (1) US20120096548A1 (https=)
EP (1) EP1866725B1 (https=)
JP (1) JP4753264B2 (https=)
KR (1) KR101090815B1 (https=)
CN (1) CN100561492C (https=)
AT (1) ATE485552T1 (https=)
CA (1) CA2600517A1 (https=)
DE (1) DE602006017668D1 (https=)
WO (1) WO2006100613A1 (https=)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5476578B2 (ja) * 2009-01-06 2014-04-23 独立行政法人情報通信研究機構 ネットワーク監視システム及びその方法
CN101719906B (zh) * 2009-11-10 2012-05-30 电子科技大学 一种基于蠕虫传播行为的蠕虫检测方法
US10432587B2 (en) 2012-02-21 2019-10-01 Aventail Llc VPN deep packet inspection
WO2023233582A1 (ja) * 2022-06-01 2023-12-07 日本電信電話株式会社 攻撃検知装置、攻撃検知システム、攻撃検知方法および攻撃検知プログラム

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1330095A1 (en) * 2002-01-18 2003-07-23 Stonesoft Corporation Monitoring of data flow for enhancing network security
CN1450758A (zh) * 2003-05-16 2003-10-22 上海金诺网络安全技术发展股份有限公司 高性能网络入侵检测系统和检测方法
WO2004107706A1 (en) * 2003-05-30 2004-12-09 International Business Machines Corporation Detecting network attacks
WO2005015370A1 (en) * 2003-08-11 2005-02-17 Telecom Italia S.P.A. Method and system for detecting unauthorised use of a communication network
CN1585346A (zh) * 2004-05-28 2005-02-23 南京邮电学院 一种实现诱骗网络数据流重定向的方法

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3618245B2 (ja) * 1999-03-09 2005-02-09 株式会社日立製作所 ネットワーク監視システム
WO2004008700A2 (en) * 2002-07-12 2004-01-22 The Penn State Research Foundation Real-time packet traceback and associated packet marking strategies
JP3794491B2 (ja) * 2002-08-20 2006-07-05 日本電気株式会社 攻撃防御システムおよび攻撃防御方法
JP2004241831A (ja) * 2003-02-03 2004-08-26 Rbec Corp ネットワーク管理システム
JP3828523B2 (ja) * 2003-07-16 2006-10-04 株式会社東芝 不正アクセス防御装置及びプログラム
JP2005051588A (ja) * 2003-07-30 2005-02-24 Matsushita Electric Ind Co Ltd 自動フィルタリング方法、および機器
US7992204B2 (en) * 2004-05-02 2011-08-02 Markmonitor, Inc. Enhanced responses to online fraud
US7748040B2 (en) * 2004-07-12 2010-06-29 Architecture Technology Corporation Attack correlation using marked information
JP4680931B2 (ja) * 2004-10-19 2011-05-11 富士通株式会社 不正アクセスプログラム監視処理方法、不正アクセスプログラム監視プログラムおよび不正アクセスプログラム監視装置
JP4421462B2 (ja) * 2004-12-06 2010-02-24 三菱電機株式会社 不正侵入検知システムおよび管理装置

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1330095A1 (en) * 2002-01-18 2003-07-23 Stonesoft Corporation Monitoring of data flow for enhancing network security
CN1450758A (zh) * 2003-05-16 2003-10-22 上海金诺网络安全技术发展股份有限公司 高性能网络入侵检测系统和检测方法
WO2004107706A1 (en) * 2003-05-30 2004-12-09 International Business Machines Corporation Detecting network attacks
WO2005015370A1 (en) * 2003-08-11 2005-02-17 Telecom Italia S.P.A. Method and system for detecting unauthorised use of a communication network
CN1585346A (zh) * 2004-05-28 2005-02-23 南京邮电学院 一种实现诱骗网络数据流重定向的方法

Also Published As

Publication number Publication date
EP1866725B1 (en) 2010-10-20
DE602006017668D1 (de) 2010-12-02
KR101090815B1 (ko) 2011-12-08
CA2600517A1 (en) 2006-09-28
WO2006100613A1 (en) 2006-09-28
KR20070114155A (ko) 2007-11-29
JP4753264B2 (ja) 2011-08-24
EP1866725A1 (en) 2007-12-19
ATE485552T1 (de) 2010-11-15
US20120096548A1 (en) 2012-04-19
JP2008535304A (ja) 2008-08-28
CN101147153A (zh) 2008-03-19

Similar Documents

Publication Publication Date Title
US11032297B2 (en) DGA behavior detection
US10721243B2 (en) Apparatus, system and method for identifying and mitigating malicious network threats
CN1771709B (zh) 用于产生网络攻击特征标记的方法和装置
US20160241586A1 (en) System and method for monitoring network traffic
US20070097976A1 (en) Suspect traffic redirection
JP2006319982A (ja) 通信ネットワーク内ワーム特定及び不活化方法及び装置
US12126639B2 (en) System and method for locating DGA compromised IP addresses
Lukaseder et al. An sdn-based approach for defending against reflective ddos attacks
JP4259183B2 (ja) 情報処理システム、情報処理装置、プログラム、及び通信ネットワークにおける通信の異常を検知する方法
CN101141396B (zh) 报文处理方法和网络设备
US11153350B2 (en) Determining on-net/off-net status of a client device
Carlinet et al. Analysis of computer infection risk factors based on customer network usage
Salim et al. Preventing ARP spoofing attacks through gratuitous decision packet
CN100561492C (zh) 网络攻击检测的方法和装置
Jin et al. Trigger-based blocking mechanism for access to email-derived phishing URLs with user alert
Selvaraj et al. Enhancing intrusion detection system performance using firecol protection services based honeypot system
Tupakula et al. DoSTRACK: a system for defending against DoS attacks
Ahmed et al. Distributed defense scheme for managing DNS reflection attack in network communication systems
CN114338163A (zh) 互联网的安全处理方法及装置
CN121441519A (zh) 一种基于xdp技术的反测绘方法

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20091118

Termination date: 20190221

CF01 Termination of patent right due to non-payment of annual fee