Detection Control Method and Apparatus of Flooding Attack

Detection Control Method and Apparatus of Flooding Attack

An apparatus and a method for blocking a harmful traffic are disclosed. According to an embodiment of the present invention, a method for blocking a harmful traffic, when the amount of traffic in a DNS query that is sent from a client to a DNS server exceeds the preset amount of traffic, generates a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: YOO, KWAN WOO
Format: Patent
Sprache:eng ; kor
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:An apparatus and a method for blocking a harmful traffic are disclosed. According to an embodiment of the present invention, a method for blocking a harmful traffic, when the amount of traffic in a DNS query that is sent from a client to a DNS server exceeds the preset amount of traffic, generates a CNAME including a predetermined hash value in the DNS query and transmits the generated CNAME to the client and determines and blocks, when the DNS query for the CNAME is transmitted from the client, the traffic as a harmful traffic when the integrity of the hash value is not verified by checking whether the hash value of the transmitted DNS query is integrity. 유해 트래픽 차단 장치 및 방법이 개시된다. 본 발명의 일 실시예에 따른 유해 트래픽 차단 방법은, 클라이언트에서 DNS 서버로 전송되는 DNS 질의의 트래픽 양이 기 설정된 트래픽 양을 초과하는 경우, DNS 질의에 소정의 해시 값을 포함시킨 CNAME을 발생시켜 클라이언트로 전송하고, 그 이후 클라이언트로부터 CNAME에 대한 DNS 질의가 전송되면, 전송되는 DNS 질의의 해시 값 무결성 여부를 확인하여, 해시 값 무결성 여부가 확인되지 않는 경우, 유해 트래픽으로 판단하여 차단한다.