CN112910863A - Network tracing method and system - Google Patents
Network tracing method and system Download PDFInfo
- Publication number
- CN112910863A CN112910863A CN202110069924.7A CN202110069924A CN112910863A CN 112910863 A CN112910863 A CN 112910863A CN 202110069924 A CN202110069924 A CN 202110069924A CN 112910863 A CN112910863 A CN 112910863A
- Authority
- CN
- China
- Prior art keywords
- address
- network
- tracing
- access
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/146—Tracing the source of attacks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a network tracing method and a network tracing system. A network tracing method, comprising: acquiring first traceability information of user equipment which completes identity authentication, and second traceability information established in the process of monitoring IP address configuration by access equipment; establishing and recording a traceability information group according to the first traceability information and the second traceability information; and responding to the tracing of the target IP address, and inquiring a tracing information group corresponding to the target IP address so as to determine a user corresponding to the target IP address. The invention can be applied to network tracing and user auditing, is suitable for IPv4, IPv6 and mixed network environment of IPv4 and IPv6, and various address allocation modes such as DHCP, SLAAC, static configuration and the like, does not need to change terminal equipment, does not need to modify host behavior, is easy to deploy, does not need to use network address translation technology, and does not change end-to-end attributes.
Description
Technical Field
The invention belongs to the technical field of internet, and particularly relates to a network tracing method and a network tracing system.
Background
The network security problem is increasingly highlighted due to the counterfeiting of the IP address, and Distributed Denial of Service (DDoS) initiated by means of a forged source address is one of the important security threats of the current Internet. According to the security control solution of the American global business Network and the data statistics of an Arbor Network of a service providing organization, the peak value of global DDoS attack flow frequently breaks through 8000Gbps, and huge threats are caused to the security of a global Network space.
There are many ways of initiating DDoS attack by a forged source IP address, for example, hiding the true position of an attacker by using a forged source address and initiating TCP SYN Flooding attack; forging an IP of a victim as a source address to send a DNS request and initiating a DNS reflection attack; sending an ICMP request to the broadcast domain using the victim IP as the source address, launching a Smurf attack, etc. The SAVA (Source Address Validation Architecture) proposed by the research team of Qinghua university provides a systematic solution for IP Source Address Validation based on the consideration of three layers of access network, intra-domain and inter-domain, and provides an important basis for solving the problem of IP Source Address forgery. The authenticity of the IP source address provides possibility for implementing an auditing and accountability mechanism, but a gap exists between the IP address and a user entity in the real world, so that the auditing process can only trace the IP address, but not the user entity corresponding to the IP address, and a network attacker is difficult to form powerful deterrence. On the basis of the real IP source address, if the user entity and the IP address can be associated and a powerful auditing and accountability mechanism is implemented, strong deterrence can be formed on an attacker, so that the network attack can be effectively relieved.
Disclosure of Invention
In order to effectively relieve network attacks and enable an auditing process to trace back to a user entity corresponding to an IP address, the invention provides a network tracing method and a network tracing system.
In a first aspect, an embodiment of the present invention provides a network tracing method, including:
acquiring first traceability information of user equipment which completes identity authentication, and second traceability information established in the process of monitoring IP address configuration by access equipment;
establishing and recording a traceability information group according to the first traceability information and the second traceability information;
and responding to the tracing of the target IP address, and inquiring a tracing information group corresponding to the target IP address so as to determine a user corresponding to the target IP address.
In some embodiments, the first tracing information includes a binding relationship between a MAC address, a user name, and an access network time;
the second tracing information comprises a binding relationship between the IP address and the MAC address.
In some embodiments, the source information group includes a MAC address, an IP address, a user name, an access network time, and a binding relationship between device access points.
In some embodiments, the device access point is any one of a VLAN port, SSID, AP Name.
In some embodiments, the identity authentication is an 802.1X authentication.
