CN101917450A - Message forwarding method for preventing network attack and gateway - Google Patents

Message forwarding method for preventing network attack and gateway Download PDF

Info

Publication number
CN101917450A
CN101917450A CN2010102708740A CN201010270874A CN101917450A CN 101917450 A CN101917450 A CN 101917450A CN 2010102708740 A CN2010102708740 A CN 2010102708740A CN 201010270874 A CN201010270874 A CN 201010270874A CN 101917450 A CN101917450 A CN 101917450A
Authority
CN
China
Prior art keywords
message
token counter
downlink
uplink
uplink message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2010102708740A
Other languages
Chinese (zh)
Other versions
CN101917450B (en
Inventor
胡玉胜
秦欣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN2010102708740A priority Critical patent/CN101917450B/en
Publication of CN101917450A publication Critical patent/CN101917450A/en
Priority to PCT/CN2011/071597 priority patent/WO2011110079A1/en
Application granted granted Critical
Publication of CN101917450B publication Critical patent/CN101917450B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/565Conversion or adaptation of application format or content
    • H04L67/5651Reducing the amount or size of exchanged application data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention provides a message forwarding method for preventing network attack and a gateway. The method comprises the steps of: when receiving an uplink message sent by a client side, judging whether the uplink message is an ICMP (Internet Control Message Protocol) unreachable message; if the uplink message is not the ICMP unreachable message, completely placing a downlink message token counter; judging whether an uplink message token counter is zero or not, if so, discharging the uplink message; and if not, subtracting one from the uplink message token counter, and forwarding the uplink message to a server end. By adopting the method and the gateway which are provided by the embodiment of the invention, the forwarding process of the uplink and the downlink messages based on flow is monitored through one token mechanism, and the condition of any one-way excessive contraction is prevented.

