WO2008131650A1 - Procédé de furetage de dhcp et dispositif associé - Google Patents

Procédé de furetage de dhcp et dispositif associé Download PDF

Info

Publication number
WO2008131650A1
WO2008131650A1 PCT/CN2008/070011 CN2008070011W WO2008131650A1 WO 2008131650 A1 WO2008131650 A1 WO 2008131650A1 CN 2008070011 W CN2008070011 W CN 2008070011W WO 2008131650 A1 WO2008131650 A1 WO 2008131650A1
Authority
WO
WIPO (PCT)
Prior art keywords
dhcp
binding table
user
blacklist
packet
Prior art date
Application number
PCT/CN2008/070011
Other languages
English (en)
Chinese (zh)
Inventor
Xuefei Tan
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2008131650A1 publication Critical patent/WO2008131650A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]

Definitions

  • the present invention relates to the field of communication network technologies, and in particular, to a DHCP listening method and device thereof. Background technique
  • DHCP Dynamic Host Configuration Protocol
  • the current common method is to enable DHCP Snooping on the access device's network device, such as the gateway switch.
  • DHCP snooping establishes a DHCP binding table by listening to DHCP messages.
  • the DHCP binding table entries include: Internet Protocol (IP) address, Media Access Control (MAC) address, inbound port number, and Virtual LAN (VLAN) number.
  • IP Internet Protocol
  • MAC Media Access Control
  • VLAN Virtual LAN
  • ARP address resolution protocol
  • the schematic diagram of the basic scheme is shown in Figure 1.
  • the MAC address and IP address of User B are: B, 10.1.1.2;
  • the MAC address and IP address of User C are: C, 10.1.1.3; MAC address and IP of network device A
  • the address is: A, 10.1.1.1.
  • DHCP binding table shown in Table 1 below is established by analyzing all DHCP messages in the application process by analyzing the monitored DHCP messages.
  • the gateway switch detects the ARP packet.
  • the information carried in the ARP packet is used to find the DHCP binding table, where the ARP packet is sent.
  • the information carried in the file includes the source MAC address, the source IP address (or the IP address declared in the ARP payload), and the ingress port information.
  • the gateway switch is based on the MAC address and the IP address is 10.1.1.1. If the inbound port number is E2 and the VLAN ID is 3, look for the DHCP binding table and find that it cannot hit the DHCP binding table.
  • the gateway switch discards the ARP packet. Therefore, the spoofed ARP packet cannot reach any other user including user B, thereby suppressing user C's attack behavior.
  • the DHCP binding table will be correctly hit at the gateway switch to access the external network normally.
  • the user can access the Internet after the user successfully requests the IP address through DHCP. It depends on whether the user packet can hit a DHCP binding table of the gateway switch (that is, it can be extracted from the user packet). The related information is the same as the one in the DHCP binding table on the gateway switch. If no DHCP binding table entry matches the related information extracted in the user packet, the user packet will be lost. abandoned.
  • the corresponding DHCP binding table should exist on the gateway switch, but the DHCP binding table or some of the entries are It may be abnormally lost, such as:
  • a gateway needs to access a large number of users, and the space for storing the DHCP binding table is limited, it is necessary to age the DHCP binding table that has not been hit for a long time (to invalidate the DHCP binding table), or The DHCP binding table of the new user cannot be created normally due to insufficient space;
  • the DHCP snooping-enabled network device is restarted.
  • the original DHCP binding table loses some entries during the save recovery process.
  • the DHCP snooping-enabled network device may also lose the DHCP binding table due to its internal communication.
  • the user who has obtained the address through DHCP before the device is enabled will have no corresponding DHCP binding table on the network device.
  • the user can also be understood as the DHCP binding table of the user. Abnormally lost.
  • the switch sends any packet, and can only wait for the address that has been applied for by DHCP to expire or manually release the address, and then initiate the DHCP address application again. After successfully applying for the address, the user can access the Internet.
  • the packet of user B does not have a corresponding DHCP binding table on the gateway switch, causing the gateway switch to look for DHCP binding. If the table fails, all the packets sent by user B except the DHCP first address request message are discarded. At this time, if User B needs to continue to access the Internet, there are only two ways:
  • the technical problem to be solved by the present invention is to provide a DHCP listening method and device.
  • the DHCP binding table is abnormally lost, the Internet access function is quickly restored when the user barely perceives.
  • the present invention provides a DHCP snooping method, including: receiving a user packet and determining whether it hits the first DHCP binding table, and when the determining result is that the user packet misses the first A DHCP binding table is sent to the user to trigger the user to re-initiate the DHCP request for the first address request.
