CN106230785A - A kind of defence method of the HTTPS Denial of Service attack without private key - Google Patents
A kind of defence method of the HTTPS Denial of Service attack without private key Download PDFInfo
- Publication number
- CN106230785A CN106230785A CN201610576785.6A CN201610576785A CN106230785A CN 106230785 A CN106230785 A CN 106230785A CN 201610576785 A CN201610576785 A CN 201610576785A CN 106230785 A CN106230785 A CN 106230785A
- Authority
- CN
- China
- Prior art keywords
- server
- private key
- https
- denial
- attack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses the defence method of a kind of HTTPS Denial of Service attack without private key, by on the private key server of the transition of operation of private key to a far-end independence, this server can be placed in the framework of website client, allow website possess the exclusive administrative power of private key, so can fully ensure the safety of private key.Secondly, key server adds proving program, allows private key server not only possess the function of encryption and decryption, be also equipped with distinguishing normal discharge and the function of attack traffic.The present invention can not only detect and defend HTTPS Denial of Service attack, and can fully ensure the safety of private key.
Description
Technical field
The present invention relates to the defence method of a kind of HTTPS Denial of Service attack without private key, belong to network security technology neck
Territory.
Background technology
HTTPS is the HTTP passage with safety as target, is briefly the safe version of HTTP.Http protocol is used for
Information is transmitted between Web browser and Website server.Http protocol sends content with clear-text way, does not provide any mode
Data encryption, if assailant has intercepted the transmission message between Web browser and Website server, it is possible to directly understand it
In information.For the safety of data transmission, HTTPS adds ssl protocol on the basis of HTTP, and SSL relies on certificate to test
The identity of card server, and be the communication encryption between browser and server.
But, although the data on flows of HTTP is encrypted by HTTPS, data can be avoided to a certain extent in transmission
During monitored abduction, it is not intended that website is perfectly safe after entering the HTTPS epoch.Assailant depends on
So can study the service conditions of website, initiate SSL/CC attack and the Web application of service layer targetedly to target
Attack.
After website uses HTTPS agreement, from certain angle, it is not meant as the side to launching a offensive and is provided with more
Threshold, on the contrary defender is brought huge challenge.After website uses HTTPS agreement, due to message content data
The most encrypted, therefore guard system can not be carried out safety analysis to the data on flows after encryption, add up and detect, then from
The most also the SSL/CC being mixed in legitimate traffic with regard to None-identified attacks and Web application is attacked.
Accordingly, it would be desirable to a kind of method can being on the defensive for HTTPS Denial of Service attack.Typical defense mechanism is
The system of defense that can open data encryption layer is disposed between website user and server.Website user's being correlated with its SSL
Certificate and private key import in guard system.So, system of defense just can certificate of utility and the private key data to flowing through
It is decrypted analysis and statistics, thus makes a painstaking investigation and find out the query-attack of malice.For legitimate traffic, then pass through re-encrypted
It is transferred to source station server, so can either detect rogue attacks smoothly, also achieve full link encryption simultaneously, ensure data
In transmitting procedure safety.
But, typical scenario may adds additional new risk because importing certificate private key.Private key is no longer possessed in website
Exclusive administrative power, it is impossible to fully ensure the safety of private key.
Accordingly, it would be desirable to the defence method of a kind of HTTPS Denial of Service attack without private key.
Summary of the invention
Goal of the invention: for the deficiency of existing HTTPS refusal service attack defending technology, the present invention provides one more to add
The implementation method of kind defence HTTPS Denial of Service attack, the defence side of a kind of HTTPS Denial of Service attack without private key
Method.
Technical scheme: the defence method of a kind of HTTPS Denial of Service attack without private key, does not the most require that user submits use to
Confirm the key of website identity, but by the private key server of the transition of operation of private key to a far-end independence, this services
Device can be placed in the framework of website client, allows website possess the exclusive administrative power of private key, so can fully ensure private
The safety of key.Secondly, key server adds proving program, allows private key server not only possess the function of encryption and decryption, also
Possess differentiation normal discharge and the function of attack traffic.
Access and aggressive behavior to distinguish normal users, can use identifying code, run JavaScript code etc. many
The mode of kind.In the present invention, illustrate in the way of running JavaScript code.Utilize browser can run JavaScript
The characteristic of code, verifies the normal access of user.And the attacker of hacker is in order to reach the effect attacked, script can be used
Run etc. mode, and non-browser.Being limited by operating system, attacker does not possess operation JavaScript code simultaneously
Characteristic.So certificate server can reach to distinguish normal discharge and the effect of attack traffic.
Utilize the data forwarding capability of proxy server, in conjunction with the characteristic of DNS Protocol, can to domain name arrange CNAME or
Person revises A record, to reach to hide the effect of IP address, source station.The route of data is pointed to, has and well control effect.
ADS equipment mainly plays black and white lists function, for clearance and the attack traffic of normal stream amount
Filtration.In actual applications, ADS equipment is except playing the function of black and white lists, it is also possible to resist other kinds of refusal clothes
Business is attacked, and has the highest practical value.
Without the defence method of the HTTPS Denial of Service attack of private key, idiographic flow is:
Step 01, normal users accesses domain name or hacker and domain name is initiated HTTPS Denial of Service attack, carries out domain name solution
Analysis;
Step 02, dns server returns to the IP address of proxy web-server on proxy server;
Step 03, the attack message that user normally accesses message or hacker sends, through ADS equipment Inspection;
Step 04, if ADS equipment judges that source IP, in white list, the most directly lets pass;
Step 05, proxy server directly forwards request data to arrive Web server;
Step 06, Web server returns response data to user, and now user can normally access;
Step 07, if ADS equipment judge source IP not in white list, then amendment purpose IP be proxy authenticating server
IP address;
Step 08, proxy server then forwards request data to arrive certificate server;
Step 09, the proving program one section of JavaScript code of structure on certificate server, there is response data
In Cookie, the browser returning to user is verified;
Step 10, user browser, according to the JavaScript code in Cookie, runs out a numerical value, issues certification
Server;
Step 11, certificate server, issuing ADS equipment by the IP address of certification, is added white list by ADS equipment, this
Time user's subsequent access jump directly to step 04;
Step 12, if ADS equipment judges that source IP, in blacklist, the most directly abandons;
Step 13, if ADS equipment judge source IP not in blacklist, then amendment purpose IP be proxy authenticating server
IP address;
Step 14, proxy server forwards request data to certificate server;
Step 15, the proving program one section of JavaScript code of structure on certificate server, there is response data
In Cookie, return to the attacker of hacker;
Step 16, the attacker of hacker cannot correctly run JavaScript code, issue certificate server
Cookie is empty or mistake;
Step 17, certificate server, issuing ADS equipment by the IP address of certification, is added black name by ADS equipment
Single, now hacker's follow-on attack behavior jumps directly to step 12.
Beneficial effect: compared with prior art, the defence side of the HTTPS Denial of Service attack without key that the present invention provides
Method, can not only detect and defend HTTPS Denial of Service attack, and can fully ensure the safety of private key.The present invention can answer
For the defence of the Denial of Service attack of all HTTPS servers, it is with a wide range of applications.
Accompanying drawing explanation
Fig. 1 is network topology schematic diagram;
Fig. 2 is normal discharge proof procedure schematic diagram;
Fig. 3 is HTTPS Denial of Service attack flow verification process schematic.
Detailed description of the invention
Below in conjunction with specific embodiment, it is further elucidated with the present invention, it should be understood that these embodiments are merely to illustrate the present invention
Rather than restriction the scope of the present invention, after having read the present invention, the those skilled in the art's various equivalences to the present invention
The amendment of form all falls within the application claims limited range.
Without the defence method of the HTTPS Denial of Service attack of private key, the most do not require that user submits to for confirming website body
The key of part, but by the private key server of the transition of operation of private key to a far-end independence, this server can be placed
In the framework of website client, allow website possess the exclusive administrative power of private key, so can fully ensure the safety of private key.Its
Secondary, key server adds proving program, allows private key server not only possess the function of encryption and decryption, be also equipped with distinguishing normal stream
Amount and the function of attack traffic.
Access and aggressive behavior to distinguish normal users, can use identifying code, run JavaScript code etc. many
The mode of kind.In the present invention, illustrate in the way of running JavaScript code.Utilize browser can run JavaScript
The characteristic of code, verifies the normal access of user.And the attacker of hacker is in order to reach the effect attacked, script can be used
Run etc. mode, and non-browser.Being limited by operating system, attacker does not possess operation JavaScript code simultaneously
Characteristic.So certificate server can reach to distinguish normal discharge and the effect of attack traffic.
Utilize the data forwarding capability of proxy server, in conjunction with the characteristic of DNS Protocol, can to domain name arrange CNAME or
Person revises A record, to reach to hide the effect of IP address, source station.
ADS equipment mainly plays black and white lists function, for clearance and the attack traffic of normal stream amount
Filtration.
As it is shown in figure 1, network topological diagram of the present invention, relate to dns server, ADS equipment and agent equipment.DNS
Server is when domain name is configured with CNAME, the IP address of domain name mapping to proxy server.If domain name configuration A record,
Can directly be resolved to the IP address of proxy server, so can need not dns server.ADS equipment is led in the present invention
The effect wanted is that black and white lists filters, it is also possible to substitute with other firewall boxs with black and white lists function.Agency service
The Main Function of device is exactly proxy web-server and certificate server, refers in particular to act on behalf of 443 ports, actual application in the present invention
In be not limited to 443 ports.Proving program on certificate server is used for constructing Javascript code and the result, and
Result is issued ADS equipment.Certificate server itself includes that private key is managed independently by website, ensures the safety of private key.
As in figure 2 it is shown, the checking flow process that normal users of the present invention accesses.Hypothesis verification mode is to run
JavaScript code, describes flow process as follows:
Step 201, normal users accesses domain name, carries out domain name mapping;
Step 202, dns server returns to the IP address of proxy web-server on proxy server;
Step 203, user normally accesses message, through ADS equipment Inspection;
Step 204, if ADS equipment judges that source IP, in white list, the most directly lets pass;
Step 205, proxy server directly forwards request data to arrive Web server;
Step 206, Web server returns response data to user, and now user can normally access;
Step 207, if ADS equipment judge source IP not in white list, then amendment purpose IP be proxy authenticating server
IP address;
Step 208, proxy server then forwards request data to arrive certificate server;
Step 209, the proving program one section of JavaScript code of structure on certificate server, there is response data
In Cookie, the browser returning to user is verified;
Step 210, user browser, according to the JavaScript code in Cookie, runs out a numerical value, issues and recognize
Card server;
Step 211, certificate server, issuing ADS equipment by the IP address of certification, is added white list by ADS equipment,
Now user's subsequent access jumps directly to step 204;
As it is shown on figure 3, HTTPS Denial of Service attack flow verification process of the present invention.Hypothesis verification mode is fortune
Row JavaScript code, describes flow process as follows:
Step 301, domain name is initiated HTTPS Denial of Service attack, is first carried out domain name mapping by hacker;
Step 302, dns server returns to the IP address of proxy web-server on proxy server;
Step 303, the attack message that hacker sends, through ADS equipment Inspection;
Step 304, if ADS equipment judges that source IP, in blacklist, the most directly abandons;
Step 305, if ADS equipment judge source IP not in blacklist, then amendment purpose IP be proxy authenticating server
IP address;
Step 306, proxy server forwards request data to certificate server;
Step 307, the proving program one section of JavaScript code of structure on certificate server, there is response data
In Cookie, return to the attacker of hacker;
Step 308, the attacker of hacker cannot correctly run JavaScript code, issue certificate server
Cookie is empty or mistake;
Step 309, certificate server, issuing ADS equipment by the IP address of certification, is added black name by ADS equipment
Single, now hacker's follow-on attack behavior jumps directly to step 304.
The defence method of the HTTPS Denial of Service attack without private key that the present invention provides, can apply to finance, government,
Colleges and universities, all conglomeraties such as electricity business website etc., such as, and financial industry, the present invention can be deployed in real network, so may insure that
The safety of financial web site private key, it is also possible to allow website possess the defence capability of HTTPS Denial of Service attack.Not only protect wide
The interests of big banking website, more ensure that the legitimate rights and interests of users, and therefore, this technology has the highest promotional value.
Claims (6)
1. the defence method without the HTTPS Denial of Service attack of private key, it is characterised in that the most do not require that user submits use to
Confirm the key of website identity, but by the private key server of the transition of operation of private key to a far-end independence, this services
Device can be placed in the framework of website client, allows website possess the exclusive administrative power of private key, so can fully ensure private
The safety of key;Secondly, key server adds proving program, allows private key server not only possess the function of encryption and decryption, also
Possess differentiation normal discharge and the function of attack traffic.
2. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that in order to just distinguish
Conventional family accesses and aggressive behavior, uses identifying code or runs the mode of JavaScript code.
3. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that to run
The mode of JavaScript code is distinguished normal users and is accessed and aggressive behavior.
4. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that utilize agency's clothes
The data forwarding capability of business device, in conjunction with the characteristic of DNS Protocol, can arrange CNAME or amendment A record to domain name, to reach
Hide the effect of IP address, source station.
5. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that utilize ADS equipment
Normal stream amount carries out letting pass and filtering attack traffic, i.e. ADS equipment judge source IP whether in its black and white lists,
Thus determine that normal stream amount carries out letting pass and filtering attack traffic.
6. the defence method of the HTTPS Denial of Service attack without private key as claimed in claim 1, it is characterised in that by the behaviour of private key
Transferring on the private key server of a far-end independence, this server is placed in the framework of website client, allows website hold
There is the exclusive administrative power of private key, key server adds proving program, distinguishes normal discharge and attack traffic, it is achieved to normally
The idiographic flow that flow carries out letting pass and filtering attack traffic is:
Step 01, normal users accesses domain name or hacker and domain name is initiated HTTPS Denial of Service attack, carries out domain name mapping;
Step 02, dns server returns to the IP address of proxy web-server on proxy server;
Step 03, the attack message that user normally accesses message or hacker sends, through ADS equipment Inspection;
Step 04, if ADS equipment judges that source IP, in white list, the most directly lets pass;
Step 05, proxy server directly forwards request data to arrive Web server;
Step 06, Web server returns response data to user, and now user can normally access;
Step 07, if ADS equipment judges that source IP not in white list, then revises the IP ground that purpose IP is proxy authenticating server
Location;
Step 08, proxy server then forwards request data to arrive certificate server;
Step 09, the proving program one section of JavaScript code of structure on certificate server, there is the Cookie of response data
In, the browser returning to user is verified;
Step 10, user browser, according to the JavaScript code in Cookie, runs out a numerical value, issues authentication service
Device;
Step 11, certificate server, issuing ADS equipment by the IP address of certification, is added white list by ADS equipment, now uses
Family subsequent access jumps directly to step 04;
Step 12, if ADS equipment judges that source IP, in blacklist, the most directly abandons;
Step 13, if ADS equipment judges that source IP not in blacklist, then revises the IP ground that purpose IP is proxy authenticating server
Location;
Step 14, proxy server forwards request data to certificate server;
Step 15, the proving program one section of JavaScript code of structure on certificate server, there is the Cookie of response data
In, return to the attacker of hacker;
Step 16, the attacker of hacker cannot correctly run JavaScript code, and the Cookie issuing certificate server is
Sky or mistake;
Step 17, certificate server, issuing ADS equipment by the IP address of certification, is added blacklist by ADS equipment, this
Time hacker's follow-on attack behavior jump directly to step 12.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610576785.6A CN106230785A (en) | 2016-07-20 | 2016-07-20 | A kind of defence method of the HTTPS Denial of Service attack without private key |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610576785.6A CN106230785A (en) | 2016-07-20 | 2016-07-20 | A kind of defence method of the HTTPS Denial of Service attack without private key |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106230785A true CN106230785A (en) | 2016-12-14 |
Family
ID=57531049
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610576785.6A Pending CN106230785A (en) | 2016-07-20 | 2016-07-20 | A kind of defence method of the HTTPS Denial of Service attack without private key |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106230785A (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106941505A (en) * | 2017-05-16 | 2017-07-11 | 成都迈瑞科科技有限公司 | A kind of method and its system of defence ddos attacks |
CN106992859A (en) * | 2017-04-11 | 2017-07-28 | 北京奇艺世纪科技有限公司 | A kind of fort machine private key management method and device |
CN107438074A (en) * | 2017-08-08 | 2017-12-05 | 北京神州绿盟信息安全科技股份有限公司 | The means of defence and device of a kind of ddos attack |
CN108418678A (en) * | 2017-02-10 | 2018-08-17 | 贵州白山云科技有限公司 | A kind of method and device of private key secure storage and distribution |
CN108476199A (en) * | 2016-12-23 | 2018-08-31 | 深圳投之家金融信息服务有限公司 | A kind of system and method for detection and defence CC attacks based on token mechanism |
CN108540440A (en) * | 2018-02-02 | 2018-09-14 | 努比亚技术有限公司 | DDOS attack solution, server and computer readable storage medium |
CN110753022A (en) * | 2018-07-24 | 2020-02-04 | 上海来三网络科技有限公司 | DDOS large-traffic defense architecture |
CN113473458A (en) * | 2021-05-10 | 2021-10-01 | 厦门市思芯微科技有限公司 | Equipment access method, data transmission method and computer readable storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101072102A (en) * | 2007-03-23 | 2007-11-14 | 南京联创网络科技有限公司 | Information leakage preventing technology based on safety desktop for network environment |
CN102316082A (en) * | 2010-07-06 | 2012-01-11 | 杭州华三通信技术有限公司 | Method and flow cleaning equipment for defensing website distributed denial of service (DDoS) attack |
CN103247085A (en) * | 2013-05-20 | 2013-08-14 | 北京速通科技有限公司 | Front-mounted electronic toll collection (ETC) on board unit online publication system and method |
CN103685214A (en) * | 2011-10-28 | 2014-03-26 | 通用汽车环球科技运作有限责任公司 | Security access method for automotive electronic control units |
CN103916389A (en) * | 2014-03-19 | 2014-07-09 | 汉柏科技有限公司 | Method for preventing HttpFlood attack and firewall |
CN105162793A (en) * | 2015-09-23 | 2015-12-16 | 上海云盾信息技术有限公司 | Method and apparatus for defending against network attacks |
-
2016
- 2016-07-20 CN CN201610576785.6A patent/CN106230785A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101072102A (en) * | 2007-03-23 | 2007-11-14 | 南京联创网络科技有限公司 | Information leakage preventing technology based on safety desktop for network environment |
CN102316082A (en) * | 2010-07-06 | 2012-01-11 | 杭州华三通信技术有限公司 | Method and flow cleaning equipment for defensing website distributed denial of service (DDoS) attack |
CN103685214A (en) * | 2011-10-28 | 2014-03-26 | 通用汽车环球科技运作有限责任公司 | Security access method for automotive electronic control units |
CN103247085A (en) * | 2013-05-20 | 2013-08-14 | 北京速通科技有限公司 | Front-mounted electronic toll collection (ETC) on board unit online publication system and method |
CN103916389A (en) * | 2014-03-19 | 2014-07-09 | 汉柏科技有限公司 | Method for preventing HttpFlood attack and firewall |
CN105162793A (en) * | 2015-09-23 | 2015-12-16 | 上海云盾信息技术有限公司 | Method and apparatus for defending against network attacks |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108476199A (en) * | 2016-12-23 | 2018-08-31 | 深圳投之家金融信息服务有限公司 | A kind of system and method for detection and defence CC attacks based on token mechanism |
CN108418678A (en) * | 2017-02-10 | 2018-08-17 | 贵州白山云科技有限公司 | A kind of method and device of private key secure storage and distribution |
CN106992859A (en) * | 2017-04-11 | 2017-07-28 | 北京奇艺世纪科技有限公司 | A kind of fort machine private key management method and device |
CN106992859B (en) * | 2017-04-11 | 2020-06-19 | 北京奇艺世纪科技有限公司 | Bastion machine private key management method and device |
CN106941505A (en) * | 2017-05-16 | 2017-07-11 | 成都迈瑞科科技有限公司 | A kind of method and its system of defence ddos attacks |
CN107438074A (en) * | 2017-08-08 | 2017-12-05 | 北京神州绿盟信息安全科技股份有限公司 | The means of defence and device of a kind of ddos attack |
CN108540440A (en) * | 2018-02-02 | 2018-09-14 | 努比亚技术有限公司 | DDOS attack solution, server and computer readable storage medium |
CN110753022A (en) * | 2018-07-24 | 2020-02-04 | 上海来三网络科技有限公司 | DDOS large-traffic defense architecture |
CN113473458A (en) * | 2021-05-10 | 2021-10-01 | 厦门市思芯微科技有限公司 | Equipment access method, data transmission method and computer readable storage medium |
CN113473458B (en) * | 2021-05-10 | 2023-11-17 | 厦门市思芯微科技有限公司 | Device access method, data transmission method and computer readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106230785A (en) | A kind of defence method of the HTTPS Denial of Service attack without private key | |
Stiawan et al. | Investigating brute force attack patterns in IoT network | |
Lipson | Tracking and tracing cyber-attacks: Technical challenges and global policy issues | |
Sinha et al. | Information Security threats and attacks with conceivable counteraction | |
KR100789722B1 (en) | The method and system for preventing malicious code spread using web technology | |
US8516575B2 (en) | Systems, methods, and media for enforcing a security policy in a network including a plurality of components | |
De Ryck et al. | Automatic and precise client-side protection against CSRF attacks | |
Winter et al. | How china is blocking tor | |
Ghafir et al. | Tor-based malware and Tor connection detection | |
Sebbar et al. | Detection MITM attack in multi-SDN controller | |
Chakravarty et al. | Detection and analysis of eavesdropping in anonymous communication networks | |
Hussein et al. | Software-Defined Networking (SDN): the security review | |
Hands et al. | A study on botnets utilizing DNS | |
Nasser et al. | Provably curb man-in-the-middle attack-based ARP spoofing in a local network | |
Gao et al. | A nationwide census on wifi security threats: prevalence, riskiness, and the economics | |
Smyth et al. | SECAP switch—Defeating topology poisoning attacks using P4 data planes | |
Li et al. | Bijack: Breaking bitcoin network with tcp vulnerabilities | |
Izhikevich et al. | Cloud watching: Understanding attacks against cloud-hosted services | |
Moallemi et al. | Information security in the aircraft access to system wide information management infrastructure | |
Nagesh et al. | A survey on denial of service attacks and preclusions | |
Miller et al. | Securing the internet through the detection of anonymous proxy usage | |
Evers et al. | Thirteen years of Tor attacks | |
Jadhav et al. | Detection and mitigation of arp spoofing attack | |
Nasser et al. | An Effective Approach to Detect and Prevent ARP Spoofing Attacks on WLAN. | |
Rajkumar et al. | Evolution for a secured path using NexGen firewalls |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161214 |
|
RJ01 | Rejection of invention patent application after publication |