Description

Prevent the message forwarding method and the gateway of network attack
Technical field
The present invention relates to network attack, relate in particular to a kind of message forwarding method and gateway that prevents network attack.
Background technology
Over Billing (excessively chargeing) is a kind of common network attack mode, its principle is, server on the Internet, utilize the IP address of its client that detects, be connected to come firewall-penetrating by what set up with client, send a large amount of messages to client, cause client by the charging of mistake.At this moment, client can be chargeed more, causes user's complaint.
In order to address this problem, can use QoS assurance technology, carry out descending current limliting at gateway side according to the QoS of client is signatory, the message that exceeds QoS that server end sends like this will be dropped, yet, if signatory QoS is bigger, server end still can send a lot of downlink messages so, and chargeing still has very big error.Therefore; it at present generally is the mode that adopts gateway and fire compartment wall interlock; under this mode; gateway arrives fire compartment wall with the user's online situation by signaling, and fire compartment wall is cleared up the stream that off line user's IP address relates to, fully blocking-up; when the user reuses this IP address; the connection that server is initiated had just been lost efficacy, and message can't be descending, thereby protected the user.But still there is following defective in this mode: 1, for online user, do not have good way blocking-up malice downlink traffic; 2, need the development of the custom interface of gateway device and fire compartment wall, and be difficult between the equipment of different manufacturers, use.
Summary of the invention
The embodiment of the invention provides a kind of message forwarding method and gateway that prevents network attack, charges with the malice that the attack of avoiding the Over Billing that network side initiates causes, and improves terminal use's experience simultaneously.
The above-mentioned purpose of the embodiment of the invention is achieved by the following technical solution:
A kind of message forwarding method that prevents network attack, described method comprises:
When receiving the uplink message of client transmission, judge whether described uplink message is the unreachable message of ICMP;
If described uplink message is not the unreachable message of ICMP, then the downlink message token counter is put full;
Judge whether the uplink message token counter is zero;
If the uplink message token counter is zero, then abandon described uplink message;
If the uplink message token counter is non-vanishing, then described uplink message token counter is subtracted one, and described uplink message is forwarded to server end.
A kind of gateway, described gateway comprises:
Receiving element is used to receive the uplink message that client sends, perhaps the downlink message of server end transmission;
Logical block is used for judging whether described uplink message is the unreachable message of ICMP when described receiving element receives the uplink message of client transmission; And be used for when described uplink message is not the unreachable message of ICMP, judge whether the uplink message token counter is zero;
Processing unit when being used for judged result in described logical block and being described uplink message and not being the unreachable message of ICMP, is put the downlink message token counter full; And when the judged result of described logical block is zero for the uplink message token counter, abandon described uplink message, and be uplink message token counter when non-vanishing perhaps in the judged result of described logical block, described uplink message token counter is subtracted one;
Transmitting element is used for judged result in described logical block and is the uplink message token counter when non-vanishing, and described uplink message is forwarded to server end.
A kind of message forwarding method that prevents network attack, described method comprises:
When receiving the downlink message of server end transmission, the uplink message token counter is put full;
Judge whether the downlink message token counter is zero;
If the downlink message token counter is zero, then abandon described downlink message;
If the downlink message token counter is non-vanishing, then described downlink message token counter is subtracted one, and described downlink message is forwarded to client.Method that the embodiment of the invention provides and gateway by a kind of token mechanism, have been monitored the up-downgoing message forwarding flow process based on stream, have prevented any unidirectional situation of excessively giving out a contract for a project.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, does not constitute limitation of the invention.In the accompanying drawings:
Fig. 1 is applied to the network architecture schematic diagram of gateway for the method for the embodiment of the invention;
Fig. 2 is the method flow diagram of one embodiment of the invention;
Fig. 3 is the method flow diagram of another embodiment of the present invention;
Fig. 4 is the composition frame chart of the gateway of the embodiment of the invention.
Embodiment
