CN103368858B - The flow cleaning method that many strategy combinations load and device - Google Patents
The flow cleaning method that many strategy combinations load and device Download PDFInfo
- Publication number
- CN103368858B CN103368858B CN201210096528.4A CN201210096528A CN103368858B CN 103368858 B CN103368858 B CN 103368858B CN 201210096528 A CN201210096528 A CN 201210096528A CN 103368858 B CN103368858 B CN 103368858B
- Authority
- CN
- China
- Prior art keywords
- strategy
- empty
- entity
- combination
- data packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention proposes a kind of flow cleaning method that many strategy combinations load, comprise the steps: that User space agent client Establishment strategy combines, wherein, strategy combination comprises at least one empty strategy, empty strategy comprises one or more entity strategy, and each entity strategy comprises one or more data characteristics; Strategy combination is passed to kernel state by User space agent client; By at least one empty policy registration in strategy combination to processing data packets framework; Processing data packets framework carries out function readjustment to each entity strategy in empty strategy, and communication data packet and at least one empty strategy is compared, and when communication data packet meets the whole entity strategy at least one empty strategy, abandons communication data packet.The present invention also proposes the flow cleaning device that a kind of many strategy combinations load.The present invention utilizes this strategy combination to clean flow, thus meets the application scenarios that multiple tactful complex combination cleans flow, and range of application is wider.
Description
Technical field
The present invention relates to Internet technical field, the flow cleaning method of particularly a kind of many strategy combination loadings and device.
Background technology
Flow cleaning service is available to rents IDC (InternetDataCenter, Internet data center) the government and enterprises client that serves, for the DOS (DenialofService that it is initiated, denial of service) monitoring that/DDOS (DistributedDenialofservice, distributed denial of service attack) attacks, alarm and protection a kind of Network Security Service.This service is monitored in real time to the data traffic entering Customer ID C, and Timeliness coverage comprises the abnormal flow of dos attack.Under the prerequisite not affecting regular traffic, wash abnormal flow.Effectively meet client and successional requirement is operated to IDC.This service simultaneously promotes the observability of customer network flow and the clarity of safe condition by service content such as time notice, analytical statements.
The cleaning framework that daily traffic filtering system often takes filtering policy to judge one by one, thus cause flow only by certain policy filtering, between filtering policy be or relation, do not filter implement flow cleaning by meeting several simultaneously.But business may require more, the multiple tactful complex combination of demand fulfillment just cleans the application scenarios of flow.Traditional traffic filtering method is invalid for such application scenarios.
Traditional flow cleaning system only provides the loading of single strategy, user can load each strategy successively, flow cleaning system cleans flow one by one according to each strategy, thus only support to judge whether to carry out flow cleaning according to single strategy, do not support to judge whether to carry out flow cleaning by multiple strategy combination.
Summary of the invention
Object of the present invention is intended at least solve one of above-mentioned technological deficiency.
For this reason, first object of the present invention is a kind of flow cleaning method providing many strategy combinations to load, and the method can realize the combination of strategy arbitrarily, thus meets multiple filtration enforcement flow cleaning.Second object of the present invention is the flow cleaning device providing many strategy combinations to load.
For achieving the above object, the embodiment of first aspect present invention proposes a kind of flow cleaning method of many strategy combination loadings, comprises the steps:
User space agent client Establishment strategy combines, and wherein, described strategy combination comprises at least one empty strategy, and described empty strategy comprises one or more entity strategy, and each described entity strategy comprises one or more data characteristics;
Described strategy combination is passed to kernel state by described User space agent client;
By at least one empty policy registration described in described strategy combination to processing data packets framework; And
Described processing data packets framework carries out function readjustment to each entity strategy in described empty strategy, and communication data packet and at least one empty strategy described are compared, when described communication data packet meets the whole entity strategy at least one empty strategy described, abandon described communication data packet.
According to the flow cleaning method that many strategy combinations of the embodiment of the present invention load, user can select the strategy combination with multiple strategy, utilize this strategy combination to clean flow, thus meet the application scenarios that multiple tactful complex combination cleans flow, range of application is wider.
