中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

1 records (took 0.016 seconds)

    블룸 필터를 이용한 SIP 서비스 거부 공격 대응 장치 및 방법
    1.
    发明授权
    블룸 필터를 이용한 SIP 서비스 거부 공격 대응 장치 및 방법 有权
    使用BLOOM FILTER的对策测量装置和防止SIP流水攻击的方法

    公开(公告)号:KR101381614B1

    公开(公告)日:2014-04-10

    申请号:KR1020120118408

    申请日:2012-10-24

    Applicant: 아주대학교산학협력단

    Inventor: 김주완 류제택 류기열 노병희

    IPC: H04L12/26 H04L12/22 H04L29/06

    CPC classification number: H04L63/1458 H04L63/1416 H04L65/1006

    Abstract: Disclosed are an apparatus and a method for counteracting against SIP service denial attack using a bloom filter. An apparatus for counteracting against SIP service denial attack according to an embodiment of the present invention comprises a whitelist management unit for forming a whitelist by recording session information of a corresponding session in a bloom filter when the session is normally constructed using a session initiation protocol (SIP) server; an attack detection unit for detecting the occurrence of the SIP service denial attack based on how many times the whitelist does not include the session information included in each of SIP messages loaded into the SIP server from a network in a unit time period; and a filtering unit for filtering the SIP message loaded into the SIP server after the attack is occurred according to the existence of the session information in the SIP message loaded into the SIP server after the SIP service denial attack is occurred in the whitelist. [Reference numerals] (10) SIP service denial attack counteracting device; (11) White list management unit; (12) White list configuration unit; (13) White list; (14) Attack detection unit; (15) Calculation unit; (16) Attack determination unit; (17) Selecting operation control unit; (18) Selecting unit; (19) White list request unit; (20) Attack message determination unit; (21) Selection control unit; (30) SIP server; (AA) SIP message

    Abstract translation: 公开了一种用于使用bloom过滤器来抵消针对SIP服务拒绝攻击的装置和方法。 根据本发明的实施例的用于抵消SIP服务拒绝攻击的装置包括:白名单管理单元,用于通过在会话正常使用会话发起协议构建会话时通过在布隆过滤器中记录相应会话的会话信息来形成白名单(whitelist) SIP)服务器; 攻击检测单元,用于基于白名单在单位时间段内不包括从网络加载到SIP服务器的每个SIP消息中包括的会话信息的多少次来检测SIP服务拒绝攻击的发生; 以及过滤单元,用于在发起攻击之后,根据在白名单中发生SIP服务拒绝攻击之后加载到SIP服务器中的SIP消息中的会话信息的存在来过滤加载到SIP服务器中的SIP消息。 (附图标记)(10)SIP服务拒绝攻击对抗装置; (11)白名单管理单位; (12)白名单配置单位; (13)白名单; (14)攻击检测单元; (15)计算单位; (16)攻击判定单元; (17)选择运行控制单元; (18)选择单位; (19)白名单要求单位; (20)攻击消息确定​​单元; (21)选择控制单元; (30)SIP服务器; (AA)SIP消息

Patent Agency Ranking