In some embodiments, the IP address configuration includes any one of a static configuration, a DHCP address configuration, and a SLAAC address configuration.
In a second aspect, an embodiment of the present invention provides a network tracing system, including:
and the management server is used for executing the steps of the network tracing method in the first aspect.
In some embodiments, the system further comprises:
and the authentication server is used for carrying out identity authentication on the user equipment.
In some embodiments, the system further comprises:
and the access equipment is connected with the authentication server and is used for monitoring the IP address configuration process.
In some embodiments, the access device is provided with an SAVI function, and the access device monitors an IP address configuration process in an on state of the SAVI function;
in a wired network scenario, the access device includes a switch;
in a wireless network scenario, the access device includes a wireless access point and a wireless controller.
One or more embodiments of the invention have at least the following beneficial effects:
the network tracing method and the system provided by the invention can be applied to network tracing and user auditing, are suitable for IPv4, IPv6 and a mixed network environment of the IPv4 and the IPv6 and a plurality of address allocation modes such as DHCP, SLAAC, static configuration and the like, do not need to change terminal equipment, do not need to modify host behaviors, are easy to deploy, do not need to use a network address translation technology, and do not change end-to-end attributes.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 is a flowchart of a network tracing method according to an embodiment of the present invention;
fig. 2 is a block diagram of a network tracing system according to an embodiment of the present invention;
fig. 3 is a network topology diagram of a network tracing system according to an embodiment of the present invention;
fig. 4 is a workflow of a DHCPv6 address assignment scenario network tracing system under an IPv6 network environment according to an embodiment of the present invention;
fig. 5 is a workflow of the SLAAC address allocation scenario network tracing system in an IPv6 network environment according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
In the related art, a method of associating a user entity with an IP address includes:
(1) an extended DHCPv6(Dynamic Host Configuration Protocol for IPv6, IPv6 Dynamic Host Configuration Protocol) client scheme, which carries a user name and a password in a REQUEST message through the extended DHCPv6 Protocol, and embeds user identity information into an IPv6 address by using a self-defined IPv6 address generation algorithm to realize the association between the user identity and an IP address. However, the scheme needs to develop different DHCPv6 extended clients for different operating systems, is high in deployment cost and development difficulty, is not suitable for practical application, and can only be applied to a DHCPv6 address allocation scene.
(2) The scheme is based on a Web Portal client-free migration scheme, and the scheme firstly uses a short lease temporary address to complete login and then secondarily distributes an IPv6 address embedded with identity information after user authentication. Although the scheme solves the problem of developing DHCPv6 extended clients for different operating systems, two address allocation processes are required, which brings huge protocol signaling overhead and is difficult to be applied to complex and changeable practical environments, and in addition, the scheme can only be applied to DHCPv6 address allocation scenes.
(3) The scheme is characterized in that user identity authentication is carried out on a second layer, and then IPv6 address allocation is carried out, so that the identity authentication and address allocation processes are decoupled, the limitations that a new DHCPv6 client is developed for each operating system, temporary address lease is maintained for a DHCPv6 server and the like are avoided, the scheme has the advantages of deployability, but the scheme is necessarily based on a DHCPv6 address allocation mode, and is not friendly to terminal equipment (such as android) which does not support DHCPv 6.
(4) The network attack tracing scheme is an SDN-Ti based on SDN, an SDN switch is used as an address conversion device, an SDN controller generates a trusted IPv6 address embedded with a user identity based on a user identity information identifier in a user authentication process, a common IPv6 address and a trusted IPv6 address conversion flow table are issued to the SDN switch, and the SDN switch performs network address conversion when a user accesses a network so that the trusted IPv6 address replaces the common IPv6 address in a packet message. Although the scheme supports various IPv6 address allocation modes, the end-to-end property is damaged and the network management complexity is increased due to the adoption of a network address translation technology.
In summary, the network tracing schemes in the related art all have certain defects.