  • the present invention provides a DHCP listening device, which is configured to listen to user messages received by a network device, and includes:
  • a binding table storage unit configured to store a DHCP binding table
  • a hitting determining unit configured to search the DHCP binding table according to the information in the user packet, and determine whether the user packet hits the first DHCP binding table
  • the anti-confirmation unit is configured to: when the judgment result of the hit determination unit is that the user packet misses the first DHCP binding table, send a DHCP to the user to trigger the user to re-initiate the first address request Message.
  • the implementation of the present invention has the following beneficial effects:
  • the DHCP snooping method and the device thereof may be configured to send a DHCPNAK packet to the user after the received user packet fails to hit the DHCP binding table, so that the user initiates the first address after receiving the DHCPNAK packet. Apply, and then re-establish the DHCP binding table, and continue to access the Internet if the user does not know.
  • FIG. 1 is a schematic diagram of application of a DHCP snooping method in the prior art
  • Embodiment 1 of a DHCP snooping method according to the present invention
  • Embodiment 3 is a schematic flowchart of Embodiment 3 of a DHCP listening method in the present invention
  • FIG. 4 is a schematic flow chart of an embodiment of S3003 in FIG. 3;
  • FIG. 5 is a schematic diagram of the functional module of the first embodiment of the DHCP listening device of the present invention
  • FIG. 6 is a schematic diagram of the functional module of the second embodiment of the DHCP monitoring device of the present invention
  • FIG. 7 is a schematic diagram of the third embodiment of the DHCP monitoring device of the present invention. Schematic diagram of module composition. detailed description
  • FIG. 2 shows a flow of Embodiment 1 of the DHCP snooping method of the present invention, and the embodiment includes the following steps:
  • S2001 Receive a user packet and determine whether it hits the DHCP binding table. If the determination result is yes, the user packet is forwarded according to the prior art; otherwise, S2002 is performed;
  • S2002 Send a DHCP message to the user to trigger the user to re-initiate the first address request, where the DHCP message may be a DHCPNAK message, but is not limited thereto.
  • the packet when the user packet cannot hit the DHCP binding table, the packet is not directly discarded as in the prior art.
  • the access device the network switch in the figure
  • the user message is redirected to the DHCP snooping unit, and the DHCP snooping unit sends a DHCPNAK message to the user B.
  • the DHCPNAK message is used to enable the access device to notify the user B that the IP address is unavailable.
  • the first address request is re-initiated, and then the access device discards the user packet that misses the DHCP binding table. Then, after receiving the DHCPNAK packet, the user B will automatically re-initiate the first-time address request according to the DHCP protocol.
  • the DHCP snooping unit re-establishes the corresponding user by listening to the DHCP message exchanged during the first-time address application.
  • B's DHCP binding table user B can go online as usual after successfully applying for an address. The entire process does not require manual operation by the user.
  • the DHCP binding table can be re-established without the user's perception, and the user can quickly access the Internet as usual.
  • the gateway switch mentioned here and below is only a special case, and the access device may include all network devices that support DHCP snooping.
  • the present invention further provides another embodiment of the DHCP snooping method, and the embodiment (Embodiment 2) is different from the previous embodiment in that the method further includes the following steps: from the miss DHCP binding table In the user packet, the inbound port information, the VLAN information, the source MAC address, and the source IP address are extracted to create a DHCP blacklist binding table.
  • the reason why it is called the DHCP blacklist binding table is because the user packet is only an attack packet sent by the hacker. The DHCP binding table corresponding to the hacker is not lost.
  • a corresponding DHCP blacklist binding table in order to facilitate tracking the attack behavior of the hacker, a corresponding DHCP blacklist binding table.
  • the DHCP binding table entry of the prior art includes four fields: a MAC address, an IP address, a port number, and a VLAN number, as shown in Table 1.
  • two fields are added to the DHCP binding table (described below in the first DHCP binding table) in the first embodiment: Binding table type
  • the field and hit frequency fields form a new DHCP binding table (described below in the second DHCP binding table).
  • the second binding table is shown in Table 2 below.
  • the binding table type field (the BLK field in the following Table 2) is used to identify whether the second DHCP binding table entry is the first DHCP binding table entry, or the DHCP blacklist binding table table mentioned in the present invention.
  • the entry (the BLK field is true to indicate that the second DHCP binding table entry is a DHCP blacklist binding table entry);