For the purpose, technical scheme and the advantage that make the embodiment of the invention is clearer,, the embodiment of the invention is described in further details below in conjunction with embodiment and accompanying drawing.At this, illustrative examples of the present invention and explanation thereof are used to explain the present invention, but not as a limitation of the invention.
Fig. 1 is the network architecture schematic diagram that the message forwarding method that prevents network attack of present embodiment is applied to gateway, please refer to Fig. 1, except comprising gateway GGSN, also comprises client UE and server end Server in this network architecture.In gateway GGSN, can set in advance the number that each uplink message allows Server end downlink message, also promptly set in advance the number of downlink message token counter; Also can be after receiving uplink message, utilize deep message (DPI) ability of resolving to know type of service, and define the number that each uplink message allows Server end downlink message with reference to type of service, the number of downlink message token counter also promptly is set in view of the above, for example can be provided with and to allow the number of downlink message be 5 in the link of HTTP, the for example link of RTSP again, then being provided with and allowing the number of downlink message is 50; Can also after the number that has set in advance the downlink message token counter,, then utilize the DPI ability to know type of service, and the number of above-mentioned downlink message token counter be adjusted with reference to this type of service if receive uplink message.If exceed above-mentioned definition value, just abandon at gateway GGSN, so can block the Server end and ignore under the situation of client end response ability, excessively send message.Same, in this gateway GGSN, also can set in advance the number that each downlink message allows the client uplink message, also promptly set in advance the number of uplink message token counter; Also can utilize deep message (DPI) ability of resolving to know type of service, and define the number that each downlink message allows the client uplink message with reference to type of service, the number of uplink message token counter also promptly is set in view of the above, for example can be provided with and to allow the number of uplink message be 5 in the link of HTTP, the for example link of RTSP again, then being provided with and allowing the number of uplink message is 10; Can also after the number that has set in advance the uplink message token counter,, then utilize the DPI ability to know type of service, and the number of above-mentioned uplink message token counter be adjusted with reference to this type of service if receive downlink message.If exceed this definition value, also abandon at gateway GGSN, can prevent that so the user end to server end from sending too much message.
The flow chart of the message forwarding method that prevents network attack that Fig. 2 and Fig. 3 provide for the embodiment of the invention, this method is applied to gateway, the stream information of setting up in using professional process by monitor client by gateway, TCP (Transmission Control Protocol for example, transmission control protocol) and UDP (User Datagram Protocol, User Datagram Protocol), detect the number of the message of up-downgoing, in the use/downlink message is as token, controls message forwarding.Wherein:
In the message forwarding method that prevents network attack that Fig. 2 provides for the embodiment of the invention, the flow chart when gateway receives the uplink message that client sends please refer to Fig. 2, and this method comprises:
Step 201: judge whether described uplink message is the unreachable message of ICMP;
Wherein, if the descending malice message that occurs, for example server end is ignored the responding ability of client, frequently sends message to client, and then this message probably is the malice message, so then might cause the unreachable message of the up ICMP of appearance.Again for example, the downlink message of bringing in from Server has sent to client, and client is not monitored this port, thinks invalid packet, then holds back a unreachable message of ICMP to Server.
Step 202:, judge then whether the uplink message token counter is zero if described uplink message is not the unreachable message of ICMP;
Wherein, as previously mentioned, present embodiment can be provided with the number of uplink message token counter according to aforementioned three kinds of methods, so that message forwarding situation is counted, if the number of this uplink message token counter is zero, then explanation has sent too much uplink message, should stop up.
Step 203: if the uplink message token counter is zero, then abandon described uplink message, then the downlink message token counter is put full;
Wherein,, need stop uply, then this uplink message can be abandoned because the uplink message token counter is zero.And because up message is arranged, then also the downlink message token counter will be put expires, and expression can allow the smooth and easy of downlink message to pass through, wherein, the downlink message token counter is put full processing also can be placed in the step 202, present embodiment not with this as restriction.