Example one
Fig. 1 shows a flowchart of a network tracing method, and as shown in fig. 1, the embodiment provides a network tracing method applied to a management server, where the method includes steps S110 to S130:
step S110, obtain first tracing information of the user equipment that has completed the identity authentication, and the access equipment monitors second tracing information established in the IP address configuration process.
In some cases, the first tracing information includes a binding relationship between a MAC address, a user name, and an access network time. The user name is an identity identifier for login verification of user equipment in a network accessing process, the user equipment is connected with an equipment access point to perform identity authentication, RADIUS information is sent to an authentication server through the access equipment to complete the identity authentication, the identity authentication comprises but is not limited to 802.1X authentication, after the identity authentication is passed, the access equipment records an MAC address, the user name and network accessing time, a binding relation among the MAC address, the user name and the network accessing time is used as first traceability information, and the first traceability information is established in a form of a binding table.
In some cases, the second tracing information includes a binding relationship between the IP address and the MAC address. After the identity authentication is passed, the user equipment initiates an IP address application request, and the access equipment monitors an IP address configuration process, wherein the IP address configuration comprises but is not limited to any one of static configuration, DHCP address configuration and SLAAC address configuration. In the process of monitoring the configuration of the IP address, the access device establishes a binding relationship between the IP address and the MAC address, for example, the binding relationship between the IP address and the MAC address is established in the form of a binding table.
And step S120, establishing and recording a traceability information group according to the first traceability information and the second traceability information.
In some cases, the traceback information set is a five-tuple including the MAC address, IP address, username, access network time, and binding between device access points. The access device binds the device access point, the first tracing information and the second tracing information, and reports the bound information to the management server to establish and record a tracing information group, for example, establish a five-tuple bound table entry shown in table 1.
TABLE 1
| MAC | IP | User name | Time | Device access point information |
Step S130, in response to the tracing of the target IP address, querying a tracing information group corresponding to the target IP address to determine a user corresponding to the target IP address.
The target IP address is an IP address to be traced, and the tracing information group comprises an MAC address, an IP address, a user Name, network access time and a binding relationship among equipment access points, and the equipment access points are any one of VLAN ports, SSIDs and AP names.
Example two
Fig. 2 is a block diagram of a network tracing system, and as shown in fig. 2, the embodiment provides a network tracing system, including:
the management server 210 is configured to execute the steps of the network tracing method according to the first embodiment.
And an authentication server 220 for authenticating the user equipment 240.
And the access device 230 is connected with the authentication server 220 and used for monitoring the IP address configuration process.
In some embodiments, the access device 230 has an SAVI (Source Address validity check) function, and the access device 230 listens to an IP Address configuration process in an activated state of the SAVI function.
Fig. 3 shows a network topology diagram of a network tracing system, in a wired network scenario, an access device includes a switch; in a wireless network scenario, an Access device includes a wireless Access Point ap (wireless Access Point) and a wireless controller ac (wireless Access Point controller). The user equipment needs to perform two procedures of identity authentication (such as 802.1X authentication) and IP address application. The access device needs to start the SAVI function and configure RADIUS authentication information, and the access device monitors the IP address configuration process and establishes the binding relationship between the IP address and the MAC address. In addition, after the identity authentication is completed, the access device records the binding relationship among the MAC address, the user name and the access network time, and uploads the binding relationship among the MAC address, the IP address, the user name, the access network time and the device access point to the management server so as to establish and record the traceability information group. When some IP addresses need to be traced later, the management server can be inquired, so that information such as a user name, network access time and an equipment access point corresponding to the IP address can be obtained.
In some embodiments, when the network tracing method is implemented based on the network tracing system, a development link and a deployment link are involved:
in the development link: (1) and developing a binding table item information recording function on the wireless controller AC, so as to record binding table item information among the MAC address, the user name and the network access time after the 802.1X authentication is passed, and forming a quintuple by combining the IP address, the MAC address and the information of the equipment access point. (2) An interactive interface between the management server and the wireless controller AC is developed, so that the management server can timely acquire the binding relationship information between the MAC address, the IP address, the user Name, the access network time and the device access point (for example, AP Name) uploaded by the wireless controller AC.
