METHOD AND DEVICE FOR DDOS ATTACK IDENTIFICATION

WIPO Patent Application WO/2017/107804

A1

The invention provides a method and device for DDoS attack identification. The method comprises: performing network protocol analysis on a DDoS attack program to extract a network protocol used by the DDoS attack program; searching a network for machines running DDoS attack controller programs based on the network protocol to confirm the identity of a central DDoS attack server; performing attack identification by emulating a zombie machine controlled by the server based on the network protocol and receiving an attack command from the server. On the basis of the technical solution proposed in the present invention, the central server controlling the zombie machines at the source of the DDoS attack can be found, and the real attacker behind the attack can be identified.

WO/1999/055040	ACCESS CONTROL METHOD AND APPARATUS
JP4280284	Providing services in communication systems
WO/2011/033488	USING MOBILE TERMINALS FOR TEXT ENTRY IN IPTV CHAT SESSIONS

LI RAN (CN)
WANG HAIDONG (CN)
SONG JIASHENG (CN)
CUI YISHAN (CN)
ZHANG JIANFEI (CN)
LIANG YONGXI (CN)
ZHOU XIAOMIN (CN)
YE GENSHEN (CN)

PCT/CN2016/109604

June 29, 2017

December 13, 2016

Click for automatic bibliography generation  

ALIBABA GROUP HOLDING LTD (CN)
LI RAN (CN)
WANG HAIDONG (CN)
SONG JIASHENG (CN)
CUI YISHAN (CN)
ZHANG JIANFEI (CN)
LIANG YONGXI (CN)
ZHOU XIAOMIN (CN)
YE GENSHEN (CN)

H04L29/06

CN101360019A	2009-02-04
CN102546298A	2012-07-04
CN101321171A	2008-12-10
US20130074183A1	2013-03-21

CO-HORIZON INTELLECTUAL PROPERTY INC. (CN)

View/Download PDF      PDF Help

Previous Patent: MULTI-CHANNEL GRAPHIC IMAGE PROCESSING SYSTEM AND METHOD FOR DRONE

Next Patent: METHOD AND DEVICE FOR DETERMINING TITLE TEXT OF MERCHANDISE OBJECT