Wherein, as previously mentioned, present embodiment can be provided with the number of downlink message token counter according to aforementioned three kinds of methods, so that message forwarding situation is counted.
Step 204: if the uplink message token counter is non-vanishing, then described uplink message token counter is subtracted one, the downlink message token counter is put expire then, and described uplink message is forwarded to server end.
Wherein, because the uplink message token counter is non-vanishing, then explanation can also continue to send uplink message, then this moment this uplink message is forwarded to server end, simultaneously the uplink message token counter is subtracted one, and the uplink message that expression can send has reduced one.Same, because up message is arranged, then also the downlink message token counter to be put full, expression can allow the smooth and easy of downlink message to pass through, wherein, the downlink message token counter is put full processing also can be placed in the step 202, present embodiment not with this as restriction.
In the present embodiment, according to the judged result of step 201, if the uplink message unreachable message that is ICMP as previously mentioned, illustrates then descendingly the malice message may occur that also promptly forbid converting downlink message with the zero clearing of downlink message token counter this moment.
The method of present embodiment is not only applicable to TCP stream, is applicable to UDP stream too, does not repeat them here.
Under the current state, gateway is as forwarding unit, health status to message flow is not paid close attention to, this has just caused client to receive the malice message inevitably, can only the passive response packet loss in client, and the method that present embodiment provides makes gateway can judge whether message flow is normal, and packet loss before gateway charges has reduced the charging error.
In the message forwarding method that prevents network attack that Fig. 3 provides for the embodiment of the invention, flow chart when gateway receives the downlink message of server end transmission, need to prove, the method of present embodiment can be carried out separately, also can carry out in conjunction with method embodiment illustrated in fig. 2, present embodiment not with this as restriction, and when carrying out, do not limit its sequencing in conjunction with method embodiment illustrated in fig. 2.Please refer to Fig. 3, this method comprises:
Step 301: judge whether the downlink message token counter is zero;
Wherein, as previously mentioned, present embodiment can be provided with the number of downlink message token counter according to aforementioned three kinds of methods, so that message forwarding situation is counted, if the number of this downlink message token counter is zero, then explanation has sent too much downlink message, should stop descending.
Step 302: if the downlink message token counter is zero, then abandon described downlink message, then the uplink message token counter is put full;
Wherein,, need stop descendingly, then this downlink message can be abandoned because the downlink message token counter is zero.And because descending message is arranged, then also the uplink message token counter to be put full, expression can allow the smooth and easy of uplink message to pass through, wherein, the uplink message token counter is put full processing also can when gateway receives the downlink message that server end sends, carry out, present embodiment not with this as restriction.
Wherein, as previously mentioned, present embodiment can be provided with the number of uplink message token counter according to aforementioned three kinds of methods, so that message forwarding situation is counted.
Step 303: if the downlink message token counter is non-vanishing, then described downlink message token counter is subtracted one, the uplink message token counter is put expire then, and described downlink message is forwarded to client.
Wherein, because the downlink message token counter is non-vanishing, then explanation can also continue to send downlink message, then this moment this downlink message is forwarded to client end, simultaneously the downlink message token counter is subtracted one, and the downlink message that expression can send has reduced one.Same, because descending message is arranged, then also the uplink message token counter to be put full, expression can allow the smooth and easy of uplink message to pass through, wherein, the uplink message token counter is put full processing also can when gateway receives the downlink message that server end sends, carry out, present embodiment not with this as restriction.
The method of present embodiment is not only applicable to TCP stream, is applicable to UDP stream too, does not repeat them here.
Under the current state, gateway is as forwarding unit, health status to message flow is not paid close attention to, this has just caused client to receive the malice message inevitably, can only the passive response packet loss in client, and the method that present embodiment provides makes gateway can judge whether message flow is normal, and packet loss before gateway charges has reduced the charging error.
The method that the embodiment of the invention provides, by a kind of token mechanism, monitored up-downgoing message forwarding flow process, by processing to uplink and downlink message flow process based on stream, solve unidirectional problem of carrying out uplink and downlink too much, prevented any unidirectional situation of excessively giving out a contract for a project.Because this mechanism realizes by stream, so can not influence user's normal service delivery.As long as again owing to carrying out a simple counting and judging and to implement this programme that therefore realization is simple.
The composition frame chart of the gateway that Fig. 4 provides for the embodiment of the invention please refer to Fig. 4, and this gateway comprises:
Receiving element 41 is used to receive the uplink message that client sends, perhaps the downlink message of server end transmission;
Wherein, the downlink message that sends of the uplink message that sends of the client that receives of receiving element 41 or server end is transmission control protocol message or User Datagram Protocol message.
Logical block 42 is used for judging whether described uplink message is the unreachable message of ICMP when receiving element 41 receives the uplink message of client transmission; And be used for when described uplink message is not the unreachable message of ICMP, judge whether the uplink message token counter is zero;
Processing unit 43 when being used for judged result in logical block 42 and being described uplink message and not being the unreachable message of ICMP, is put the downlink message token counter full; And when the judged result of logical block 42 is zero for the uplink message token counter, abandon described uplink message, and be uplink message token counter when non-vanishing perhaps in the judged result of logical block 42, described uplink message token counter is subtracted one;
Transmitting element 44 is used for judged result in logical block 42 and is the uplink message token counter when non-vanishing, and described uplink message is forwarded to server end.
In one embodiment, processing unit 43 also be used in the judged result of logical block 42 be, when described uplink message is the unreachable message of ICMP, with the zero clearing of downlink message token counter.
In one embodiment:
Logical block 42 also is used for when receiving element 41 receives the downlink message of server end transmission, judges whether the downlink message token counter is zero;
Processing unit 43 also is used for the uplink message token counter being put full when receiving element 41 receives the downlink message of server end transmission; And when the judged result of logical block 42 is zero for the downlink message token counter, abandon described downlink message, and be downlink message token counter when non-vanishing perhaps in the judged result of logical block 42, described downlink message token counter is subtracted one;
Transmitting element 44 also is used for described downlink message is forwarded to client.
In one embodiment, this gateway also comprises:
Unit 45 is set, is used to set in advance the number of uplink message token counter and the number of downlink message token counter; Perhaps, after receiving element 41 receives the downlink message that uplink message that client sends or server end send, utilize the deep message analytic ability to know type of service, the number of uplink message token counter or the number of downlink message token counter are set with reference to type of service; Perhaps, set in advance the number of uplink message token counter and the number of downlink message token counter, behind the downlink message of uplink message that receives the client transmission or server end transmission, utilize the deep message analytic ability to know type of service, adjust the number of described uplink message token counter or the number of described downlink message token counter according to type of service, carry out the judgement of message amount to offer logical block 42, and offer processing unit 43 and carry out the replacement of numerical value.
Each part of the gateway of present embodiment is respectively applied for each step that realizes preceding method, owing in method embodiment, each step is had been described in detail, does not repeat them here.
The gateway that the embodiment of the invention provides, by a kind of token mechanism, monitored up-downgoing message forwarding flow process, by processing to uplink and downlink message flow process based on stream, solve unidirectional problem of carrying out uplink and downlink too much, prevented any unidirectional situation of excessively giving out a contract for a project.Because this mechanism realizes by stream, so can not influence user's normal service delivery.As long as again owing to carrying out a simple counting and judging and to implement this programme that therefore realization is simple.
Above-described specific embodiment; purpose of the present invention, technical scheme and beneficial effect are further described; institute is understood that; the above only is specific embodiments of the invention; and be not intended to limit the scope of the invention; within the spirit and principles in the present invention all, any modification of being made, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (13)

1. a message forwarding method that prevents network attack is characterized in that, described method comprises:
When receiving the uplink message of client transmission, judge whether described uplink message is the unreachable message of ICMP;
If described uplink message is not the unreachable message of ICMP, then the downlink message token counter is put full;
Judge whether the uplink message token counter is zero;
If the uplink message token counter is zero, then abandon described uplink message;
If the uplink message token counter is non-vanishing, then described uplink message token counter is subtracted one, and described uplink message is forwarded to server end.
2. method according to claim 1 is characterized in that:
If the described uplink message unreachable message that is ICMP is then with the zero clearing of downlink message token counter.
3. method according to claim 1 is characterized in that, described method also comprises:
When receiving the downlink message of server end transmission, the uplink message token counter is put full;
Judge whether the downlink message token counter is zero;
If the downlink message token counter is zero, then abandon described downlink message;
If the downlink message token counter is non-vanishing, then described downlink message token counter is subtracted one, and described downlink message is forwarded to client.
4. method according to claim 3 is characterized in that, described uplink message or described downlink message are transmission control protocol message or User Datagram Protocol message.
5. method according to claim 3 is characterized in that, described method also comprises:
Set in advance the number of uplink message token counter and the number of downlink message token counter; Perhaps
Behind the downlink message of uplink message that receives the client transmission or server end transmission, utilize the deep message analytic ability to know type of service, the number of uplink message token counter or the number of downlink message token counter are set according to type of service; Perhaps
Set in advance the number of uplink message token counter and the number of downlink message token counter, behind the downlink message of uplink message that receives the client transmission or server end transmission, utilize the deep message analytic ability to know type of service, adjust the number of described uplink message token counter or the number of described downlink message token counter according to type of service.
6. a message forwarding method that prevents network attack is characterized in that, described method comprises:
When receiving the downlink message of server end transmission, the uplink message token counter is put full;
Judge whether the downlink message token counter is zero;
If the downlink message token counter is zero, then abandon described downlink message;
If the downlink message token counter is non-vanishing, then described downlink message token counter is subtracted one, and described downlink message is forwarded to client.
7. method according to claim 6 is characterized in that, described downlink message is transmission control protocol message or User Datagram Protocol message.
8. method according to claim 6 is characterized in that, described method also comprises:
Set in advance the number of uplink message token counter and the number of downlink message token counter; Perhaps
Behind the downlink message of uplink message that receives the client transmission or server end transmission, utilize the deep message analytic ability to know type of service, the number of uplink message token counter or the number of downlink message token counter are set according to type of service; Perhaps
Set in advance the number of uplink message token counter and the number of downlink message token counter, behind the downlink message of uplink message that receives the client transmission or server end transmission, utilize the deep message analytic ability to know type of service, adjust the number of described uplink message token counter or the number of described downlink message token counter according to type of service.
9. a gateway is characterized in that, described gateway comprises:
Receiving element is used to receive the uplink message that client sends, perhaps the downlink message of server end transmission;
Logical block is used for judging whether described uplink message is the unreachable message of ICMP when described receiving element receives the uplink message of client transmission; And be used for when described uplink message is not the unreachable message of ICMP, judge whether the uplink message token counter is zero;
Processing unit when being used for judged result in described logical block and being described uplink message and not being the unreachable message of ICMP, is put the downlink message token counter full; And when the judged result of described logical block is zero for the uplink message token counter, abandon described uplink message, and be uplink message token counter when non-vanishing perhaps in the judged result of described logical block, described uplink message token counter is subtracted one;
Transmitting element is used for judged result in described logical block and is the uplink message token counter when non-vanishing, and described uplink message is forwarded to server end.
10. gateway according to claim 9 is characterized in that:
Described processing unit also is used in the judged result of described logical block, when described uplink message is the unreachable message of ICMP, with the zero clearing of downlink message token counter.
11. gateway according to claim 9 is characterized in that:
Described logical block also is used for when described receiving element receives the downlink message of server end transmission, judges whether the downlink message token counter is zero;
Described processing unit also is used for the uplink message token counter being put full when described receiving element receives the downlink message of server end transmission; And when the judged result of described logical block is zero for the downlink message token counter, abandon described downlink message, and be downlink message token counter when non-vanishing perhaps in the judged result of described logical block, described downlink message token counter is subtracted one;
Described transmitting element also is used for described downlink message is forwarded to client.
12. gateway according to claim 11 is characterized in that, the downlink message that uplink message that the client that described receiving element receives sends or server end send is transmission control protocol message or User Datagram Protocol message.
13. gateway according to claim 9 is characterized in that, described gateway also comprises:
The unit is set, is used to set in advance the number of uplink message token counter and the number of downlink message token counter; Perhaps, after described receiving element receives the downlink message that uplink message that client sends or server end send, utilize the deep message analytic ability to know type of service, the number of uplink message token counter or the number of downlink message token counter are set according to type of service; Perhaps, set in advance the number of uplink message token counter and the number of downlink message token counter, behind the downlink message of uplink message that receives the client transmission or server end transmission, utilize the deep message analytic ability to know type of service, adjust the number of described uplink message token counter or the number of described downlink message token counter according to type of service.
CN2010102708740A 2010-08-31 2010-08-31 Message forwarding method for preventing network attack and gateway Active CN101917450B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN2010102708740A CN101917450B (en) 2010-08-31 2010-08-31 Message forwarding method for preventing network attack and gateway
PCT/CN2011/071597 WO2011110079A1 (en) 2010-08-31 2011-03-08 Message forwarding method for avoiding network attacks and gateway