In the deployment stage: (1) building a network topology of the network traceability system under different scenes (such as a DHCPv6 address allocation scene or an SLAAC address allocation scene); (2) the SAVI function is started on the wireless access point AP and the wireless controller AC, and the 802.1X authentication is configured on the wireless controller AC and is directed to the authentication server.
The network tracing method and the system provided by the embodiment of the invention relate to an 802.1X authentication process in user login and an SAVI monitoring process in IP address configuration. Fig. 4 illustrates the work flow of the network traceability system of the DHCPv6 address allocation scenario in the IPv6 network environment, and as shown in fig. 4, in some embodiments, the work flow of the network traceability system is as follows:
step (1): the user equipment is connected with the SSID to carry out 802.1X authentication;
step (2): the wireless controller AC sends an RADIUS message to an authentication server to complete authentication;
and (3): after the authentication is passed, the wireless controller AC records the MAC address, the user name and the network access time and binds the MAC address, the user name and the network access time;
and (4): user equipment initiates an IP address application request;
and (5): the method comprises the steps that a wireless Access Point (AP) monitors a DHCPv6 address configuration process, establishes a binding table of a binding relation between an IP address and an MAC address, and uploads the binding table to a wireless controller (AC);
and (6): the method comprises the steps that a wireless controller AC receives a binding table uploaded by a wireless access point AP, binds an MAC address, an IP address, a user Name, access network time and an AP Name, and reports to a management server;
and (7): and the management server receives the binding relationship among the MAC address, the IP address, the user Name, the access network time and the AP Name reported by the wireless controller AC, establishes a quintuple and records the quintuple for subsequent tracing and auditing.
Fig. 5 illustrates the workflow of the SLAAC address assignment scenario network tracing system in an IPv6 network environment, and as shown in fig. 5, in some embodiments, the network tracing system workflow is as follows:
step (1): the user equipment connects with the SSID and initiates 802.1X authentication;
step (2): the wireless controller AC forwards the RADIUS message to an authentication server;
and (3): after receiving RADIUS authentication passing information, the wireless controller AC records the binding relationship among the MAC address, the user name and the network access time;
and (4): user equipment initiates an IP address application request;
and (5): the method comprises the steps that a wireless Access Point (AP) monitors an SLAAC address configuration process, a binding table of a binding relation between an IP address and an MAC address is established, and the binding table is uploaded to a wireless controller (AC);
and (6): the method comprises the steps that a wireless controller AC receives a binding table uploaded by a wireless access point AP, binds an MAC address, an IP address, a user Name, access network time and an AP Name, and reports to a management server;
and (7): and the management server receives the binding relationship among the MAC address, the IP address, the user Name, the access network time and the AP Name reported by the wireless controller AC, and establishes a quintuple for subsequent tracing and auditing.
The network tracing method and the system provided by the embodiment of the invention have the advantages that:
1. support IPv4, IPv6, and both hybrid network environments.
2. And various address allocation modes such as DHCP/SLAAC/static configuration and the like are supported. It is not restricted whether the terminal device supports a DHCP client.
3. Easy to deploy. The host behavior does not need to be modified, and only a management server needs to be added in the network, and an interactive interface corresponding to the SAVI equipment is added for the management server.
4. The end-to-end properties are not changed. Network address translation techniques need not be used.
In the embodiments provided in the present invention, it should be understood that the disclosed system and method can be implemented in other ways. The system and method embodiments described above are merely illustrative.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Although the embodiments of the present invention have been described above, the above descriptions are only for the convenience of understanding the present invention, and are not intended to limit the present invention. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. A network tracing method is characterized by comprising the following steps:
acquiring first traceability information of user equipment which completes identity authentication, and second traceability information established in the process of monitoring IP address configuration by access equipment;
establishing and recording a traceability information group according to the first traceability information and the second traceability information;
and responding to the tracing of the target IP address, and inquiring a tracing information group corresponding to the target IP address so as to determine a user corresponding to the target IP address.
2. The network tracing method of claim 1, wherein the first tracing information includes a binding relationship between a MAC address, a user name, and an access network time;
the second tracing information comprises a binding relationship between the IP address and the MAC address.
3. The network tracing method of claim 1, wherein said tracing information group comprises a binding relationship between a MAC address, an IP address, a user name, an access network time, and an access point of a device.
4. The method of claim 3, wherein the device access point is any one of a VLAN port, an SSID, and an APName.
5. The network tracing method of claim 1, wherein the identity authentication is an 802.1X authentication.
6. The network tracing method of claim 1, wherein the IP address configuration comprises any one of static configuration, DHCP address configuration, and SLAAC address configuration.
7. A network tracing system, comprising:
a management server for performing the steps of the network tracing method of any one of claims 1 to 6.
8. The network traceability system of claim 7, further comprising:
and the authentication server is used for carrying out identity authentication on the user equipment.
9. The network traceability system of claim 8, further comprising:
and the access equipment is connected with the authentication server and is used for monitoring the IP address configuration process.
10. The network tracing system of claim 9, wherein said access device has an SAVI function, and said access device monitors an IP address configuration process in an active state of said SAVI function;
in a wired network scenario, the access device includes a switch;
in a wireless network scenario, the access device includes a wireless access point and a wireless controller.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110069924.7A CN112910863A (en) | 2021-01-19 | 2021-01-19 | Network tracing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110069924.7A CN112910863A (en) | 2021-01-19 | 2021-01-19 | Network tracing method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112910863A true CN112910863A (en) | 2021-06-04 |
Family
ID=76115880
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110069924.7A Pending CN112910863A (en) | 2021-01-19 | 2021-01-19 | Network tracing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112910863A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114039873A (en) * | 2021-11-09 | 2022-02-11 | 北京天融信网络安全技术有限公司 | Auditing method and operation and maintenance safety auditing system for client type |
| CN114268496A (en) * | 2021-12-22 | 2022-04-01 | 杭州安恒信息技术股份有限公司 | Database local audit method, device, equipment and storage medium |
| CN115001826A (en) * | 2022-06-02 | 2022-09-02 | 清华大学 | Network access control method, device, network equipment and storage medium |
| CN115002748A (en) * | 2022-06-02 | 2022-09-02 | 清华大学 | Address configuration method, system and network equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090319659A1 (en) * | 2006-12-28 | 2009-12-24 | Hiroshi Terasaki | Source detection device for detecting a source of sending a virus and/or a dns attack linked to an application, method thereof, and program thereof |
| CN103139326A (en) * | 2013-03-06 | 2013-06-05 | 中国联合网络通信集团有限公司 | Method, device and system for tracing internet protocol (IP) |
| CN103731515A (en) * | 2014-01-15 | 2014-04-16 | 中国联合网络通信集团有限公司 | Internet protocol (IP) source tracing method, device and system |
| CN103856469A (en) * | 2012-12-06 | 2014-06-11 | 中国电信股份有限公司 | Method and system supporting DHCP authentication and provenance, and DHCP server |
| CN104219334A (en) * | 2013-05-30 | 2014-12-17 | 中国联合网络通信集团有限公司 | User tracing method and device and broadband access server |
| CN108881308A (en) * | 2018-08-09 | 2018-11-23 | 下代互联网重大应用技术(北京)工程研究中心有限公司 | A kind of user terminal and its authentication method, system, medium |
-
2021
- 2021-01-19 CN CN202110069924.7A patent/CN112910863A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090319659A1 (en) * | 2006-12-28 | 2009-12-24 | Hiroshi Terasaki | Source detection device for detecting a source of sending a virus and/or a dns attack linked to an application, method thereof, and program thereof |
| CN103856469A (en) * | 2012-12-06 | 2014-06-11 | 中国电信股份有限公司 | Method and system supporting DHCP authentication and provenance, and DHCP server |
| CN103139326A (en) * | 2013-03-06 | 2013-06-05 | 中国联合网络通信集团有限公司 | Method, device and system for tracing internet protocol (IP) |
| CN104219334A (en) * | 2013-05-30 | 2014-12-17 | 中国联合网络通信集团有限公司 | User tracing method and device and broadband access server |
| CN103731515A (en) * | 2014-01-15 | 2014-04-16 | 中国联合网络通信集团有限公司 | Internet protocol (IP) source tracing method, device and system |
| CN108881308A (en) * | 2018-08-09 | 2018-11-23 | 下代互联网重大应用技术(北京)工程研究中心有限公司 | A kind of user terminal and its authentication method, system, medium |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114039873A (en) * | 2021-11-09 | 2022-02-11 | 北京天融信网络安全技术有限公司 | Auditing method and operation and maintenance safety auditing system for client type |
| CN114039873B (en) * | 2021-11-09 | 2023-11-28 | 北京天融信网络安全技术有限公司 | Audit method and operation and maintenance security audit system aiming at client type |
| CN114268496A (en) * | 2021-12-22 | 2022-04-01 | 杭州安恒信息技术股份有限公司 | Database local audit method, device, equipment and storage medium |
| CN115001826A (en) * | 2022-06-02 | 2022-09-02 | 清华大学 | Network access control method, device, network equipment and storage medium |
| CN115002748A (en) * | 2022-06-02 | 2022-09-02 | 清华大学 | Address configuration method, system and network equipment |
| CN115002748B (en) * | 2022-06-02 | 2024-02-02 | 清华大学 | Address configuration method, system and network equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112910863A (en) | Network tracing method and system | |
| US8239549B2 (en) | Dynamic host configuration protocol | |
| US8806565B2 (en) | Secure network location awareness | |
| CN101651696B (en) | Method and device for preventing neighbor discovery (ND) attack | |
| CN101635628B (en) | Method and device for preventing ARP attacks | |
| CN101447879B (en) | Charging method and access equipment therefor | |
| CN101827138B (en) | Optimized method and device for processing IPV6 filter rule | |
| CN106559292A (en) | A kind of broad band access method and device | |
| Anbar et al. | Review of security vulnerabilities in the IPv6 neighbor discovery protocol | |
| CN103428211A (en) | Network authentication system on basis of switchboards and authentication method for network authentication system | |
| Beck et al. | Monitoring the neighbor discovery protocol | |
| CN104601566A (en) | Authentication method and device | |
| CN104468619A (en) | Method and gateway for achieving dual-stack web authentication | |
| CN109067729B (en) | Authentication method and device | |
| CN101945053B (en) | Method and device for transmitting message | |
| KR100856918B1 (en) | Method for IP address authentication in IPv6 network, and IPv6 network system | |
| Najjar et al. | Reliable behavioral dataset for IPv6 neighbor discovery protocol investigation | |
| Syed et al. | Analysis of Dynamic Host Control Protocol Implementation to Assess DoS Attacks | |
| Naaz et al. | Investigating DHCP and DNS Protocols Using Wireshark | |
| JP2005236394A (en) | Network system and network control method | |
| CN116388998A (en) | Audit processing method and device based on white list | |
| CN106878291B (en) | Message processing method and device based on prefix safety table entry | |
| CN102769621B (en) | Real user identity-oriented host moving method | |
| Bagnulo et al. | SAVI: The IETF standard in address validation | |
| CN107707685B (en) | A kind of wireless router access control method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210604 |