DK3588897T3 - Fremgangsmåde og system til at forsvare en infrastruktur mod et distributed denial of service-angreb - Google Patents

Fremgangsmåde og system til at forsvare en infrastruktur mod et distributed denial of service-angreb Download PDF

Info

Publication number
DK3588897T3
DK3588897T3 DK18315013.5T DK18315013T DK3588897T3 DK 3588897 T3 DK3588897 T3 DK 3588897T3 DK 18315013 T DK18315013 T DK 18315013T DK 3588897 T3 DK3588897 T3 DK 3588897T3
Authority
DK
Denmark
Prior art keywords
defend
procedure
service attack
distributed denial
infrastructure against
Prior art date
Application number
DK18315013.5T
Other languages
English (en)
Inventor
Sebastien Meriot
Original Assignee
Ovh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ovh filed Critical Ovh
Application granted granted Critical
Publication of DK3588897T3 publication Critical patent/DK3588897T3/da

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/142Denial of service attacks against network infrastructure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/144Detection or countermeasures against botnets
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/146Tracing the source of attacks
DK18315013.5T 2018-06-30 2018-06-30 Fremgangsmåde og system til at forsvare en infrastruktur mod et distributed denial of service-angreb DK3588897T3 (da)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP18315013.5A EP3588897B1 (en) 2018-06-30 2018-06-30 Method and system for defending an infrastructure against a distributed denial of service attack

Publications (1)

Publication Number Publication Date
DK3588897T3 true DK3588897T3 (da) 2020-05-25

Family

ID=63683125

Family Applications (1)

Application Number Title Priority Date Filing Date
DK18315013.5T DK3588897T3 (da) 2018-06-30 2018-06-30 Fremgangsmåde og system til at forsvare en infrastruktur mod et distributed denial of service-angreb

Country Status (6)

Country Link
US (1) US11528295B2 (da)
EP (1) EP3588897B1 (da)
CN (1) CN110659487B (da)
CA (1) CA3046519A1 (da)
DK (1) DK3588897T3 (da)
PL (1) PL3588897T3 (da)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11627147B2 (en) * 2019-05-17 2023-04-11 Charter Communications Operating, Llc Botnet detection and mitigation
US11196754B1 (en) * 2019-06-25 2021-12-07 Ca, Inc. Systems and methods for protecting against malicious content
CN111314379B (zh) * 2020-03-20 2022-07-08 深圳市腾讯计算机系统有限公司 被攻击域名识别方法、装置、计算机设备和存储介质
US11343273B2 (en) * 2020-03-20 2022-05-24 Amrita Vishwa Vidyapeetham Method of reducing DoS attacks using voice response in IoT systems
CN111510458A (zh) * 2020-04-24 2020-08-07 太仓红码软件技术有限公司 一种基于物联网的网络攻击防御系统的工作方法
CN114338066A (zh) * 2020-09-30 2022-04-12 中移(苏州)软件技术有限公司 一种拒绝服务攻击的防御方法及系统、设备及存储介质

Family Cites Families (49)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7159237B2 (en) * 2000-03-16 2007-01-02 Counterpane Internet Security, Inc. Method and system for dynamic network intrusion monitoring, detection and response
US7770223B2 (en) 2001-04-12 2010-08-03 Computer Associates Think, Inc. Method and apparatus for security management via vicarious network devices
US7603709B2 (en) 2001-05-03 2009-10-13 Computer Associates Think, Inc. Method and apparatus for predicting and preventing attacks in communications networks
US7412723B2 (en) 2002-12-31 2008-08-12 International Business Machines Corporation Method and system for morphing honeypot with computer security incident correlation
US8204984B1 (en) * 2004-04-01 2012-06-19 Fireeye, Inc. Systems and methods for detecting encrypted bot command and control communication channels
US9027135B1 (en) * 2004-04-01 2015-05-05 Fireeye, Inc. Prospective client identification using malware attack detection
US7478429B2 (en) * 2004-10-01 2009-01-13 Prolexic Technologies, Inc. Network overload detection and mitigation system and method
WO2007050244A2 (en) * 2005-10-27 2007-05-03 Georgia Tech Research Corporation Method and system for detecting and responding to attacking networks
US8819825B2 (en) 2006-05-31 2014-08-26 The Trustees Of Columbia University In The City Of New York Systems, methods, and media for generating bait information for trap-based defenses
CN101087196B (zh) 2006-12-27 2011-01-26 北京大学 多层次蜜网数据传输方法及系统
US7853680B2 (en) 2007-03-23 2010-12-14 Phatak Dhananjay S Spread identity communications architecture
US9009829B2 (en) 2007-06-12 2015-04-14 The Trustees Of Columbia University In The City Of New York Methods, systems, and media for baiting inside attackers
KR101010302B1 (ko) * 2008-12-24 2011-01-25 한국인터넷진흥원 Irc 및 http 봇넷 보안 관제를 위한 관리 시스템 및 그 방법
US8578497B2 (en) * 2010-01-06 2013-11-05 Damballa, Inc. Method and system for detecting malware
WO2012011070A1 (en) 2010-07-21 2012-01-26 Seculert Ltd. Network protection system and method
US9245114B2 (en) * 2010-08-26 2016-01-26 Verisign, Inc. Method and system for automatic detection and analysis of malware
US8516585B2 (en) * 2010-10-01 2013-08-20 Alcatel Lucent System and method for detection of domain-flux botnets and the like
US8832836B2 (en) 2010-12-30 2014-09-09 Verisign, Inc. Systems and methods for malware detection and scanning
US8555388B1 (en) * 2011-05-24 2013-10-08 Palo Alto Networks, Inc. Heuristic botnet detection
JP5655191B2 (ja) 2011-06-28 2015-01-21 日本電信電話株式会社 特徴情報抽出装置、特徴情報抽出方法および特徴情報抽出プログラム
US8561188B1 (en) * 2011-09-30 2013-10-15 Trend Micro, Inc. Command and control channel detection with query string signature
US20130263226A1 (en) * 2012-01-22 2013-10-03 Frank W. Sudia False Banking, Credit Card, and Ecommerce System
US9356942B1 (en) * 2012-03-05 2016-05-31 Neustar, Inc. Method and system for detecting network compromise
CN102790778A (zh) 2012-08-22 2012-11-21 常州大学 一种基于网络陷阱的DDoS攻击防御系统
CN103051615B (zh) 2012-12-14 2015-07-29 陈晶 一种蜜场系统中抗大流量攻击的动态防御系统
US9027137B2 (en) * 2013-04-22 2015-05-05 Imperva, Inc. Automatic generation of different attribute values for detecting a same type of web application layer attack
US20150047032A1 (en) 2013-08-07 2015-02-12 Front Porch Communications, Inc. System and method for computer security
US9350758B1 (en) 2013-09-27 2016-05-24 Emc Corporation Distributed denial of service (DDoS) honeypots
US20150326592A1 (en) * 2014-05-07 2015-11-12 Attivo Networks Inc. Emulating shellcode attacks
JP6174520B2 (ja) * 2014-05-22 2017-08-02 日本電信電話株式会社 悪性通信パターン検知装置、悪性通信パターン検知方法、および、悪性通信パターン検知プログラム
US10193924B2 (en) 2014-09-17 2019-01-29 Acalvio Technologies, Inc. Network intrusion diversion using a software defined network
US9906538B2 (en) * 2014-12-03 2018-02-27 Guardicore Ltd. Automatic network attack detection and remediation using information collected by honeypots
US9628504B2 (en) * 2015-03-09 2017-04-18 International Business Machines Corporation Deploying a security appliance system in a high availability environment without extra network burden
US20160308898A1 (en) * 2015-04-20 2016-10-20 Phirelight Security Solutions Inc. Systems and methods for tracking, analyzing and mitigating security threats in networks via a network traffic analysis platform
US10621613B2 (en) * 2015-05-05 2020-04-14 The Nielsen Company (Us), Llc Systems and methods for monitoring malicious software engaging in online advertising fraud or other form of deceit
US10476891B2 (en) * 2015-07-21 2019-11-12 Attivo Networks Inc. Monitoring access of network darkspace
US9942270B2 (en) * 2015-12-10 2018-04-10 Attivo Networks Inc. Database deception in directory services
US10097511B2 (en) * 2015-12-22 2018-10-09 Cloudflare, Inc. Methods and systems for identification of a domain of a command and control server of a botnet
US10270789B2 (en) * 2016-01-29 2019-04-23 Acalvio Technologies, Inc. Multiphase threat analysis and correlation engine
US20170289191A1 (en) * 2016-03-31 2017-10-05 Acalvio Technologies, Inc. Infiltration Detection and Network Rerouting
US10176325B1 (en) * 2016-06-21 2019-01-08 Symantec Corporation System and method for dynamic detection of command and control malware
US10516680B1 (en) * 2016-06-22 2019-12-24 NortonLifeLock Inc. Systems and methods for assessing cyber risks using incident-origin information
US10320810B1 (en) * 2016-10-31 2019-06-11 Palo Alto Networks, Inc. Mitigating communication and control attempts
US11038906B1 (en) * 2017-02-03 2021-06-15 Level 3 Communications, Llc Network threat validation and monitoring
WO2018213778A1 (en) * 2017-05-18 2018-11-22 Qadium, Inc. Correlation-driven threat assessment and remediation
US10362057B1 (en) * 2017-06-06 2019-07-23 Acalvio Technologies, Inc. Enterprise DNS analysis
US11470115B2 (en) * 2018-02-09 2022-10-11 Attivo Networks, Inc. Implementing decoys in a network environment
JP6783261B2 (ja) * 2018-02-15 2020-11-11 日本電信電話株式会社 脅威情報抽出装置及び脅威情報抽出システム
US10685116B2 (en) * 2018-02-23 2020-06-16 Mcafee, Llc Anti-ransomware systems and methods using a sinkhole at an electronic device

Also Published As

Publication number Publication date
US11528295B2 (en) 2022-12-13
US20200007575A1 (en) 2020-01-02
PL3588897T3 (pl) 2020-07-27
EP3588897A1 (en) 2020-01-01
CN110659487A (zh) 2020-01-07
EP3588897B1 (en) 2020-04-22
CN110659487B (zh) 2021-11-09
CA3046519A1 (en) 2019-12-30

Similar Documents

Publication Publication Date Title
DK3588897T3 (da) Fremgangsmåde og system til at forsvare en infrastruktur mod et distributed denial of service-angreb
GB2604747B (en) Detection of replay attack
DK3526411T3 (da) Offshore struktursammenkoblingssystem og installationsmetode
SG11202100815XA (en) Cyber defence system
DK3893584T3 (da) Fremgangsmåde til transmission af sounding-referencesignal, terminalindretning og netværksindretning
DK3406490T3 (da) Spildevandshåndteringssystem til køretøjer og tilhørende fremgangsmåde
DK3154224T3 (da) Systemer og fremgangsmåder til at opretholde netværkstjenesteniveauer
DK3735727T3 (da) Elnetsystem
DK3189525T3 (da) Undersøisk elektrisk kabelsystem og fremgangsmåde til drift af et undersøisk kabelsystem
GB2594654B (en) Cyber defence system
DK3401542T3 (da) System og fremgangsmåde til beskyttelse af overflader mod lynnedslag
DK3609227T3 (da) Fremgangsmåde, netværksanordning og terminalanordning til transmission af signal
DK3517083T3 (da) Høreværnssystem og relateret fremgangsmåde
DK3800739T3 (da) Konnektor og forbindelsesfremgangsmåde
DK3618355T3 (da) Systemer og fremgangsmåder til at drive en netværksindretning
DK3710804T3 (da) System og fremgangsmåde til fjernovervågning af integriteten af trykbærende rør ved hjælp af vibroakustiske kilder
DK3660564T3 (da) Kabelhåndteringssystem
DK3622617T3 (da) Elektriske strømsystemer og fremgangsmåder, der bruger forvrængningsfiltre
DK3710897T3 (da) Fremgangsmåde og anordning til cyberangrebsbeskyttelse af pumpeaggregater
DK3378188T3 (da) Fremgangsmåde og system til beskyttelse mod uautoriseret kopiering (antikloning)
DK3841066T3 (da) Afsaltningssystem og fremgangsmåde
DK3703208T3 (da) Elektrisk ledningsrør, forbindelsesstruktur for elektrisk ledningsrør, klokkeblok, fremgangsmåde til forbindelse af elektriske ledningsrør, fremgangsmåde til forbindelse af elektrisk ledningsrør og klokkeblok, rørforbindelse og ringelement
DK3568964T3 (da) Fremgangsmåde til ende-til-ende-overførsel af en krypteret digital information og system til implementering af fremgangsmåden
DK3037635T3 (da) System og fremgangsmåde til behandling af udstødningsgas såvel som skib, der omfatter et sådant system, og anvendelse heraf
DK3622365T3 (da) Effektomformningssystem og fremgangsmåde