ES2524716T3 - Procedimiento y sistema de defensa contra un ataque DDoS - Google Patents
Procedimiento y sistema de defensa contra un ataque DDoS Download PDFInfo
- Publication number
- ES2524716T3 ES2524716T3 ES09011173.3T ES09011173T ES2524716T3 ES 2524716 T3 ES2524716 T3 ES 2524716T3 ES 09011173 T ES09011173 T ES 09011173T ES 2524716 T3 ES2524716 T3 ES 2524716T3
- Authority
- ES
- Spain
- Prior art keywords
- attack
- data
- target server
- server
- terminals
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000007123 defense Effects 0.000 title abstract 2
- 230000002265 prevention Effects 0.000 abstract 2
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Un procedimiento de defensa contra un ataque distribuido de denegación de servicio (DDoS), que comprende las etapas siguientes: que un servidor objetivo de ataques (110) determine (S210) si el servidor objetivo de ataques está sufriendo el ataque DDoS desde una pluralidad de terminales (140, 150, 160, 170, 180, 190) e informe a un servidor de control (130) de que el servidor objetivo de ataques está sufriendo el ataque DDoS enviando información acerca del servidor objetivo de ataques, incluyendo su propia información TCP/IP o UDP/IP, al servidor de control basándose en el resultado de la determinación; que el servidor de control que ha recibido la información acerca del servidor objetivo de ataques confirme que la pluralidad de terminales está transmitiendo datos al servidor objetivo de ataques, envíe datos al servidor objetivo de ataques y transmita (S220) un mensaje de prevención de ataque a la pluralidad de terminales confirmados; que la pluralidad de terminales que hayan recibido el mensaje de prevención de ataque determinen si los terminales están enviando datos al servidor objetivo de ataques; determinar, en función de información de un usuario de cualquiera de los terminales, si el terminal está transmitiendo datos al servidor objetivo de ataques según su intención; si, aunque el usuario no haya emitido un comando para enviar los datos, se determina que el terminal está enviando los datos al servidor objetivo de ataques, que el terminal correspondiente determine que el envío de los datos es el ataque DDoS; y que el terminal correspondiente que haya determinado que el envío de los datos es el ataque DDoS bloquee (S240) el envío de los datos al servidor objetivo de ataques.
Description
Claims (1)
-
imagen1 imagen2
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020080087234A KR100908404B1 (ko) | 2008-09-04 | 2008-09-04 | 분산서비스거부공격의 방어방법 및 방어시스템 |
KR20080087234 | 2008-09-04 |
Publications (1)
Publication Number | Publication Date |
---|---|
ES2524716T3 true ES2524716T3 (es) | 2014-12-11 |
Family
ID=41337762
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
ES09011173.3T Active ES2524716T3 (es) | 2008-09-04 | 2009-08-31 | Procedimiento y sistema de defensa contra un ataque DDoS |
Country Status (6)
Country | Link |
---|---|
US (1) | US8359648B2 (es) |
EP (1) | EP2161898B1 (es) |
JP (1) | JP2010061660A (es) |
KR (1) | KR100908404B1 (es) |
ES (1) | ES2524716T3 (es) |
PT (1) | PT2161898E (es) |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101380015B1 (ko) | 2009-09-22 | 2014-04-14 | 한국전자통신연구원 | 분산서비스거부 공격에 대한 협업형 방어 방법 및 그 장치 |
KR101380096B1 (ko) | 2010-08-13 | 2014-04-02 | 한국전자통신연구원 | 분산 서비스 거부 공격 대응 시스템 및 그 방법 |
KR20120060655A (ko) | 2010-12-02 | 2012-06-12 | 한국전자통신연구원 | 서버 공격을 탐지할 수 있는 라우팅 장치와 라우팅 방법 및 이를 이용한 네트워크 |
EP2807574A4 (en) * | 2012-01-24 | 2015-11-18 | L 3 Comm Corp | METHODS AND APPARATUS FOR MANAGING NETWORK TRAFFIC |
US8856924B2 (en) | 2012-08-07 | 2014-10-07 | Cloudflare, Inc. | Mitigating a denial-of-service attack in a cloud-based proxy service |
FI126032B (en) | 2013-03-07 | 2016-05-31 | Airo Finland Oy | Detection of threats in communication networks |
US9197362B2 (en) | 2013-03-15 | 2015-11-24 | Mehdi Mahvi | Global state synchronization for securely managed asymmetric network communication |
US8978138B2 (en) | 2013-03-15 | 2015-03-10 | Mehdi Mahvi | TCP validation via systematic transmission regulation and regeneration |
US9866587B2 (en) | 2014-04-09 | 2018-01-09 | Entit Software Llc | Identifying suspicious activity in a load test |
CN105812318B (zh) * | 2014-12-30 | 2019-02-12 | 中国电信股份有限公司 | 用于在网络中防止攻击的方法、控制器和系统 |
US11405418B2 (en) | 2020-06-16 | 2022-08-02 | Bank Of America Corporation | Automated distributed denial of service attack detection and prevention |
CN112383411B (zh) * | 2020-10-22 | 2022-11-15 | 杭州安恒信息安全技术有限公司 | 网络安全预警通报方法、电子装置和存储介质 |
CN114257434B (zh) * | 2021-12-14 | 2023-10-13 | 北京知道创宇信息技术股份有限公司 | 一种DDoS攻击防御方法、电子设备及存储介质 |
CN114268509B (zh) * | 2021-12-30 | 2023-07-21 | 天翼物联科技有限公司 | 防范“僵尸”终端ddos攻击的方法以及系统 |
Family Cites Families (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003169056A (ja) * | 2001-12-04 | 2003-06-13 | Murata Mach Ltd | 通信装置及び管理サーバ |
US7099320B1 (en) * | 2002-04-19 | 2006-08-29 | Conxion Corporation | Method and apparatus for detection of and response to abnormal data streams in high bandwidth data pipes |
KR100481614B1 (ko) * | 2002-11-19 | 2005-04-08 | 한국전자통신연구원 | 서비스 거부와 분산 서비스 거부 공격으로부터 정상트래픽을 보호하는 방법 및 그 장치 |
KR20040105355A (ko) * | 2003-06-07 | 2004-12-16 | 주식회사 디지털파루스 | 서비스거부 공격 및 분산 서비스거부 공격 차단 기능을갖는 네트워크 인터페이스 카드와 이를 이용한서비스거부 공격 및 분산 서비스거부 공격 차단방법 |
KR100496923B1 (ko) * | 2003-07-09 | 2005-06-23 | 주식회사 윈스테크넷 | 실시간 관제를 위한 시스템 및 그 운영 방법 |
US7409712B1 (en) * | 2003-07-16 | 2008-08-05 | Cisco Technology, Inc. | Methods and apparatus for network message traffic redirection |
JP4480422B2 (ja) * | 2004-03-05 | 2010-06-16 | 富士通株式会社 | 不正アクセス阻止方法、装置及びシステム並びにプログラム |
KR100632204B1 (ko) * | 2004-03-31 | 2006-10-09 | 아주대학교산학협력단 | 네트워크 상의 공격 탐지 장치 및 그 방법 |
US7620986B1 (en) * | 2004-06-14 | 2009-11-17 | Xangati, Inc. | Defenses against software attacks in distributed computing environments |
US7478429B2 (en) * | 2004-10-01 | 2009-01-13 | Prolexic Technologies, Inc. | Network overload detection and mitigation system and method |
US20060143709A1 (en) * | 2004-12-27 | 2006-06-29 | Raytheon Company | Network intrusion prevention |
JP2006235876A (ja) * | 2005-02-23 | 2006-09-07 | Nippon Telegr & Teleph Corp <Ntt> | DoS攻撃対策システム、およびDoS攻撃対策方法 |
US20060272018A1 (en) * | 2005-05-27 | 2006-11-30 | Mci, Inc. | Method and apparatus for detecting denial of service attacks |
JP4545647B2 (ja) * | 2005-06-17 | 2010-09-15 | 富士通株式会社 | 攻撃検知・防御システム |
US9794272B2 (en) * | 2006-01-03 | 2017-10-17 | Alcatel Lucent | Method and apparatus for monitoring malicious traffic in communication networks |
JP4922620B2 (ja) * | 2006-02-15 | 2012-04-25 | パナソニック株式会社 | ネットワークシステム |
KR100766724B1 (ko) * | 2006-06-20 | 2007-10-17 | (주)한드림넷 | 보안스위치 및 보안시스템 및 방법 |
EP2130350B1 (en) * | 2007-03-28 | 2018-04-11 | British Telecommunications public limited company | Identifying abnormal network traffic |
US20090013404A1 (en) * | 2007-07-05 | 2009-01-08 | Alcatel Lucent | Distributed defence against DDoS attacks |
US8286243B2 (en) * | 2007-10-23 | 2012-10-09 | International Business Machines Corporation | Blocking intrusion attacks at an offending host |
US8370937B2 (en) * | 2007-12-03 | 2013-02-05 | Cisco Technology, Inc. | Handling of DDoS attacks from NAT or proxy devices |
-
2008
- 2008-09-04 KR KR1020080087234A patent/KR100908404B1/ko not_active IP Right Cessation
-
2009
- 2009-08-31 ES ES09011173.3T patent/ES2524716T3/es active Active
- 2009-08-31 EP EP09011173.3A patent/EP2161898B1/en active Active
- 2009-08-31 PT PT90111733T patent/PT2161898E/pt unknown
- 2009-09-01 US US12/551,784 patent/US8359648B2/en not_active Expired - Fee Related
- 2009-09-01 JP JP2009201206A patent/JP2010061660A/ja active Pending
Also Published As
Publication number | Publication date |
---|---|
EP2161898B1 (en) | 2014-10-22 |
JP2010061660A (ja) | 2010-03-18 |
EP2161898A1 (en) | 2010-03-10 |
US20100058471A1 (en) | 2010-03-04 |
US8359648B2 (en) | 2013-01-22 |
PT2161898E (pt) | 2015-01-02 |
KR100908404B1 (ko) | 2009-07-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
ES2524716T3 (es) | Procedimiento y sistema de defensa contra un ataque DDoS | |
ES2480140T3 (es) | Método, sistema y elemento de red para procesamiento de servicio después de la invalidación de datos de elemento de red y que se produzca un fallo operativo | |
US9197666B2 (en) | Method and apparatus for mitigating distributed denial of service attacks | |
Gurung et al. | A dynamic threshold based approach for mitigating black-hole attack in MANET | |
KR20150098635A (ko) | 블루투스 및 하이브리드―모드 송신기들을 이용한 존재 검출 | |
MX2008011962A (es) | Metodo de posicionamiento de ubicacion en traspaso entre redes. | |
EP3747180B1 (en) | Controlling migration of a quic connection | |
BRPI0707508A8 (pt) | equipamento e método para acesso rápido em um sistema de comunicação sem fio | |
US10686832B2 (en) | Dynamic allocation of a signal receiver for dissemination of threat information | |
US10178015B2 (en) | Methods, systems, and computer readable media for testing network equipment devices using connectionless protocols | |
WO2008001247A3 (en) | A sip redirect server for managing a denial of service attack | |
WO2012096438A3 (ko) | 푸시 메시지 전송 방법 | |
WO2015014215A1 (en) | Domain name resolution method, system and device | |
TW201535141A (zh) | 網路設備及其防止位址解析協定報文攻擊的方法 | |
FR2920935B1 (fr) | Procede pour echanger des requetes entre l'application informatique d'un terminal mobile et un serveur de messagerie instantanee | |
EP2028820A3 (en) | Method and apparatus for checking round trip based on challenge response as well as computer readable medium having recorded thereon program for the method | |
EP2210393A4 (en) | SYSTEM AND METHOD FOR DIAMETER TYPE PREFIX ADVERTISING AUTHORIZATION | |
JP2017515398A5 (es) | ||
KR20090076612A (ko) | 상호 협력적인 다중 서버를 통한 침입 탐지 시스템 및 방법그리고 침입 탐지 통제 시스템 및 방법 | |
FI20055552L (fi) | Menetelmä, järjestelmä ja välipalvelin IP-yhteispalveluntarjontaverkkoa varten | |
JP2008172778A5 (es) | ||
KR20130130335A (ko) | 무선 네트워크에서의 라우팅 기반 효율적 통신 교란 방법 및 그 장치 | |
BRPI0606597A2 (pt) | sistema de segurança para uma rede móvel, método implementado pelo mesmo e meio legìvel por computador | |
JP2007258986A (ja) | 通信装置、通信方法および通信プログラム | |
JP6220709B2 (ja) | 通信制御装置、通信制御方法、及びプログラム |