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2010102708740A CN101917450B (en) 2010-08-31 2010-08-31 Message forwarding method for preventing network attack and gateway

Publications (2)

Publication Number Publication Date
CN101917450A true CN101917450A (en) 2010-12-15
CN101917450B CN101917450B (en) 2013-08-07

Family

ID=43324834

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2010102708740A Active CN101917450B (en) 2010-08-31 2010-08-31 Message forwarding method for preventing network attack and gateway

Country Status (2)

Country Link
CN (1) CN101917450B (en)
WO (1) WO2011110079A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011110079A1 (en) * 2010-08-31 2011-09-15 华为技术有限公司 Message forwarding method for avoiding network attacks and gateway
CN103281333A (en) * 2013-06-17 2013-09-04 苏州山石网络有限公司 Forwarding method and device of data flow
CN106301832A (en) * 2015-05-21 2017-01-04 中兴通讯股份有限公司 A kind of method and apparatus of processing system daily record message

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101123492A (en) * 2007-09-06 2008-02-13 杭州华三通信技术有限公司 Method and device for detecting scanning attack
US20090116426A1 (en) * 2007-11-05 2009-05-07 Qualcomm Incorporated Sdu discard mechanisms for wireless communication systems
CN101494639A (en) * 2008-01-25 2009-07-29 华为技术有限公司 Method and apparatus for preventing aggression in packet communication system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101917450B (en) * 2010-08-31 2013-08-07 华为技术有限公司 Message forwarding method for preventing network attack and gateway

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101123492A (en) * 2007-09-06 2008-02-13 杭州华三通信技术有限公司 Method and device for detecting scanning attack
US20090116426A1 (en) * 2007-11-05 2009-05-07 Qualcomm Incorporated Sdu discard mechanisms for wireless communication systems
CN101494639A (en) * 2008-01-25 2009-07-29 华为技术有限公司 Method and apparatus for preventing aggression in packet communication system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011110079A1 (en) * 2010-08-31 2011-09-15 华为技术有限公司 Message forwarding method for avoiding network attacks and gateway
CN103281333A (en) * 2013-06-17 2013-09-04 苏州山石网络有限公司 Forwarding method and device of data flow
CN106301832A (en) * 2015-05-21 2017-01-04 中兴通讯股份有限公司 A kind of method and apparatus of processing system daily record message
CN106301832B (en) * 2015-05-21 2020-04-03 中兴通讯股份有限公司 Method and device for processing system log message

Also Published As

Publication number Publication date
CN101917450B (en) 2013-08-07
WO2011110079A1 (en) 2011-09-15

Similar Documents

Publication Publication Date Title
CN102893640B (en) For the method for transmission policy information between "Policy and Charging Rules Function and service node, system and computer-readable medium
US9240946B2 (en) Message restriction for diameter servers
KR101844755B1 (en) Terminate a charging session for an always on ip connectivity session
JP5088239B2 (en) Congestion control system, boundary gateway device, and congestion control method used therefor
US8797859B2 (en) Reset functions
US10244032B2 (en) Reducing application detection notification traffic
US10924900B2 (en) Charging method and apparatus, and system
RU2015101484A (en) METHOD, NODE, MOBILE TERMINAL AND SYSTEM FOR IDENTIFICATION OF NETWORK Tethering Behavior
JP2015511409A5 (en)
TWI590683B (en) Methods and nodes for managing network resources as well as a corresponding system and computer program
US9820183B2 (en) User plane congestion control
CN103636279A (en) Method and node for controlling bearer related resources as well as a corresponding system and computer program
CA2952269C (en) Method, system and apparatus for monitoring error correction data in media sessions
CN101917450B (en) Message forwarding method for preventing network attack and gateway
EP3105885B1 (en) Integrity control in service chaining
US20100039956A1 (en) Method and system for performing keep-alive monitoring on subscriber sessions
JP4678652B2 (en) P2P traffic monitoring control apparatus and method
CN101355806A (en) Method, apparatus and system for releasing network session
US10123225B1 (en) Time of day-triggered usage monitoring
CN101772194A (en) General packet radio service tunnel user plane path keep-alive method and system
RU2660598C1 (en) Control of overloads in mobile objects
US11513881B2 (en) System and method for detecting, managing and relaying a multimedia communication problem and corresponding execution, checking and rule management entities
CN104580003B (en) Paralleling model P2P scrambling method, apparatus and system
WO2017012648A1 (en) Methods, apparatuses and computer programs for session release in rx interface
Briscoe Internet-Draft BT Intended status: Informational M. Sridharan Expires: January 10, 2013 Microsoft July 09, 2012

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant