CN106230785A - A kind of defence method of the HTTPS Denial of Service attack without private key - Google Patents

A kind of defence method of the HTTPS Denial of Service attack without private key Download PDF

Info

Publication number
CN106230785A
CN106230785A CN201610576785.6A CN201610576785A CN106230785A CN 106230785 A CN106230785 A CN 106230785A CN 201610576785 A CN201610576785 A CN 201610576785A CN 106230785 A CN106230785 A CN 106230785A
Authority
CN
China
Prior art keywords
server
private key
https
denial
attack
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610576785.6A
Other languages
Chinese (zh)
Inventor
杨谦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NANJING YXLINK INFORMATION TECHNOLOGIES Co Ltd
Original Assignee
NANJING YXLINK INFORMATION TECHNOLOGIES Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NANJING YXLINK INFORMATION TECHNOLOGIES Co Ltd filed Critical NANJING YXLINK INFORMATION TECHNOLOGIES Co Ltd
Priority to CN201610576785.6A priority Critical patent/CN106230785A/en
Publication of CN106230785A publication Critical patent/CN106230785A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses the defence method of a kind of HTTPS Denial of Service attack without private key, by on the private key server of the transition of operation of private key to a far-end independence, this server can be placed in the framework of website client, allow website possess the exclusive administrative power of private key, so can fully ensure the safety of private key.Secondly, key server adds proving program, allows private key server not only possess the function of encryption and decryption, be also equipped with distinguishing normal discharge and the function of attack traffic.The present invention can not only detect and defend HTTPS Denial of Service attack, and can fully ensure the safety of private key.

Description

A kind of defence method of the HTTPS Denial of Service attack without private key
Technical field
The present invention relates to the defence method of a kind of HTTPS Denial of Service attack without private key, belong to network security technology neck Territory.
Background technology
HTTPS is the HTTP passage with safety as target, is briefly the safe version of HTTP.Http protocol is used for Information is transmitted between Web browser and Website server.Http protocol sends content with clear-text way, does not provide any mode Data encryption, if assailant has intercepted the transmission message between Web browser and Website server, it is possible to directly understand it In information.For the safety of data transmission, HTTPS adds ssl protocol on the basis of HTTP, and SSL relies on certificate to test The identity of card server, and be the communication encryption between browser and server.
But, although the data on flows of HTTP is encrypted by HTTPS, data can be avoided to a certain extent in transmission During monitored abduction, it is not intended that website is perfectly safe after entering the HTTPS epoch.Assailant depends on So can study the service conditions of website, initiate SSL/CC attack and the Web application of service layer targetedly to target Attack.
After website uses HTTPS agreement, from certain angle, it is not meant as the side to launching a offensive and is provided with more Threshold, on the contrary defender is brought huge challenge.After website uses HTTPS agreement, due to message content data The most encrypted, therefore guard system can not be carried out safety analysis to the data on flows after encryption, add up and detect, then from The most also the SSL/CC being mixed in legitimate traffic with regard to None-identified attacks and Web application is attacked.
Accordingly, it would be desirable to a kind of method can being on the defensive for HTTPS Denial of Service attack.Typical defense mechanism is The system of defense that can open data encryption layer is disposed between website user and server.Website user's being correlated with its SSL Certificate and private key import in guard system.So, system of defense just can certificate of utility and the private key data to flowing through It is decrypted analysis and statistics, thus makes a painstaking investigation and find out the query-attack of malice.For legitimate traffic, then pass through re-encrypted It is transferred to source station server, so can either detect rogue attacks smoothly, also achieve full link encryption simultaneously, ensure data In transmitting procedure safety.
But, typical scenario may adds additional new risk because importing certificate private key.Private key is no longer possessed in website Exclusive administrative power, it is impossible to fully ensure the safety of private key.
Accordingly, it would be desirable to the defence method of a kind of HTTPS Denial of Service attack without private key.
Summary of the invention
Goal of the invention: for the deficiency of existing HTTPS refusal service attack defending technology, the present invention provides one more to add The implementation method of kind defence HTTPS Denial of Service attack, the defence side of a kind of HTTPS Denial of Service attack without private key Method.
Technical scheme: the defence method of a kind of HTTPS Denial of Service attack without private key, does not the most require that user submits use to Confirm the key of website identity, but by the private key server of the transition of operation of private key to a far-end independence, this services Device can be placed in the framework of website client, allows website possess the exclusive administrative power of private key, so can fully ensure private The safety of key.Secondly, key server adds proving program, allows private key server not only possess the function of encryption and decryption, also Possess differentiation normal discharge and the function of attack traffic.
Access and aggressive behavior to distinguish normal users, can use identifying code, run JavaScript code etc. many The mode of kind.In the present invention, illustrate in the way of running JavaScript code.Utilize browser can run JavaScript The characteristic of code, verifies the normal access of user.And the attacker of hacker is in order to reach the effect attacked, script can be used Run etc. mode, and non-browser.Being limited by operating system, attacker does not possess operation JavaScript code simultaneously Characteristic.So certificate server can reach to distinguish normal discharge and the effect of attack traffic.
Utilize the data forwarding capability of proxy server, in conjunction with the characteristic of DNS Protocol, can to domain name arrange CNAME or Person revises A record, to reach to hide the effect of IP address, source station.The route of data is pointed to, has and well control effect.
ADS equipment mainly plays black and white lists function, for clearance and the attack traffic of normal stream amount Filtration.In actual applications, ADS equipment is except playing the function of black and white lists, it is also possible to resist other kinds of refusal clothes Business is attacked, and has the highest practical value.
Without the defence method of the HTTPS Denial of Service attack of private key, idiographic flow is:
Step 01, normal users accesses domain name or hacker and domain name is initiated HTTPS Denial of Service attack, carries out domain name solution Analysis;
Step 02, dns server returns to the IP address of proxy web-server on proxy server;
Step 03, the attack message that user normally accesses message or hacker sends, through ADS equipment Inspection;
Step 04, if ADS equipment judges that source IP, in white list, the most directly lets pass;
Step 05, proxy server directly forwards request data to arrive Web server;
Step 06, Web server returns response data to user, and now user can normally access;
Step 07, if ADS equipment judge source IP not in white list, then amendment purpose IP be proxy authenticating server IP address;
Step 08, proxy server then forwards request data to arrive certificate server;
Step 09, the proving program one section of JavaScript code of structure on certificate server, there is response data In Cookie, the browser returning to user is verified;
Step 10, user browser, according to the JavaScript code in Cookie, runs out a numerical value, issues certification Server;
Step 11, certificate server, issuing ADS equipment by the IP address of certification, is added white list by ADS equipment, this Time user's subsequent access jump directly to step 04;
Step 12, if ADS equipment judges that source IP, in blacklist, the most directly abandons;
Step 13, if ADS equipment judge source IP not in blacklist, then amendment purpose IP be proxy authenticating server IP address;
Step 14, proxy server forwards request data to certificate server;
Step 15, the proving program one section of JavaScript code of structure on certificate server, there is response data In Cookie, return to the attacker of hacker;
Step 16, the attacker of hacker cannot correctly run JavaScript code, issue certificate server Cookie is empty or mistake;
Step 17, certificate server, issuing ADS equipment by the IP address of certification, is added black name by ADS equipment Single, now hacker's follow-on attack behavior jumps directly to step 12.
Beneficial effect: compared with prior art, the defence side of the HTTPS Denial of Service attack without key that the present invention provides Method, can not only detect and defend HTTPS Denial of Service attack, and can fully ensure the safety of private key.The present invention can answer For the defence of the Denial of Service attack of all HTTPS servers, it is with a wide range of applications.
Accompanying drawing explanation
Fig. 1 is network topology schematic diagram;
Fig. 2 is normal discharge proof procedure schematic diagram;
Fig. 3 is HTTPS Denial of Service attack flow verification process schematic.
Detailed description of the invention
Below in conjunction with specific embodiment, it is further elucidated with the present invention, it should be understood that these embodiments are merely to illustrate the present invention Rather than restriction the scope of the present invention, after having read the present invention, the those skilled in the art's various equivalences to the present invention The amendment of form all falls within the application claims limited range.
Without the defence method of the HTTPS Denial of Service attack of private key, the most do not require that user submits to for confirming website body The key of part, but by the private key server of the transition of operation of private key to a far-end independence, this server can be placed In the framework of website client, allow website possess the exclusive administrative power of private key, so can fully ensure the safety of private key.Its Secondary, key server adds proving program, allows private key server not only possess the function of encryption and decryption, be also equipped with distinguishing normal stream Amount and the function of attack traffic.
Access and aggressive behavior to distinguish normal users, can use identifying code, run JavaScript code etc. many The mode of kind.In the present invention, illustrate in the way of running JavaScript code.Utilize browser can run JavaScript The characteristic of code, verifies the normal access of user.And the attacker of hacker is in order to reach the effect attacked, script can be used Run etc. mode, and non-browser.Being limited by operating system, attacker does not possess operation JavaScript code simultaneously Characteristic.So certificate server can reach to distinguish normal discharge and the effect of attack traffic.
Utilize the data forwarding capability of proxy server, in conjunction with the characteristic of DNS Protocol, can to domain name arrange CNAME or Person revises A record, to reach to hide the effect of IP address, source station.
ADS equipment mainly plays black and white lists function, for clearance and the attack traffic of normal stream amount Filtration.
As it is shown in figure 1, network topological diagram of the present invention, relate to dns server, ADS equipment and agent equipment.DNS Server is when domain name is configured with CNAME, the IP address of domain name mapping to proxy server.If domain name configuration A record, Can directly be resolved to the IP address of proxy server, so can need not dns server.ADS equipment is led in the present invention The effect wanted is that black and white lists filters, it is also possible to substitute with other firewall boxs with black and white lists function.Agency service The Main Function of device is exactly proxy web-server and certificate server, refers in particular to act on behalf of 443 ports, actual application in the present invention In be not limited to 443 ports.Proving program on certificate server is used for constructing Javascript code and the result, and Result is issued ADS equipment.Certificate server itself includes that private key is managed independently by website, ensures the safety of private key.
As in figure 2 it is shown, the checking flow process that normal users of the present invention accesses.Hypothesis verification mode is to run JavaScript code, describes flow process as follows:
Step 201, normal users accesses domain name, carries out domain name mapping;
Step 202, dns server returns to the IP address of proxy web-server on proxy server;
Step 203, user normally accesses message, through ADS equipment Inspection;
Step 204, if ADS equipment judges that source IP, in white list, the most directly lets pass;
Step 205, proxy server directly forwards request data to arrive Web server;
Step 206, Web server returns response data to user, and now user can normally access;
Step 207, if ADS equipment judge source IP not in white list, then amendment purpose IP be proxy authenticating server IP address;
Step 208, proxy server then forwards request data to arrive certificate server;
Step 209, the proving program one section of JavaScript code of structure on certificate server, there is response data In Cookie, the browser returning to user is verified;
Step 210, user browser, according to the JavaScript code in Cookie, runs out a numerical value, issues and recognize Card server;
Step 211, certificate server, issuing ADS equipment by the IP address of certification, is added white list by ADS equipment, Now user's subsequent access jumps directly to step 204;
As it is shown on figure 3, HTTPS Denial of Service attack flow verification process of the present invention.Hypothesis verification mode is fortune Row JavaScript code, describes flow process as follows:
Step 301, domain name is initiated HTTPS Denial of Service attack, is first carried out domain name mapping by hacker;
Step 302, dns server returns to the IP address of proxy web-server on proxy server;
Step 303, the attack message that hacker sends, through ADS equipment Inspection;
Step 304, if ADS equipment judges that source IP, in blacklist, the most directly abandons;
Step 305, if ADS equipment judge source IP not in blacklist, then amendment purpose IP be proxy authenticating server IP address;
Step 306, proxy server forwards request data to certificate server;
Step 307, the proving program one section of JavaScript code of structure on certificate server, there is response data In Cookie, return to the attacker of hacker;
Step 308, the attacker of hacker cannot correctly run JavaScript code, issue certificate server Cookie is empty or mistake;
Step 309, certificate server, issuing ADS equipment by the IP address of certification, is added black name by ADS equipment Single, now hacker's follow-on attack behavior jumps directly to step 304.
The defence method of the HTTPS Denial of Service attack without private key that the present invention provides, can apply to finance, government, Colleges and universities, all conglomeraties such as electricity business website etc., such as, and financial industry, the present invention can be deployed in real network, so may insure that The safety of financial web site private key, it is also possible to allow website possess the defence capability of HTTPS Denial of Service attack.Not only protect wide The interests of big banking website, more ensure that the legitimate rights and interests of users, and therefore, this technology has the highest promotional value.

Claims (6)

1. the defence method without the HTTPS Denial of Service attack of private key, it is characterised in that the most do not require that user submits use to Confirm the key of website identity, but by the private key server of the transition of operation of private key to a far-end independence, this services Device can be placed in the framework of website client, allows website possess the exclusive administrative power of private key, so can fully ensure private The safety of key;Secondly, key server adds proving program, allows private key server not only possess the function of encryption and decryption, also Possess differentiation normal discharge and the function of attack traffic.
2. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that in order to just distinguish Conventional family accesses and aggressive behavior, uses identifying code or runs the mode of JavaScript code.
3. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that to run The mode of JavaScript code is distinguished normal users and is accessed and aggressive behavior.
4. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that utilize agency's clothes The data forwarding capability of business device, in conjunction with the characteristic of DNS Protocol, can arrange CNAME or amendment A record to domain name, to reach Hide the effect of IP address, source station.
5. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that utilize ADS equipment Normal stream amount carries out letting pass and filtering attack traffic, i.e. ADS equipment judge source IP whether in its black and white lists, Thus determine that normal stream amount carries out letting pass and filtering attack traffic.
6. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that by the behaviour of private key Transferring on the private key server of a far-end independence, this server is placed in the framework of website client, allows website hold There is the exclusive administrative power of private key, key server adds proving program, distinguishes normal discharge and attack traffic, it is achieved to normally The idiographic flow that flow carries out letting pass and filtering attack traffic is:
Step 01, normal users accesses domain name or hacker and domain name is initiated HTTPS Denial of Service attack, carries out domain name mapping;
Step 02, dns server returns to the IP address of proxy web-server on proxy server;
Step 03, the attack message that user normally accesses message or hacker sends, through ADS equipment Inspection;
Step 04, if ADS equipment judges that source IP, in white list, the most directly lets pass;
Step 05, proxy server directly forwards request data to arrive Web server;
Step 06, Web server returns response data to user, and now user can normally access;
Step 07, if ADS equipment judges that source IP not in white list, then revises the IP ground that purpose IP is proxy authenticating server Location;
Step 08, proxy server then forwards request data to arrive certificate server;
Step 09, the proving program one section of JavaScript code of structure on certificate server, there is the Cookie of response data In, the browser returning to user is verified;
Step 10, user browser, according to the JavaScript code in Cookie, runs out a numerical value, issues authentication service Device;
Step 11, certificate server, issuing ADS equipment by the IP address of certification, is added white list by ADS equipment, now uses Family subsequent access jumps directly to step 04;
Step 12, if ADS equipment judges that source IP, in blacklist, the most directly abandons;
Step 13, if ADS equipment judges that source IP not in blacklist, then revises the IP ground that purpose IP is proxy authenticating server Location;
Step 14, proxy server forwards request data to certificate server;
Step 15, the proving program one section of JavaScript code of structure on certificate server, there is the Cookie of response data In, return to the attacker of hacker;
Step 16, the attacker of hacker cannot correctly run JavaScript code, and the Cookie issuing certificate server is Sky or mistake;
Step 17, certificate server, issuing ADS equipment by the IP address of certification, is added blacklist by ADS equipment, this Time hacker's follow-on attack behavior jump directly to step 12.
CN201610576785.6A 2016-07-20 2016-07-20 A kind of defence method of the HTTPS Denial of Service attack without private key Pending CN106230785A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610576785.6A CN106230785A (en) 2016-07-20 2016-07-20 A kind of defence method of the HTTPS Denial of Service attack without private key

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610576785.6A CN106230785A (en) 2016-07-20 2016-07-20 A kind of defence method of the HTTPS Denial of Service attack without private key

Publications (1)

Publication Number Publication Date
CN106230785A true CN106230785A (en) 2016-12-14

Family

ID=57531049

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610576785.6A Pending CN106230785A (en) 2016-07-20 2016-07-20 A kind of defence method of the HTTPS Denial of Service attack without private key

Country Status (1)

Country Link
CN (1) CN106230785A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106941505A (en) * 2017-05-16 2017-07-11 成都迈瑞科科技有限公司 A kind of method and its system of defence ddos attacks
CN106992859A (en) * 2017-04-11 2017-07-28 北京奇艺世纪科技有限公司 A kind of fort machine private key management method and device
CN107438074A (en) * 2017-08-08 2017-12-05 北京神州绿盟信息安全科技股份有限公司 The means of defence and device of a kind of ddos attack
CN108418678A (en) * 2017-02-10 2018-08-17 贵州白山云科技有限公司 A kind of method and device of private key secure storage and distribution
CN108476199A (en) * 2016-12-23 2018-08-31 深圳投之家金融信息服务有限公司 A kind of system and method for detection and defence CC attacks based on token mechanism
CN108540440A (en) * 2018-02-02 2018-09-14 努比亚技术有限公司 DDOS attack solution, server and computer readable storage medium
CN110753022A (en) * 2018-07-24 2020-02-04 上海来三网络科技有限公司 DDOS large-traffic defense architecture
CN113473458A (en) * 2021-05-10 2021-10-01 厦门市思芯微科技有限公司 Equipment access method, data transmission method and computer readable storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101072102A (en) * 2007-03-23 2007-11-14 南京联创网络科技有限公司 Information leakage preventing technology based on safety desktop for network environment
CN102316082A (en) * 2010-07-06 2012-01-11 杭州华三通信技术有限公司 Method and flow cleaning equipment for defensing website distributed denial of service (DDoS) attack
CN103247085A (en) * 2013-05-20 2013-08-14 北京速通科技有限公司 Front-mounted electronic toll collection (ETC) on board unit online publication system and method
CN103685214A (en) * 2011-10-28 2014-03-26 通用汽车环球科技运作有限责任公司 Security access method for automotive electronic control units
CN103916389A (en) * 2014-03-19 2014-07-09 汉柏科技有限公司 Method for preventing HttpFlood attack and firewall
CN105162793A (en) * 2015-09-23 2015-12-16 上海云盾信息技术有限公司 Method and apparatus for defending against network attacks

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101072102A (en) * 2007-03-23 2007-11-14 南京联创网络科技有限公司 Information leakage preventing technology based on safety desktop for network environment
CN102316082A (en) * 2010-07-06 2012-01-11 杭州华三通信技术有限公司 Method and flow cleaning equipment for defensing website distributed denial of service (DDoS) attack
CN103685214A (en) * 2011-10-28 2014-03-26 通用汽车环球科技运作有限责任公司 Security access method for automotive electronic control units
CN103247085A (en) * 2013-05-20 2013-08-14 北京速通科技有限公司 Front-mounted electronic toll collection (ETC) on board unit online publication system and method
CN103916389A (en) * 2014-03-19 2014-07-09 汉柏科技有限公司 Method for preventing HttpFlood attack and firewall
CN105162793A (en) * 2015-09-23 2015-12-16 上海云盾信息技术有限公司 Method and apparatus for defending against network attacks

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108476199A (en) * 2016-12-23 2018-08-31 深圳投之家金融信息服务有限公司 A kind of system and method for detection and defence CC attacks based on token mechanism
CN108418678A (en) * 2017-02-10 2018-08-17 贵州白山云科技有限公司 A kind of method and device of private key secure storage and distribution
CN106992859A (en) * 2017-04-11 2017-07-28 北京奇艺世纪科技有限公司 A kind of fort machine private key management method and device
CN106992859B (en) * 2017-04-11 2020-06-19 北京奇艺世纪科技有限公司 Bastion machine private key management method and device
CN106941505A (en) * 2017-05-16 2017-07-11 成都迈瑞科科技有限公司 A kind of method and its system of defence ddos attacks
CN107438074A (en) * 2017-08-08 2017-12-05 北京神州绿盟信息安全科技股份有限公司 The means of defence and device of a kind of ddos attack
CN108540440A (en) * 2018-02-02 2018-09-14 努比亚技术有限公司 DDOS attack solution, server and computer readable storage medium
CN110753022A (en) * 2018-07-24 2020-02-04 上海来三网络科技有限公司 DDOS large-traffic defense architecture
CN113473458A (en) * 2021-05-10 2021-10-01 厦门市思芯微科技有限公司 Equipment access method, data transmission method and computer readable storage medium
CN113473458B (en) * 2021-05-10 2023-11-17 厦门市思芯微科技有限公司 Device access method, data transmission method and computer readable storage medium

Similar Documents

Publication Publication Date Title
CN106230785A (en) A kind of defence method of the HTTPS Denial of Service attack without private key
Stiawan et al. Investigating brute force attack patterns in IoT network
Lipson Tracking and tracing cyber-attacks: Technical challenges and global policy issues
Sinha et al. Information Security threats and attacks with conceivable counteraction
KR100789722B1 (en) The method and system for preventing malicious code spread using web technology
US8516575B2 (en) Systems, methods, and media for enforcing a security policy in a network including a plurality of components
De Ryck et al. Automatic and precise client-side protection against CSRF attacks
Winter et al. How china is blocking tor
Ghafir et al. Tor-based malware and Tor connection detection
Sebbar et al. Detection MITM attack in multi-SDN controller
Chakravarty et al. Detection and analysis of eavesdropping in anonymous communication networks
Hussein et al. Software-Defined Networking (SDN): the security review
Hands et al. A study on botnets utilizing DNS
Nasser et al. Provably curb man-in-the-middle attack-based ARP spoofing in a local network
Gao et al. A nationwide census on wifi security threats: prevalence, riskiness, and the economics
Smyth et al. SECAP switch—Defeating topology poisoning attacks using P4 data planes
Li et al. Bijack: Breaking bitcoin network with tcp vulnerabilities
Izhikevich et al. Cloud watching: Understanding attacks against cloud-hosted services
Moallemi et al. Information security in the aircraft access to system wide information management infrastructure
Nagesh et al. A survey on denial of service attacks and preclusions
Miller et al. Securing the internet through the detection of anonymous proxy usage
Evers et al. Thirteen years of Tor attacks
Jadhav et al. Detection and mitigation of arp spoofing attack
Nasser et al. An Effective Approach to Detect and Prevent ARP Spoofing Attacks on WLAN.
Rajkumar et al. Evolution for a secured path using NexGen firewalls

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20161214

RJ01 Rejection of invention patent application after publication