  • the hit frequency field (the RATE field in Table 2 below) is used when the second DHCP binding table entry is
  • the frequency information of the DHCP blacklist binding table entry being hit by the user 4 is recorded. (Of course, the frequency of the first DHCP binding table entry being hit by the user packet may also be recorded. information).
  • S3001 After forming the second DHCP binding table, receiving a subsequent user packet and determining whether it hits the second DHCP binding table. If the determination result is yes, executing S3002, otherwise, following the DHCP server to the The user sends a DHCPNAK packet.
  • step S3002 Determine whether the second DHCP binding table entry of the subsequent user packet is the DHCP blacklist binding table entry. If the determination result is yes, go to step S3003. Otherwise, forward the device according to the prior art. Subsequent user messages;
  • S3003 Process the subsequent user message according to a predetermined configuration policy. Specifically, when the received subsequent user message cannot hit the second DHCP binding table, in the embodiment, as in the embodiment, the DHCP server sends a DHCPNAK message to the user, triggering the user to re-initiate. The first address is applied, and the corresponding DHCP binding table is re-established. When the received subsequent user packet hits the second DHCP binding table, the subsequent user message is not directly used in the prior art as in the first embodiment. And forwarding, according to the binding table type field in the second DHCP binding table, further determining whether the second DHCP binding table entry that the subsequent user packet hits is a DHCP blacklist binding table entry.
  • the first DHCP binding table entry is hit, it indicates that the user packet is not a spoofing attack packet, and is forwarded according to the prior art; if the hit is the DHCP blacklist binding table provided by the present invention.
  • the entry indicates that the subsequent user packet may be an attack packet, and the subsequent user packet may be processed according to the predetermined configuration policy, including the record that the corresponding entry of the DHCP blacklist binding table is hit by the user packet.
  • the frequency information that is, how many times it was hit within a predetermined time period (the predetermined time period can be configured according to actual conditions).
  • the device can process the user packet according to the type of the entry in the DHCP binding table that is hit by the user packet, and enhance the device's ability to identify the attack packet.
  • the predetermined configuration policy may be: if the rate at which the user sends the user packet exceeds a preset rate limit value, the packet is discarded; if not, the user is discarded.
  • the rate of the user packet can be calculated by the frequency information recorded in the hit frequency field of the DHCP blacklist binding table entry. For example, the recorded frequency information is the corresponding entry of the DHCP blacklist binding table.
  • the frequency information recorded in the hit frequency field of the corresponding DHCP blacklist binding table entry is 0.03/s, and the corresponding user packet transmission rate can be obtained (that is, the user report
  • the sending frequency of the text, according to the RATE field expression in the second HDCP table, the sending rate value of the user packet may be taken as 0.03/s.
  • FIG. 4 a flowchart of an implementation manner of S3003 is as shown in FIG. 4, and includes the following steps:
  • S4001 Record, according to the hit situation of the subsequent user packet, the frequency information that the corresponding entry of the DHCP blacklist binding table is hit by the user packet;
  • S4002 Calculate a sending rate of the user packet according to the frequency information, and compare a size relationship between the sending rate and a preset rate limiting value. If the sending rate is greater than the rate limiting value, discard the Describe the subsequent user message, otherwise, execute S4003;
  • S4003 Sending a DHCPNAK packet to the user according to the DHCP server;
  • the present invention further provides an embodiment of a DHCP listening device, and a schematic diagram of a functional module of the DHCP listening device embodiment 1 is shown in FIG. 5.
  • the DHCP monitoring device is configured to listen to user packets received by the network device, and includes a binding table storage unit 4, a hit determination unit 8, and an anti-confirmation unit 1.
  • the binding table storage unit 4 is configured to store a DHCP binding table.
  • the hit determination unit 8 is configured to search the DHCP binding table stored in the binding table storage unit according to the information in the user packet received by the network device, and determine whether the user packet hits the DHCP binding table, and When the judgment result is yes, the network device is instructed to forward the user message.
  • the anti-confirmation unit 1 is configured to send, to the user, a DHCP message for triggering the user to re-initiate the first-time address application when the result of the determination by the hit determination unit is that the user message misses the DHCP binding table.
  • the anti-confirmation unit 1 may send a DHCPNAK message to the user according to the DHCP server, and notify the user of the IP address. The address is no longer available. Please re-initiate the first-time address request. After receiving the DHCPNAK message, the user initiates the first-time address request.
  • the DHCP listening device listens to the DHCP message sent in the first-time address application process and re-establishes the corresponding DHCP binding. table. User application After the address is successful, you can go online as usual.
  • the DHCP binding table when the DHCP binding table is lost, the DHCP binding table can be automatically re-established without the user being aware of, so that the user can access the Internet as usual.
  • the schematic diagram of the function module of the second embodiment of the DHCP monitoring device of the present invention is as shown in FIG. 6.
  • the difference from the first embodiment is that the blacklist binding table unit 2 is further included, and the judgment result of the hit determination unit 8 is
  • the user packet does not match the DHCP binding table of the first embodiment (described below in the first DHCP binding table), that is, when the received user packet cannot hit the first DHCP binding table, the user is extracted.
  • the reason for the DHCP blacklist binding table is that the user packet is only an attack packet sent by the hacker.
  • the DHCP binding table corresponding to the hacker is not lost.
  • the blacklist binding is used to facilitate tracking of the hacker's attack behavior.
  • Table 2 establishes the corresponding DHCP blacklist binding table.
  • two fields are added to the DHCP binding table in the first embodiment (described below in the first DHCP binding table): a binding table type field and a hit frequency field.
  • a new DHCP binding table is formed (described below in the second DHCP binding table), and the second binding table is as shown in Table 2 above.
  • the binding table type field (the BLK field in Table 2 above) is used to identify whether the second DHCP binding table entry is the first DHCP binding table entry, or the DHCP blacklist binding table table mentioned in the present invention. item
  • the BLK field is true to indicate that the second DHCP binding table entry is a DHCP blacklist binding table entry
  • the hit frequency field (the RATE field in Table 2 above) is used when the second DHCP binding table entry is DHCP.
  • the frequency information of the DHCP packet blacklist binding table entry being hit by the user packet is recorded (of course, the frequency information of the first DHCP binding table entry being hit by the user packet may also be recorded) .
  • the behavior information of the attacker can be effectively tracked according to the recorded frequency information and the like, so that the network management can perform analysis.
  • FIG. 7 is a schematic diagram showing the structure of a function of the improved DHCP listening device, that is, the function module of the third embodiment.
  • the method further includes a type determining unit 5, a first processing unit 6, and a second Processing unit 7.
  • the type judging unit 5 is configured to: when the judgment result of the hit judging unit 8 is that the subsequent user packet received by the network device hits the second DHCP binding table, that is, when the received subsequent user packet hits When the second DHCP binding table is described, the binding table type field is read, and it is determined whether the second DHCP binding table entry that the subsequent user packet hits is a DHCP blacklist binding table entry.
  • First processing order The element 6 receives the determination result of the type judging unit 5, and when the judgment result of the type judging unit 5 is that the second DHCP binding table entry that the subsequent user packet hits is a DHCP blacklist binding table entry, And processing the subsequent user message according to a predetermined configuration policy.
  • the second processing unit 7 receives the determination result of the type judging unit 5, and the second DHCP binding table entry hit by the subsequent user is not the DHCP blacklist binding table when the type judging unit 5 determines.
  • the network device is triggered to forward the user packet according to the prior art.
  • the first processing unit 6 further includes a recording unit 61, a rate calculating unit 62, and a comparing unit 63.
  • the recording unit 61 is configured to record frequency information that the DHCP blacklist binding table corresponding entry is hit according to the hit situation of the subsequent user message.
  • the rate calculation unit 62 is configured to calculate a transmission rate of the user packet according to the frequency information recorded by the recording unit 61.
  • the recorded frequency information is the user of the DHCP blacklist binding table corresponding to the entry within 2 minutes.
  • the corresponding user packet transmission rate is 0.03/s.
  • the comparing unit 63 is configured to trigger the de-acknowledgment unit 1 to send a DHCP message to the user to trigger the user to re-initiate the first-time address request, otherwise the network device is triggered. The subsequent user message is discarded.
  • the behavior information of the attacker can be tracked, and the attack recognition capability of the device can be enhanced, thereby effectively preventing the denial of service attack by the malicious user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

L'invention concerne un procédé de furetage de DHCP, qui permet de transmettre le message DHCP pour amener les utilisateurs à réinitialiser la première application d'adresse aux utilisateurs, et faire en sorte que les utilisateurs lancent la première application d'adresse après réception du message DHCPNAK lorsque le message utilisateurs reçu ne peut pas atteindre la liste de liaison DHCP du fait de la perte anormale de cette liste. La liste de liaison DHCP peut donc être reconstruite sans prendre en compte les utilisateurs, ce qui permet par conséquent d'obtenir l'accès au réseau comme à l'accoutumée. L'invention concerne également un dispositif de furetage de DHCP.
PCT/CN2008/070011 2007-04-25 2008-01-03 Procédé de furetage de dhcp et dispositif associé WO2008131650A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNB2007100277103A CN100499528C (zh) 2007-04-25 2007-04-25 一种dhcp监听方法及其装置
CN200710027710.3 2007-04-25

Publications (1)

Publication Number Publication Date
WO2008131650A1 true WO2008131650A1 (fr) 2008-11-06

Family

ID=38889879

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/070011 WO2008131650A1 (fr) 2007-04-25 2008-01-03 Procédé de furetage de dhcp et dispositif associé

Country Status (2)

Country Link
CN (1) CN100499528C (fr)
WO (1) WO2008131650A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110677508A (zh) * 2019-09-06 2020-01-10 四川天邑康和通信股份有限公司 白盒子工程ip网络优化

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100499528C (zh) * 2007-04-25 2009-06-10 华为技术有限公司 一种dhcp监听方法及其装置
CN100563149C (zh) * 2007-04-25 2009-11-25 华为技术有限公司 一种dhcp监听方法及其装置
CN101431428B (zh) * 2007-11-09 2011-07-27 中国电信股份有限公司 安全监控服务恢复方法及系统
CN104683500B (zh) * 2015-03-25 2017-12-15 新华三技术有限公司 一种安全表项生成方法和装置
CN105991791A (zh) * 2015-05-12 2016-10-05 杭州迪普科技有限公司 报文转发方法及装置

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1450766A (zh) * 2002-04-10 2003-10-22 深圳市中兴通讯股份有限公司 一种基于动态主机配置协议的用户管理方法
CN1458760A (zh) * 2002-05-15 2003-11-26 华为技术有限公司 一种宽带网络的安全接入方法
CN1549546A (zh) * 2003-05-09 2004-11-24 中兴通讯股份有限公司 使用dhcp协议实现pppoe用户动态获取ip地址的装置及方法
CN1571350A (zh) * 2003-07-11 2005-01-26 华为技术有限公司 一种通过数据报文触发用户终端上线的方法
CN101039223A (zh) * 2007-04-25 2007-09-19 华为技术有限公司 一种dhcp监听方法及其装置
CN101039176A (zh) * 2007-04-25 2007-09-19 华为技术有限公司 一种dhcp监听方法及其装置

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1450766A (zh) * 2002-04-10 2003-10-22 深圳市中兴通讯股份有限公司 一种基于动态主机配置协议的用户管理方法
CN1458760A (zh) * 2002-05-15 2003-11-26 华为技术有限公司 一种宽带网络的安全接入方法
CN1549546A (zh) * 2003-05-09 2004-11-24 中兴通讯股份有限公司 使用dhcp协议实现pppoe用户动态获取ip地址的装置及方法
CN1571350A (zh) * 2003-07-11 2005-01-26 华为技术有限公司 一种通过数据报文触发用户终端上线的方法
CN101039223A (zh) * 2007-04-25 2007-09-19 华为技术有限公司 一种dhcp监听方法及其装置
CN101039176A (zh) * 2007-04-25 2007-09-19 华为技术有限公司 一种dhcp监听方法及其装置

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110677508A (zh) * 2019-09-06 2020-01-10 四川天邑康和通信股份有限公司 白盒子工程ip网络优化

Also Published As

Publication number Publication date
CN101039223A (zh) 2007-09-19
CN100499528C (zh) 2009-06-10

Similar Documents

Publication Publication Date Title
WO2008131658A1 (fr) Procédé et dispositif pour fureter le dhcp
WO2021008028A1 (fr) Procédé de traçage de et de protection contre une source d'attaque de réseau, dispositif de électronique et support de stockage informatique
WO2008141584A1 (fr) Procédé, système et équipement de traitement de message
US8918875B2 (en) System and method for ARP anti-spoofing security
WO2017088326A1 (fr) Procédé, dispositif et système de traitement de connexion tcp
US7234161B1 (en) Method and apparatus for deflecting flooding attacks
US20110167108A1 (en) Web page tamper-froof device, method and system
WO2008131667A1 (fr) Procédé, dispositif d'identification des flux de services et procédé, système de protection contre une attaque par déni de service
US20140325648A1 (en) Attack Defense Method and Device
WO2011140795A1 (fr) Procédé et dispositif de commutation permettant d'empêcher une attaque par mystification d'adresse de contrôle d'accès au support
WO2009140878A1 (fr) Procédé, dispositif de réseau et système de réseau équipés d'une défense contre des attaques par déni de service distribué (ddos)
CN108270722B (zh) 一种攻击行为检测方法和装置
WO2008131650A1 (fr) Procédé de furetage de dhcp et dispositif associé
WO2011079669A1 (fr) Procédé, dispositif et système de protection vis-à-vis d'une attaque de réseau
WO2011020254A1 (fr) Procédé et dispositif pour prévenir des attaques de réseau
US20070220256A1 (en) Electronic mechanical device
KR100533785B1 (ko) Dhcp 패킷을 이용한 동적 ip 주소할당 환경에서의arp/ip 스푸핑 자동 방지 방법
Yaibuates et al. A combination of ICMP and ARP for DHCP malicious attack identification
CN106101088B (zh) 清洗设备、检测设备、路由设备和防范dns攻击的方法
WO2019096104A1 (fr) Prévention contre les attaques
CN110198290B (zh) 一种信息处理方法、设备、装置及存储介质
WO2010048808A1 (fr) Procédé, système et passerelle permettant de prévenir les attaques réseau
WO2009018769A1 (fr) Procédé et dispositif réseau de défense contre une attaque par message invalide
WO2012100494A1 (fr) Procédé et appareil destinés à améliorer la sécurité de la recherche pour la découverte du voisinage
CN106453350B (zh) 一种防攻击的方法及装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08700038

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08700038

Country of ref document: EP

Kind code of ref document: A1