The embodiment of second aspect present invention provides a kind of flow cleaning device of many strategy combination loadings, comprise User space agent client, kernel state module and processing data packets framework, wherein, described User space agent client is used for Establishment strategy combination, wherein, described strategy combination comprises at least one empty strategy, and described empty strategy comprises one or more entity strategy, and each described entity strategy comprises one or more data characteristics; Described kernel state module for receiving described strategy combination, and by least one empty policy registration described in described strategy combination to described processing data packets framework; Described processing data packets framework is used for carrying out function readjustment to each entity strategy in described empty strategy, and communication data packet and at least one empty strategy described are compared, when described communication data packet meets the whole entity strategy at least one empty strategy described, abandon described communication data packet.
According to the flow cleaning device that many strategy combinations of the embodiment of the present invention load, user can select the strategy combination with multiple strategy, utilize this strategy combination to clean flow, thus meet the application scenarios that multiple tactful complex combination cleans flow, range of application is wider.
The aspect that the present invention adds and advantage will part provide in the following description, and part will become obvious from the following description, or be recognized by practice of the present invention.
Accompanying drawing explanation
The present invention above-mentioned and/or additional aspect and advantage will become obvious and easy understand from the following description of the accompanying drawings of embodiments, wherein:
Fig. 1 is the flow chart of the flow cleaning method loaded according to many strategy combinations of the embodiment of the present invention;
Fig. 2 is the frame diagram of the flow cleaning method loaded according to many strategy combinations of the embodiment of the present invention;
Fig. 3 is the flow chart of data processing figure of the void strategy according to the embodiment of the present invention; And
Fig. 4 is the schematic diagram of the flow cleaning device loaded according to many strategy combinations of the embodiment of the present invention.
Embodiment
Be described below in detail embodiments of the invention, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has element that is identical or similar functions from start to finish.Being exemplary below by the embodiment be described with reference to the drawings, only for explaining the present invention, and can not limitation of the present invention being interpreted as.
Disclosing hereafter provides many different embodiments or example is used for realizing different structure of the present invention.Of the present invention open in order to simplify, hereinafter the parts of specific examples and setting are described.Certainly, they are only example, and object does not lie in restriction the present invention.In addition, the present invention can in different example repeat reference numerals and/or letter.This repetition is to simplify and clearly object, itself does not indicate the relation between discussed various embodiment and/or setting.In addition, the various specific technique that the invention provides and the example of material, but those of ordinary skill in the art can recognize the property of can be applicable to of other techniques and/or the use of other materials.In addition, fisrt feature described below second feature it " on " structure can comprise the embodiment that the first and second features are formed as directly contact, also can comprise other feature and be formed in embodiment between the first and second features, such first and second features may not be direct contacts.
With reference to description below and accompanying drawing, these and other aspects of embodiments of the invention will be known.Describe at these and in accompanying drawing, specifically disclose some particular implementation in embodiments of the invention, representing some modes of the principle implementing embodiments of the invention, but should be appreciated that the scope of embodiments of the invention is not limited.On the contrary, embodiments of the invention comprise fall into attached claims spirit and intension within the scope of all changes, amendment and equivalent.
The flow cleaning method that the many strategy combinations describing the embodiment of the present invention below with reference to Fig. 1 to Fig. 3 load.
As shown in Figure 1, the flow cleaning method of many strategy combinations loadings of the embodiment of the present invention, comprises the steps:
Step S101: User space agent client Establishment strategy combines.
Strategy combination comprises at least one empty strategy, and wherein, empty strategy comprises one or more entity strategy, and each entity strategy comprises one or more data characteristics.
In one embodiment of the invention, in strategy combination, also comprise entity strategy, and entity strategy does not belong to empty strategy.
In yet another embodiment of the present invention, strategy combination comprises multiple empty strategy, and wherein, multiple empty strategy shares at least one entity strategy.
Step S102: strategy combination is passed to kernel state by User space agent client.
In one embodiment of the invention, empty strategy is passed to kernel state by netlink sockets interface by User space agent client.
Particularly, loading empty strategy is realized by the communication interface mode netlink of kernel state and User space.The policy data packet format of the embodiment of the present invention defines based on netlink socket data-interface.Wherein, message format adopts the individual-layer data message format of similar protocol stack, as shown in table 1.
Table 1
Following three relatively independent levels drawn together by policy data handbag:
Netlink link layer (nlmsghdr): the transmitting-receiving work being responsible for netlink data message.
Service layer (Service_hdr): be responsible for and serve relevant establishment, deletion and the function such as enable.
Strategic layer (Strategyinfo): the establishment of the corresponding strategies of repetition measurement server entity, deletion, amendment and the function such as enable.
In the message structure of service layer and strategic layer, respectively define relevant order ID to instruct foundation, inquiry, amendment and to delete service entities and policy entity.Wherein, service layer's data of message and strategic layer data are resolved by service layer and strategic layer working function and are processed respectively.Table 2 and table 3 respectively illustrate the command type of partial service layer and strategic layer.
CMD_ID | Macrodefinition | Describe |
0x01 | BCS_SVC_CMD_CREATE | Create new service entities |
0x02 | BCS_SVC_CMD_MOD | Amendment service entity information |
0x03 | BCS_SVC_CMD_DEL | Delete service entities |
… | … | … |
Table 2
CMD_ID | Macrodefinition | Describe |
0x01 | BCS_STG_CMD_CREATE | Create new policy entity |
0x02 | BCS_STG_CMD_MOD | Amendment policy entity information |
0x03 | BCS_STG_CMD_DEL | Deletion strategy entity |
… | … | … |
Table 3
Below the process of establishing of strategy combination is described.
First, user can select arbitrarily by if conditional statement, and (with), or (or) strategy combination that forms.
Such as:
Table 4
Then, the strategy combination utilizing User space client user to be specified carries out conversion processing, removes if condition judgment statement, form between outer tactful group for or relation, between strategy group inner strategy for the form of relation.
Due to arbitrarily by if conditional statement, the condition judgment structure that and, or are formed equivalence can convert following form to:
(AandB)||(CandD)
Strategy combination in table 4 can be expressed as (A & B & C) || and (A & B & D) || the form of (E).Wherein, this strategy combination comprises three empty strategies, is respectively (A & B & C), (A & B & D) and (E).A, B, C, D and E are respectively entity strategy.
Can find out, entity strategy E is separately as a strategy, and therefore entity strategy E can not as a part for other empty strategies.Empty strategy (A & B & C) comprises entity strategy A, B and C, and empty strategy (A & B & D) comprises entity strategy A, B and D.Wherein, entity strategy A and B is the shared entity strategy of above-mentioned two empty strategies.
Each empty strategy is passed to kernel state by netlink sockets interface by User space agent client, and kernel state receives each empty strategy successively, resolves according to custom protocol, loads each empty strategy, thus loads strategy combination.When all empty strategies are all transferred to after kernel state sets up complete empty policy entity, then realize the flow cleaning system to user-defined how tactful combination in any.
Step S103: by least one empty policy registration in strategy combination to processing data packets framework.
As shown in Figure 2, by empty at least one in strategy combination policy registration to processing data packets framework.Wherein, processing data packets framework can be SoftIRQ weaken rock bag process framework.
In one embodiment of the invention, because entity strategy can separately as a strategy, and then entity strategy can directly be registered in processing data packets framework.
As from the foregoing, entity strategy and void strategy all can be registered in processing data packets framework.
Step S104: processing data packets framework carries out function readjustment to each entity strategy in empty strategy, and communication data packet and at least one empty strategy are compared, when communication data packet meets the whole entity strategy at least one empty strategy, abandon communication data packet.
When communication data packet is come interim, processing data packets framework carries out function readjustment to strategy.As shown in Figure 2, processing data packets framework to empty strategy and can be adjusted back as the entity strategy of strategy separately.
Processing data packets framework abandons judgement according to adjusting back the strategy obtained to communication data packet.If communication data packet meets the whole entity strategies at least one empty strategy, then abandon logical packet.Such as, strategy combination is (A & B & C) || (A & B & D) || and (E), if communication data packet meets whole entity strategy A, B and C in empty strategy (A & B & C), then will abandon this communication data packet.
When not meeting any one the entity strategy at least one empty strategy when communication data packet, then protocol stack is sent to process this communication data packet.
In one embodiment of the invention, when the empty strategy of deletion one, the entity strategy that this empty strategy comprises will no longer work, thus meet the use habit of user.
The flow chart of data processing of empty strategy is described below with reference to Fig. 3.
Step S301: by the tactful processing function entrance of void, judges whether empty strategy activates, and if so, then performs step S302, otherwise performs step S305.
Step S302: judge whether entity strategy in addition, if had, then performs step S303, otherwise performs step S305.
Step S303: call entity strategy bag process function.
Step S304: judge whether entity strategy returns and abandon communication data packet, if so, then return and perform step S302, otherwise perform step S305.
Step S305: communication data packet filtering statistical.
Step S306: judge whether to abandon communication data packet according to empty strategy, if so, then performs step S307, otherwise performs step S308.
If communication data packet meets the whole entity strategies in empty strategy, then perform step S307, otherwise perform step S308.
Step S307: return and abandon communication data packet.
Step S308: return received communication packet.
Being comprised by communication data transfers to protocol stack to process.
According to the flow cleaning method that many strategy combinations of the embodiment of the present invention load, user can select the strategy combination with multiple strategy, utilize this strategy combination to clean flow, thus meet the application scenarios that multiple tactful complex combination cleans flow, range of application is wider.
The flow cleaning device 400 loaded according to many strategy combinations of the embodiment of the present invention is described below with reference to Fig. 4.
As shown in Figure 4, the flow cleaning device 400 that many strategy combinations of the embodiment of the present invention load comprises User space agent client 410, kernel state module 420 and processing data packets framework 430.
User space agent client 410 is for Establishment strategy combination, and wherein strategy combination comprises at least one empty strategy.Empty strategy comprises one or more entity strategy, and each entity strategy comprises one or more data characteristics.Wherein, empty strategy is passed to kernel state module 420 by netlink sockets interface by User space agent client 410.
In one embodiment of the invention, in strategy combination, also comprise entity strategy, and entity strategy does not belong to empty strategy.
In yet another embodiment of the present invention, strategy combination comprises multiple empty strategy, and wherein multiple virtual policy shares at least one entity strategy.
Kernel state module 420 for receiving strategy combination, and by least one empty policy registration in strategy combination to processing data packets framework 430.
Particularly, loading empty strategy is realized by the communication interface mode netlink of kernel state and User space.The policy data packet format of the embodiment of the present invention defines based on netlink socket data-interface.Wherein, message format adopts the individual-layer data message format of similar protocol stack.
Following three relatively independent levels drawn together by policy data handbag:
Netlink link layer (nlmsghdr): the transmitting-receiving work being responsible for netlink data message.
Service layer (Service_hdr): be responsible for and serve relevant establishment, deletion and the function such as enable.
Strategic layer (Strategyinfo): the establishment of the corresponding strategies of repetition measurement server entity, deletion, amendment and the function such as enable.
In the message structure of service layer and strategic layer, respectively define relevant order ID to instruct foundation, inquiry, amendment and to delete service entities and policy entity.Wherein, service layer's data of message and strategic layer data are resolved by service layer and strategic layer working function and are processed respectively.
Below the process of establishing of strategy combination is described.
First, user can select arbitrarily by if conditional statement, and (with), or (or) strategy combination that forms.Then, the strategy combination utilizing User space agent client 410 user to be specified carries out conversion processing, removes if condition judgment statement, form between outer tactful group for or relation, between strategy group inner strategy for the form of relation.
Due to arbitrarily by if conditional statement, the condition judgment structure that and, or are formed equivalence can convert following form to:
(AandB)||(CandD)
Such as: strategy combination is (A & B & C) || (A & B & D) || the form of (E).Wherein, this strategy combination comprises three empty strategies, is respectively (A & B & C), (A & B & D) and (E).A, B, C, D and E are respectively entity strategy.
Can find out, entity strategy E is separately as a strategy, and therefore entity strategy E can not as a part for other empty strategies.Empty strategy (A & B & C) comprises entity strategy A, B and C, and empty strategy (A & B & D) comprises entity strategy A, B and D.Wherein, entity strategy A and B is the shared entity strategy of above-mentioned two empty strategies.
Each empty strategy is passed to kernel state module 420 by netlink sockets interface by User space agent client 410, kernel state module 420 receives each empty strategy successively, resolve according to custom protocol, load each empty strategy, thus loading strategy combination, until all empty strategies are all transferred to kernel state module 420 set up complete empty policy entity.
As shown in Figure 2, kernel state module 420 by empty at least one in strategy combination policy registration to processing data packets framework 430.Wherein, processing data packets framework 430 can be SoftIRQ weaken rock bag process framework.
In one embodiment of the invention, because entity strategy can separately as a strategy, and then entity strategy can directly be registered in processing data packets framework 430.
As from the foregoing, entity strategy and void strategy all can be registered in processing data packets framework 430.
Processing data packets framework 430 is for carrying out function readjustment to each entity strategy in empty strategy, and communication data packet and at least one empty strategy are compared, the whole entity strategies met at least one empty strategy when communication data packet abandon communication data packet.
When communication data packet is come interim, processing data packets framework 430 carries out function readjustment to strategy.Processing data packets framework 430 to empty strategy and can be adjusted back as the entity strategy of strategy separately.
Processing data packets framework 430 abandons judgement according to adjusting back the strategy obtained to communication data packet.If communication data packet meets the whole entity strategies at least one empty strategy, then abandon logical packet.Such as, strategy combination is (A & B & C) || (A & B & D) || and (E), if communication data packet meets whole entity strategy A, B and C in empty strategy (A & B & C), then will abandon this communication data packet.
When not meeting any one the entity strategy at least one empty strategy when communication data packet, then this communication data packet sends to protocol stack to process by processing data packets framework 430.
In one embodiment of the invention, when the empty strategy of deletion one, the entity strategy that this empty strategy comprises will no longer work, thus meet the use habit of user.
According to the flow cleaning device that many strategy combinations of the embodiment of the present invention load, user can select the strategy combination with multiple strategy, utilize this strategy combination to clean flow, thus meet the application scenarios that multiple tactful complex combination cleans flow, range of application is wider.
Describe and can be understood in flow chart or in this any process otherwise described or method, represent and comprise one or more for realizing the module of the code of the executable instruction of the step of specific logical function or process, fragment or part, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can not according to order that is shown or that discuss, comprise according to involved function by the mode while of basic or by contrary order, carry out n-back test, this should understand by embodiments of the invention person of ordinary skill in the field.
In flow charts represent or in this logic otherwise described and/or step, such as, the sequencing list of the executable instruction for realizing logic function can be considered to, may be embodied in any computer-readable medium, for instruction execution system, device or equipment (as computer based system, comprise the system of processor or other can from instruction execution system, device or equipment instruction fetch and perform the system of instruction) use, or to use in conjunction with these instruction execution systems, device or equipment.With regard to this specification, " computer-readable medium " can be anyly can to comprise, store, communicate, propagate or transmission procedure for instruction execution system, device or equipment or the device that uses in conjunction with these instruction execution systems, device or equipment.The example more specifically (non-exhaustive list) of computer-readable medium comprises following: the electrical connection section (electronic installation) with one or more wiring, portable computer diskette box (magnetic device), random access memory (RAM), read-only memory (ROM), erasablely edit read-only memory (EPROM or flash memory), fiber device, and portable optic disk read-only memory (CDROM).In addition, computer-readable medium can be even paper or other suitable media that can print described program thereon, because can such as by carrying out optical scanner to paper or other media, then carry out editing, decipher or carry out process with other suitable methods if desired and electronically obtain described program, be then stored in computer storage.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, multiple step or method can with to store in memory and the software performed by suitable instruction execution system or firmware realize.Such as, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: the discrete logic with the logic gates for realizing logic function to data-signal, there is the application-specific integrated circuit (ASIC) of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is that the hardware that can carry out instruction relevant by program completes, described program can be stored in a kind of computer-readable recording medium, this program perform time, step comprising embodiment of the method one or a combination set of.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, also can be that the independent physics of unit exists, also can be integrated in a module by two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and the form of software function module also can be adopted to realize.If described integrated module using the form of software function module realize and as independently production marketing or use time, also can be stored in a computer read/write memory medium.
The above-mentioned storage medium mentioned can be read-only memory, disk or CD etc.
In the description of this specification, specific features, structure, material or feature that the description of reference term " embodiment ", " some embodiments ", " example ", " concrete example " or " some examples " etc. means to describe in conjunction with this embodiment or example are contained at least one embodiment of the present invention or example.In this manual, identical embodiment or example are not necessarily referred to the schematic representation of above-mentioned term.And the specific features of description, structure, material or feature can combine in an appropriate manner in any one or more embodiment or example.
Although illustrate and describe embodiments of the invention, for the ordinary skill in the art, be appreciated that and can carry out multiple change, amendment, replacement and modification to these embodiments without departing from the principles and spirit of the present invention, scope of the present invention is by claims and equivalency thereof.
Claims (10)
1. the flow cleaning method that strategy combination more than loads, is characterized in that, comprise the steps:
User space agent client Establishment strategy combines, and wherein, described strategy combination comprises at least one empty strategy, and described empty strategy comprises one or more entity strategy, and each described entity strategy comprises one or more data characteristics;
Described strategy combination is passed to kernel state by described User space agent client;
By at least one empty policy registration described in described strategy combination to processing data packets framework; And
Described processing data packets framework carries out function readjustment to each entity strategy in described empty strategy, and communication data packet and at least one empty strategy described are compared, when described communication data packet meets the whole entity strategy at least one empty strategy described, abandon described communication data packet.
2. flow cleaning method as claimed in claim 1, is characterized in that, also comprise the steps: also to comprise entity strategy in described strategy combination, and described entity strategy does not belong to described empty strategy.
3. flow cleaning method as claimed in claim 1, is characterized in that, described strategy combination comprises multiple empty strategy, and wherein, described multiple empty strategy shares at least one entity strategy.
4. the flow cleaning method according to any one of claim 1-3, is characterized in that, further comprising the steps of:
When described communication data packet does not meet any one the entity strategy at least one empty strategy described, then protocol stack is sent to process described communication data packet.
5. the flow cleaning method according to any one of claim 1-3, is characterized in that, described empty strategy is passed to described kernel state by netlink sockets interface by described User space agent client.
6. the flow cleaning device that strategy combination more than loads, is characterized in that, comprising: User space agent client, kernel state module and processing data packets framework, wherein,
Described User space agent client is used for Establishment strategy combination, and wherein, described strategy combination comprises at least one empty strategy, and described empty strategy comprises one or more entity strategy, and each described entity strategy comprises one or more data characteristics;
Described kernel state module for receiving described strategy combination, and by least one empty policy registration described in described strategy combination to described processing data packets framework;
Described processing data packets framework is used for carrying out function readjustment to each entity strategy in described empty strategy, and communication data packet and at least one empty strategy described are compared, when described communication data packet meets the whole entity strategy at least one empty strategy described, abandon described communication data packet.
7. flow cleaning device as claimed in claim 6, is characterized in that, also comprise entity strategy in described strategy combination, and described entity strategy does not belong to described empty strategy.
8. flow cleaning device as claimed in claim 6, is characterized in that, described strategy combination comprises multiple empty strategy, and wherein, described multiple empty strategy shares at least one entity strategy.
9. the flow cleaning device according to any one of claim 6-8, it is characterized in that, when described communication data packet does not meet any one the entity strategy at least one empty strategy described, then described communication data packet sends to protocol stack to process by described processing data packets framework.
10. the flow cleaning device according to any one of claim 6-8, is characterized in that, described empty strategy is passed to described kernel state module by netlink sockets interface by described User space agent client.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210096528.4A CN103368858B (en) | 2012-04-01 | 2012-04-01 | The flow cleaning method that many strategy combinations load and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210096528.4A CN103368858B (en) | 2012-04-01 | 2012-04-01 | The flow cleaning method that many strategy combinations load and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103368858A CN103368858A (en) | 2013-10-23 |
CN103368858B true CN103368858B (en) | 2016-01-20 |
Family
ID=49369422
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210096528.4A Active CN103368858B (en) | 2012-04-01 | 2012-04-01 | The flow cleaning method that many strategy combinations load and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103368858B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106534063B (en) * | 2016-09-27 | 2019-11-12 | 上海红阵信息科技有限公司 | A kind of device, method and apparatus encapsulating isomery function equivalence body |
CN106549935A (en) | 2016-09-27 | 2017-03-29 | 上海红阵信息科技有限公司 | A kind of isomery function equivalence body generating means and method |
CN111181910B (en) * | 2019-08-12 | 2021-10-08 | 腾讯科技(深圳)有限公司 | Protection method and related device for distributed denial of service attack |
CN114584391B (en) * | 2022-03-22 | 2024-02-09 | 恒安嘉新(北京)科技股份公司 | Method, device, equipment and storage medium for generating abnormal flow processing strategy |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101404658A (en) * | 2008-10-31 | 2009-04-08 | 北京锐安科技有限公司 | Method and system for detecting bot network |
CN101431449A (en) * | 2008-11-04 | 2009-05-13 | 中国科学院计算技术研究所 | Network flux cleaning system |
CN101447996A (en) * | 2008-12-31 | 2009-06-03 | 成都市华为赛门铁克科技有限公司 | Defending method for distributed service-refusing attack and system and device thereof |
CN102195843A (en) * | 2010-03-02 | 2011-09-21 | 中国移动通信集团公司 | Flow control system and method |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040148520A1 (en) * | 2003-01-29 | 2004-07-29 | Rajesh Talpade | Mitigating denial of service attacks |
-
2012
- 2012-04-01 CN CN201210096528.4A patent/CN103368858B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101404658A (en) * | 2008-10-31 | 2009-04-08 | 北京锐安科技有限公司 | Method and system for detecting bot network |
CN101431449A (en) * | 2008-11-04 | 2009-05-13 | 中国科学院计算技术研究所 | Network flux cleaning system |
CN101447996A (en) * | 2008-12-31 | 2009-06-03 | 成都市华为赛门铁克科技有限公司 | Defending method for distributed service-refusing attack and system and device thereof |
CN102195843A (en) * | 2010-03-02 | 2011-09-21 | 中国移动通信集团公司 | Flow control system and method |
Also Published As
Publication number | Publication date |
---|---|
CN103368858A (en) | 2013-10-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101019403B (en) | Resource access filtering system and method | |
CN103959712B (en) | Time control in large-scale firewall cluster | |
CN104601597B (en) | Device and method for Firewall Group collected state data sharing | |
CN102724189B (en) | A kind of method and device controlling user URL access | |
CN103368858B (en) | The flow cleaning method that many strategy combinations load and device | |
CN106452955B (en) | A kind of detection method and system of abnormal network connection | |
US20070195776A1 (en) | System and method for channeling network traffic | |
CN102170424A (en) | Mobile medium safety protection system based on three-level security architecture | |
CN109714206A (en) | Electric power monitoring system Generating Network Topology Map, network bus topological diagram | |
CN105407099A (en) | Authentication Sharing In A Firewall Cluster | |
CN106020997A (en) | Method and system used for data transmission between virtual machines | |
CN108234657A (en) | A kind of high performance information safe processing system based on Internet of Things | |
CN102484600A (en) | Mobile node assignement to a router in a wpan | |
CN102271331A (en) | Method and system for detecting reliability of service provider (SP) site | |
CN108965006A (en) | A kind of communication reliability improvement method and device | |
US20070036165A1 (en) | Method and Network Element Configured for Limiting the Number of Virtual Local Area Networks Creatable by GVRP | |
CN102801640B (en) | A kind of method and apparatus of message examination & verification | |
Ganesh et al. | On the connectivity and diameter of small-world networks | |
CN107517206A (en) | A kind of method, apparatus of secure communication, computer-readable recording medium and storage control | |
Okimoto et al. | Cyber security problem based on multi-objective distributed constraint optimization technique | |
CN101707535B (en) | Method and device for detecting counterfeit network equipment | |
CN100499599C (en) | Rubbish mail filtration system and method based on email server | |
CN110287390A (en) | Wechat public's account management system and method | |
Hooper | Strategic and intelligent smart grid systems engineering | |
CN113965401B (en) | Message forwarding method and device and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |