CN106657082A - Fast HTTP redirection method - Google Patents
Fast HTTP redirection method Download PDFInfo
- Publication number
- CN106657082A CN106657082A CN201611229900.9A CN201611229900A CN106657082A CN 106657082 A CN106657082 A CN 106657082A CN 201611229900 A CN201611229900 A CN 201611229900A CN 106657082 A CN106657082 A CN 106657082A
- Authority
- CN
- China
- Prior art keywords
- message
- terminal
- server
- tcp
- ack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a fast HTTP redirection method. The method comprises the following steps: step one, a terminal sends a first message of TCP three-way handshake to a server; step two, the server responds a second message of the TCP three-way handshake to the terminal, and a switch mirrors the message to an admission control server; step three, the admission control server sends a HTTP redirection message to the terminal when receiving the message mirrored in the step two; step four, the terminal receives the second message of the TCP three-way handshake responded by the server, and sends a third message of the TCP three-way handshake to the server; step five, the terminal receives the HTTP redirection message sent by the step three, and stores the same in the TCP cache; step six: the terminal sends a HTTP request to the server and waits the HTTP response; step seven, the terminal takes out the HTTP redirection message received in the step five, and then executes the HTTP redirection. By use of the fast HTTP redirection method disclosed by the invention, the defect that the existing HTTP redirection method is invalid under a specific condition is effectively solved, and the fast blocking is realized.
Description
Technical field
The present invention relates to network security defense technique, more particularly to a kind of quick HTTP redirection method.
Background technology
Network admittance control technology is the network security defense technique of current main flow, and it is by terminal guarantor with high safety
Virus, leak, network attack etc. are refused it by shield, the security threat for efficiently solving non-security accessing terminal to network and causing
Outdoors, so as to comprehensively having ensured the safety of the equipment being linked into network.
Network admittance control common technology have policybased routing access, VLAN isolation access, dot1x accesses, ARP accesses,
Mirror image access etc..Wherein mirror image admission technology refers to that data traffic mirror image (replicating) portion is issued standard by the switch in network
Enter and control server, access control server monitoring simultaneously examines these flows, then skill that is logical or blocking is put according to strategy execution
Art, conventional mirror image access interrupter technique has TCP Reset, HTTP redirection etc..
HTTP(Hyper Text Transfer Protocol, abridge HTTP)It is based on TCP
(Transmission Control Protocol transmission control protocols)Application protocol, be broadly divided into terminal and server two
Big component, terminal is first and server sets up TCP connections by TCP three-way handshake, and then terminal again please to server transmission HTTP
Ask, following server returns the response of the request to terminal.
In practice, HTTP redirection is referred in the response message that HTTP server is returned to terminal, and is not contained substantive
Information, but a Redirect URL, that is, access the resource and be redirected to the URL.
Existing HTTP redirection method comprises the steps:
(1) terminal to server sends first message of TCP three-way handshake, syn mark positions 1, seq sequence number x;
(2) server responds second message of TCP three-way handshake, syn mark positions 1, ack mark positions 1, seq to terminal
Sequence number y, ack confirmation x+1;
(3) terminal to server sends the 3rd message of TCP three-way handshake, ack mark positions 1, seq sequence number x+1, ack
Confirmation y+1, TCP three-way handshake is completed, TCP connection establishment successes;
(4) terminal to server sends HTTP request message;
(5) server responds HTTP redirection message to terminal.
Principle of the existing HTTP redirection method during the blocking of mirror image access is as follows:Terminal to server sends
HTTP request;Switch receives and the bag is transmitted into server after the bag, while mirror image is a to give access control server;Service
Device to be received and respond http response message to the request after HTTP request;Access control server receives the HTTP that mirror image comes
After request, safety analysis is carried out, if analysis result does not meet safety regulation and will respond HTTP redirection message to the request;
The HTTP redirection message meeting priority incoming terminal that the http response message and access control server that server sends sends, such as
Fruit HTTP redirection message is first reached, then terminal will be redirected.
There is following significant deficiency in existing HTTP redirection method:Http response message and access control that server sends
The HTTP redirection message meeting priority incoming terminal that control server sends, if http response message is first reached, then terminal is just
Will not be redirected.In terminal, server, access control server are all in same high-speed local area network, and the net of server
When network performance is higher than access control server, the first incoming terminal of http response message meeting that server sends, it will usually first reach
8-9 microseconds, this when of mirror image access HTTP redirection interrupter technique will fail, it is impossible to which network implementation is protected safely
Shield.
The content of the invention
The invention provides a kind of quick HTTP redirection method, its purpose is intended to overcome lacking for above-mentioned prior art
Fall into.
The purpose of the present invention is achieved through the following technical solutions:
A kind of quick HTTP redirection method, comprises the steps:
Step 1:Terminal to server sends first message of TCP three-way handshake;Switch is by first message mirror one
Part gives access control server;
Step 2:Server responds second message of TCP three-way handshake to terminal;Switch is by second message mirror one
Part gives access control server;
Step 3:Access control server receives second message of the TCP three-way handshake that switch mirror image comes in step 2
When, access control server to terminal sends HTTP redirection message;
Step 4:When terminal receives second message of the TCP three-way handshake of server response, terminal to server sends TCP
3rd message of three-way handshake;
Step 5:Terminal is received after the HTTP redirection message that the access control server in step 3 is sended over, and is deposited
In entering TCP cachings;
Step 6:Terminal to server sends HTTP request and waits http response;
Step 7:Terminal takes out the HTTP redirection message received in step 5, performs HTTP redirection.
On the basis of above-mentioned technical proposal, the present invention can add following technological means, preferably or more to there is pin
The technical problem to be solved is solved to property:
In step 1, containing syn flag bits and seq sequences in first message of terminal to server transmission TCP three-way handshake
Number, and syn flag bits are set to 1, seq sequence numbers and are set to x.
Further, in step 2, server is marked in second message of terminal response TCP three-way handshake containing syn
Will position, ack flag bits, seq sequence numbers and ack confirm number, and syn flag bits are set to 1, ack flag bits and are set to 1, seq sequences
Row number is set to y, and ack confirmations number are set to x+1.
Further, in step 3, ack is contained in the HTTP redirection message that access control server sends to terminal
Flag bit, seq sequence numbers and ack confirm number, and ack flag bits are set to 1, seq sequence numbers and are set to y+1, and ack confirms number to set
It is set to x+1.
Further, in step 4, ack is contained in the 3rd message of the TCP three-way handshake that terminal to server sends
Flag bit, seq sequence numbers, ack confirmations number, and ack flag bits are set to 1, seq sequence numbers and are set to x+1, and ack confirmations number set
It is set to y+1.
It should be noted that in the step 1 of the present invention, exchange opportunity is a to access control by first message mirror
Server;When access control server receives first message that mirror image comes, do not processed.
It should be noted that when the step 4 of the present invention is completed, TCP three-way handshake is completed, TCP connection establishment successes;Eventually
End, server, access control server three message transmission each other have passed through the forwarding of switch.
It should be noted that x above-mentioned in the present invention represents positive integer, y also represents positive integer, and the statement of x, y is simply
The convenience of statement, the statement of x, y has practical significance, the position interchangeable of x, y in statement.
The present invention know-why be:By the way that using before TCP connection establishment successes, just in advance transmission HTTP resets
To the technological means of message, it is ensured that the HTTP that access control server sends in the case where terminal does not meet safety regulation resets
To message prior to http response message incoming terminal that server sends.
Experiments verify that, show that HTTP redirection method of the present invention has following beneficial effects:(1) effectively
Solve the defect that existing HTTP redirection method fails under specific circumstances in mirror image access environment.Reason is, in mirror
As after the HTTP redirection method that this programme used in access environment is proposed, HTTP redirection function is no longer influenced by server and net
The impact of network speed, access control server is taking prior to sending HTTP redirection message before TCP connection establishment successes
Business device send it is any have before the TCP message of data content be issued by HTTP redirection message, it is ensured that access control service
The HTTP redirection message that device sends makes not meeting safety regulation prior to the http response message incoming terminal that server sends
Terminal by HTTP redirection, so as to realize this beneficial effect.(2)Realize quick blocking.Reason is that the inventive method is in terminal
Setting up the moment that TCP is connected with server just can realize redirecting, and the present invention is than existing method institute under equivalent network environment
Take time and at least save 50%, so as to realize this beneficial effect.
Specific embodiment
The present invention is implemented in comprising terminal, server, switch, the standard configuration network of access control server.
Embodiment one
In the present embodiment, a kind of quick HTTP redirection method comprises the steps:
Step 1:Terminal to server sends first message of TCP three-way handshake;Switch is by first message mirror one
Part gives access control server;
Step 2:Server responds second message of TCP three-way handshake to terminal;Switch is by second message mirror one
Part gives access control server;
Step 3:Access control server receives second message of the TCP three-way handshake that switch mirror image comes in step 2
When, access control server to terminal sends HTTP redirection message;
Step 4:When terminal receives second message of the TCP three-way handshake of server response, terminal to server sends TCP
3rd message of three-way handshake;
Step 5:Terminal is received after the HTTP redirection message that the access control server in step 3 is sended over, and is deposited
In entering TCP cachings;
Step 6:Terminal to server sends HTTP request and waits http response;
Step 7:Terminal takes out the HTTP redirection message received in step 5, performs HTTP redirection.
Used as a kind of alternative of the present embodiment, in step 1, terminal to server sends the of TCP three-way handshake
It is set to 1, seq sequence numbers and is set to x containing syn flag bits and seq sequence numbers, and syn flag bits in one message.
Used as a kind of alternative of the present embodiment, in step 2, server responds the of TCP three-way handshake to terminal
Containing syn flag bits, ack flag bits, seq sequence numbers and ack confirmation number in two messages, and syn flag bits are set to 1, ack
Flag bit is set to 1, seq sequence numbers and is set to y, and ack confirmations number are set to x+1.
As a kind of alternative of the present embodiment, in step 3, the HTTP weights that access control server sends to terminal
Containing ack flag bits, seq sequence numbers and ack confirmation number in orientation message, and ack flag bits are set to the setting of 1, seq sequence numbers
For y+1, ack confirms number to be set to x+1.
As a kind of alternative of the present embodiment, in step 4, the TCP three-way handshake that terminal to server sends
It is set to 1, seq sequence numbers and sets containing ack flag bits, seq sequence numbers, ack confirmations number, and ack flag bits in 3rd message
X+1 is set to, ack confirmations number are set to y+1.
In the present embodiment, when step 4 is completed, TCP three-way handshake is completed, TCP connection establishment successes;Terminal, server,
Access control server three message each other is transmitted through the forwarding of switch.
In the present embodiment, above-mentioned x represents positive integer, and y represents positive integer.
Embodiment two
In the present embodiment, a kind of quick HTTP redirection method comprises the steps:
Step 1:Terminal to server sends first message of TCP three-way handshake;Switch is by first message mirror one
Part gives access control server;
Step 2:Server responds second message of TCP three-way handshake to terminal;Switch is by second message mirror one
Part gives access control server;
Step 3:Access control server receives second message of the TCP three-way handshake that switch mirror image comes in step 2
When, access control server to terminal sends HTTP redirection message;
Step 4:When terminal receives second message of the TCP three-way handshake of server response, terminal to server sends TCP
3rd message of three-way handshake;
Step 5:Terminal is received after the HTTP redirection message that the access control server in step 3 is sended over, and is deposited
In entering TCP cachings;
Step 6:Terminal to server sends HTTP request and waits http response;
Step 7:Terminal takes out the HTTP redirection message received in step 5, performs HTTP redirection.
Used as a kind of alternative of the present embodiment, in step 1, terminal to server sends the of TCP three-way handshake
It is set to 1, seq sequence numbers and is set to containing syn flag bits and seq sequence numbers, and syn flag bits in one message
12345678。
Used as a kind of alternative of the present embodiment, in step 2, server responds the of TCP three-way handshake to terminal
Containing syn flag bits, ack flag bits, seq sequence numbers and ack confirmation number in two messages, and syn flag bits are set to 1, ack
Flag bit is set to 1, seq sequence numbers and is set to 73187318, ack to confirm number to be set to 12345679.
As a kind of alternative of the present embodiment, in step 3, the HTTP weights that access control server sends to terminal
Containing ack flag bits, seq sequence numbers and ack confirmation number in orientation message, and ack flag bits are set to the setting of 1, seq sequence numbers
12345679 are set to for 73187319, ack confirmations number.
As a kind of alternative of the present embodiment, in step 4, the TCP three-way handshake that terminal to server sends
It is set to 1, seq sequence numbers and sets containing ack flag bits, seq sequence numbers, ack confirmations number, and ack flag bits in 3rd message
It is set to 12345679, ack confirmations number and is set to 73187319.
In the present embodiment, when step 4 is completed, TCP three-way handshake is completed, TCP connection establishment successes;Terminal, server,
Access control server three message each other is transmitted through the forwarding of switch.
Embodiment three
In the present embodiment, a kind of quick HTTP redirection method comprises the steps:
Step 1:Terminal to server sends first message of TCP three-way handshake, indicates containing syn in first message
Position and seq sequence numbers, and syn flag bits are set to 1, seq sequence numbers and are set to x;Switch is transmitted to first message
Server, while switch is a to access control server by first message mirror (replicating);Now access control
Server receives first message that mirror image comes, and is not processed;
Step 2:Server is received after first message that switch in step 1 is forwarded, and server to terminal responds TCP tri-
Secondary second message shaken hands, confirms in second message containing syn flag bits, ack flag bits, seq sequence numbers and ack
Number, and syn flag bits are set to 1, ack flag bits and are set to 1, seq sequence numbers to be set to y, and ack confirms number to be set to x+1;Hand over
Is changed planes and second message is transmitted to terminal, while second message mirror portion is given access control service by switch
Device;
Step 3:Access control server receives second message of the TCP three-way handshake that switch mirror image comes in step 2
When, access control server to terminal send HTTP redirection message, in the HTTP redirection message containing ack flag bits,
Seq sequence numbers and ack confirm number, and ack flag bits are set to 1, seq sequence numbers and are set to y+1, and ack confirms number to be set to x+
1;
Step 4:When terminal receives second message of the TCP three-way handshake of server response in step 2, terminal to server
The 3rd message of TCP three-way handshake is sent, is confirmed containing ack flag bits, seq sequence numbers, ack in the 3rd message
Number, and ack flag bits are set to 1, seq sequence numbers and are set to x+1, and ack confirms number to be set to y+1;Now TCP three-way handshake is complete
Into TCP connection establishment successes;
Step 5:Terminal receives access control server in step 3 and forwards HTTP to the Jing switches that terminal sends and resets
To after message, in being deposited into TCP cachings;
Step 6:Terminal to server sends HTTP request and waits http response;
Step 7:Terminal takes out the HTTP redirection message received in step 5, performs HTTP redirection.
Claims (5)
1. a kind of quick HTTP redirection method, comprises the steps:
Step 1:Terminal to server sends first message of TCP three-way handshake;Switch is by first message mirror one
Part gives access control server;
Step 2:Server responds second message of TCP three-way handshake to terminal;Switch is by second message mirror one
Part gives access control server;
Step 3:Access control server receives second message of the TCP three-way handshake that switch mirror image comes in step 2
When, access control server to terminal sends HTTP redirection message;
Step 4:When terminal receives second message of the TCP three-way handshake of server response, terminal to server sends TCP
3rd message of three-way handshake;
Step 5:Terminal is received after the HTTP redirection message that the access control server in step 3 is sended over, and is deposited
In entering TCP cachings;
Step 6:Terminal to server sends HTTP request and waits http response;
Step 7:Terminal takes out the HTTP redirection message received in step 5, performs HTTP redirection.
2. quick HTTP redirection method according to claim 1, it is characterised in that:In step 1, terminal to server
Send containing syn flag bits and seq sequence numbers in first message of TCP three-way handshake, and syn flag bits are set to 1, seq
Sequence number is set to x.
3. quick HTTP redirection method according to claim 2, it is characterised in that:In step 2, server is to terminal
Respond containing syn flag bits, ack flag bits, seq sequence numbers and ack confirmation number in second message of TCP three-way handshake, and
Syn flag bits are set to 1, ack flag bits and are set to 1, seq sequence numbers to be set to y, and ack confirms number to be set to x+1.
4. quick HTTP redirection method according to claim 3, it is characterised in that:In step 3, access control service
Containing ack flag bits, seq sequence numbers and ack confirmation number in the HTTP redirection message that device sends to terminal, and ack flag bits
It is set to 1, seq sequence numbers and is set to y+1, ack confirmations number is set to x+1.
5. quick HTTP redirection method according to claim 4, it is characterised in that:In step 4, terminal to server
Containing ack flag bits, seq sequence numbers, ack confirmations number, and ack flag bits in 3rd message of the TCP three-way handshake of transmission
It is set to 1, seq sequence numbers and is set to x+1, ack confirmations number is set to y+1.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611229900.9A CN106657082B (en) | 2016-12-27 | 2016-12-27 | A kind of quick HTTP redirection method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611229900.9A CN106657082B (en) | 2016-12-27 | 2016-12-27 | A kind of quick HTTP redirection method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106657082A true CN106657082A (en) | 2017-05-10 |
CN106657082B CN106657082B (en) | 2019-01-08 |
Family
ID=58831681
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611229900.9A Active CN106657082B (en) | 2016-12-27 | 2016-12-27 | A kind of quick HTTP redirection method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106657082B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110691063A (en) * | 2018-07-06 | 2020-01-14 | 山东华软金盾软件股份有限公司 | TCP blocking method under single inbound in stream mirror mode |
CN110830472A (en) * | 2019-11-07 | 2020-02-21 | 西北工业大学 | Flexible data transmission method of flexible data transmission protocol based on TCP/IP protocol |
CN114697380A (en) * | 2022-03-11 | 2022-07-01 | 杭州盈高科技有限公司 | Redirection method, system, device and storage medium of access request |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101026582A (en) * | 2007-03-06 | 2007-08-29 | 中兴通讯股份有限公司 | Network access control method and system |
US7461150B1 (en) * | 2000-07-19 | 2008-12-02 | International Business Machines Corporation | Technique for sending TCP messages through HTTP systems |
CN102573111A (en) * | 2012-01-10 | 2012-07-11 | 中兴通讯股份有限公司 | Method and device for releasing transfer control protocol resources |
US9253151B2 (en) * | 2006-05-25 | 2016-02-02 | International Business Machines Corporation | Managing authentication requests when accessing networks |
CN105357209A (en) * | 2015-11-20 | 2016-02-24 | 福建星网锐捷网络有限公司 | WEB authentication method and WEB authentication device |
CN105592175A (en) * | 2014-10-24 | 2016-05-18 | 中兴通讯股份有限公司 | Method and apparatus for redirection to web page |
CN105791290A (en) * | 2016-03-02 | 2016-07-20 | 上海斐讯数据通信技术有限公司 | Authentication method and device for network connection |
-
2016
- 2016-12-27 CN CN201611229900.9A patent/CN106657082B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7461150B1 (en) * | 2000-07-19 | 2008-12-02 | International Business Machines Corporation | Technique for sending TCP messages through HTTP systems |
US9253151B2 (en) * | 2006-05-25 | 2016-02-02 | International Business Machines Corporation | Managing authentication requests when accessing networks |
CN101026582A (en) * | 2007-03-06 | 2007-08-29 | 中兴通讯股份有限公司 | Network access control method and system |
CN102573111A (en) * | 2012-01-10 | 2012-07-11 | 中兴通讯股份有限公司 | Method and device for releasing transfer control protocol resources |
CN105592175A (en) * | 2014-10-24 | 2016-05-18 | 中兴通讯股份有限公司 | Method and apparatus for redirection to web page |
CN105357209A (en) * | 2015-11-20 | 2016-02-24 | 福建星网锐捷网络有限公司 | WEB authentication method and WEB authentication device |
CN105791290A (en) * | 2016-03-02 | 2016-07-20 | 上海斐讯数据通信技术有限公司 | Authentication method and device for network connection |
Non-Patent Citations (2)
Title |
---|
P. CLUTTERBUCK ; G. MOHAY: "Increased availability and scalability for clustered services via the wait time calculation, trust based filtering and redirection of TCP connection requests", 《TENCON 2003. CONFERENCE ON CONVERGENT TECHNOLOGIES FOR ASIA-PACIFIC REGION》 * |
张焕杰;夏玉良: "利用netfilter NFQUEUE实现网关认证的HTTP重定向", 《通信学报》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110691063A (en) * | 2018-07-06 | 2020-01-14 | 山东华软金盾软件股份有限公司 | TCP blocking method under single inbound in stream mirror mode |
CN110830472A (en) * | 2019-11-07 | 2020-02-21 | 西北工业大学 | Flexible data transmission method of flexible data transmission protocol based on TCP/IP protocol |
CN114697380A (en) * | 2022-03-11 | 2022-07-01 | 杭州盈高科技有限公司 | Redirection method, system, device and storage medium of access request |
CN114697380B (en) * | 2022-03-11 | 2023-07-14 | 杭州盈高科技有限公司 | Redirection method, system, device and storage medium for access request |
Also Published As
Publication number | Publication date |
---|---|
CN106657082B (en) | 2019-01-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11818167B2 (en) | Authoritative domain name system (DNS) server responding to DNS requests with IP addresses selected from a larger pool of IP addresses | |
CN105827646B (en) | The method and device of ssyn attack protection | |
US7571479B2 (en) | Denial of service defense by proxy | |
Duan et al. | Controlling IP spoofing through interdomain packet filters | |
US20160119288A1 (en) | Method and apparatus for content filtering on spdy connections | |
ES2637069T3 (en) | Network proxy implementation method and device | |
Sanmorino et al. | DDoS attack detection method and mitigation using pattern of the flow | |
CN110365658B (en) | Reflection attack protection and flow cleaning method, device, equipment and medium | |
WO2016177131A1 (en) | Method, apparatus, and system for preventing dos attacks | |
CN110213224B (en) | Data packet asynchronous forwarding method and system, data processing system and consensus node terminal | |
CN106657082A (en) | Fast HTTP redirection method | |
CN102510385A (en) | Method for preventing fragment attack of IP (Internet Protocol) datagram | |
Nagai et al. | Design and implementation of an openflow-based tcp syn flood mitigation | |
US8839352B2 (en) | Firewall security between network devices | |
Mandalari et al. | Measuring ECN++: good news for++, bad news for ECN over mobile | |
CN101136917B (en) | Transmission control protocol blocking module and soft switch method | |
Kim et al. | An effective defense against SYN flooding attack in SDN | |
Wang et al. | An approach for protecting the openflow switch from the saturation attack | |
CN100479419C (en) | Method for preventing refusal service attack | |
US8811179B2 (en) | Method and apparatus for controlling packet flow in a packet-switched network | |
Liu et al. | Defending Against TCP SYN Flooding with a new kind of SYN-Agent | |
Tayama et al. | Analysis of effectiveness of slow read DOS attack and influence of Communication Environment | |
AU2024200159B1 (en) | Systems and methods for facilitating data transfer | |
Chen | Distributed denial of service attack and defense | |
CN100429881C (en) | Method for preventing network state synchronous flood attack and protecting network in transparent mode |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Fast HTTP redirection method Effective date of registration: 20190709 Granted publication date: 20190108 Pledgee: Bank of Hangzhou Limited by Share Ltd science and Technology Branch Pledgor: HangZhou Infogo Tech Co.,Ltd Registration number: 2019330000189 |