首页>
外国专利>
DNS FLOODING ATTACK DETECTING METHOD ACCORDING TO A PROPERTY OF ATTACK TRAFFIC CAPABLE OF PROVIDING A SMOOTH NETWORK SERVICE TO A NORMAL USER
DNS FLOODING ATTACK DETECTING METHOD ACCORDING TO A PROPERTY OF ATTACK TRAFFIC CAPABLE OF PROVIDING A SMOOTH NETWORK SERVICE TO A NORMAL USER
展开▼
机译:根据向普通用户提供平滑网络服务的攻击流量的属性的DNS洪流攻击检测方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
PURPOSE: A DNS flooding attack detecting method according to a property of attack traffic is provided to block only attack traffic caused by a malicious user while protecting the traffic of a normal user.;CONSTITUTION: The generation of a DNS packet within a critical time is determined(432). The DNS packet includes a message of the same type as a message included in a transmitted packet. The DNS packet includes a specific filed value and a specific address same as the transmitted packet. If the DNS packet within the critical time is generated more than a predetermined number, the transmitted packet is determined as packets related to an attack(433).;COPYRIGHT KIPO 2013;[Reference numerals] (410) Detecting a DNS packet; (411) DNS inquiry?; (421,432) Same SIP/DIP/DNS ID exists?; (422) Generating an entry; (431) DNS response?; (433) Cutting off the packet; (434) Removing the entry; (AA,DD,EE,GG) No; (BB,CC,FF,HH) Yes
展开▼