CN116318801A - SOHO router data modification method - Google Patents
SOHO router data modification method Download PDFInfo
- Publication number
- CN116318801A CN116318801A CN202211673853.2A CN202211673853A CN116318801A CN 116318801 A CN116318801 A CN 116318801A CN 202211673853 A CN202211673853 A CN 202211673853A CN 116318801 A CN116318801 A CN 116318801A
- Authority
- CN
- China
- Prior art keywords
- data packet
- data
- packet
- router
- modified
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000002715 modification method Methods 0.000 title claims abstract description 20
- 238000012545 processing Methods 0.000 claims description 28
- 230000006854 communication Effects 0.000 claims description 22
- 238000012986 modification Methods 0.000 claims description 22
- 230000004048 modification Effects 0.000 claims description 22
- 238000004891 communication Methods 0.000 claims description 21
- 238000000034 method Methods 0.000 claims description 14
- 238000004458 analytical method Methods 0.000 claims description 9
- 238000001914 filtration Methods 0.000 claims description 8
- 238000012216 screening Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 7
- 238000012360 testing method Methods 0.000 description 4
- 230000006399 behavior Effects 0.000 description 3
- 238000001514 detection method Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000010276 construction Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000005065 mining Methods 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 206010001488 Aggression Diseases 0.000 description 1
- 230000016571 aggressive behavior Effects 0.000 description 1
- 208000012761 aggressive behavior Diseases 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000009225 memory damage Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to the technical field of SOHO router data security, in particular to a SOHO router data modification method, which modifies data of a streaming SOHO router by combining Netfilter and RAW_SOCKET.
Description
Technical field:
the invention relates to the technical field of SOHO router data security, in particular to a SOHO router data modification method.
The background technology is as follows:
the SOHO router is generally used for providing network service for terminal equipment connected to the SOHO router, and has the main functions of processing an Internet access request of equipment in a local area network, forwarding the Internet access request to a target server of the Internet and forwarding return data of the Internet server to intranet equipment, and because the SOHO router generally has no special safety protection software and users pay less attention to the safety of the router, the SOHO router has more safety holes and possibly exists for a long time, and can be seen through analyzing the SOHO router architecture, the Web service, an application program and an underlying linux kernel of the SOHO router can have holes, the hole types comprise traditional Web holes such as memory damage holes, XSS, CSRF and the like, command injection holes, file uploading and the like, so that an attacker can acquire the root access rights of the underlying linux system and bring safety hazards to the SOHO router;
after an attacker controls the SOHO router, the further utilization of the router is usually realized by modifying the data packet flowing through the router, network security personnel are required to detect malicious behaviors from the traffic level by modifying the data packet and inserting a specific label in order to discover the attack behaviors and trace the attacker, but the conventional data packet modifying mode possibly influences the normal operation of the router and the normal communication of both communication parties, meanwhile, the research of the security technology of the router is mainly concentrated on the aspect of vulnerability mining, the purpose is to take the root authority of a link kernel operating system at the bottom layer of the SOHO router, and the problem of data utilization after the acquisition of control rights is not solved, so that a certain defect exists, and the data modifying method of the SOHO router is necessary to be developed.
The invention comprises the following steps:
the invention provides a SOHO router data modification method, which aims to modify data of a flow SOHO router by combining Netfilter and RAW_SOCKET, wherein the data modification method does not influence normal operation of the router and normal communication of both communication parties, can be applied to a plurality of scenes such as network security detection, network attack and the like, can capture a data packet before the data packet enters the Netfilter for processing and modify the data packet according to the need, sets rules at a mounting point of the Netfilter to discard the original data packet, and finally bypasses a processing rule of the data packet by the router to directly send the modified data packet into a network.
The invention solves the technical problems by adopting the scheme that: 1. a SOHO router data modification method, the Netfilter mechanism in the bottom layer linux kernel of SOHO router discards the data packet needing to be modified, capture the primitive data packet entering the network card with the raw socket (primitive socket), bypass the system kernel protocol stack after modifying the primitive data packet and send the modified data packet from the network card;
s1: discarding data packets
The SOHO router filters the data packet based on a Netfilter mechanism in a bottom linux kernel, the Netfilter is a series of call entries which are arranged on a message processing path and embedded in a kernel IP protocol stack, provides a mounting point for modifying the data packet according to the flow direction of a network message, and sets a data packet filtering rule at the mounting point according to the data packet characteristics to be modified by utilizing a configuration component iptables of the Netfilter in a user space, so as to perform preliminary screening of the data packet and discard the data packet;
s2: capturing packet modification issues
The method comprises the steps that a raw socket (original socket) is adopted, a socket protocol of a PF_PACKET is utilized, an original data frame from a data link layer is captured before an original data PACKET enters Netfilter processing, the data PACKET is processed through a data PACKET processing system, and the data PACKET processing system comprises a data PACKET sniffing module, a data PACKET analysis module, a data PACKET modification module and a data PACKET sending module;
(1) Before the original data packet enters Netfilter processing, the data packet sniffing module captures the original data packet to be processed from the network card;
(2) The data packet analysis module analyzes the captured original data packet, determines whether the data packet is a data packet needing to be modified, if the data packet is not the data packet needing to be modified, directly sends the data packet, if the data packet is the data packet needing to be modified, modifies the data packet through the data packet modification module, modifies the data packet length, SEQ and ACK fields in the data packet header and recalculates the checksum, and ensures the correctness of the data packet and the continuity of communication;
(3) And the data packet sending module bypasses a TCP/IP protocol stack by using a raw socket, and sends the modified data packet from the network card.
Furthermore, the principle of capturing the data packet is to capture the data packet before the data packet is processed by the Netfilter framework, and the principle of transmitting the data packet is to bypass the Netfilter framework and the kernel protocol stack processing and transmit the modified data packet into the network.
Furthermore, netfilter can provide five mounting points for modifying the data packet according to the flow direction of the network message, and the three mounting points Prerouting, forward, postrouting can discard the data packet flowing into the router, so as not to influence the data packet entering the router and the data packet sent by the router, the data packet filtering rule is set at the Forward mounting point, and the data packet is discarded.
Furthermore, the SOHO router is ARM or MIPS architecture, a corresponding cross compiling environment is built by using a building tool, and a data capturing, data processing and data sending program which can run on the SOHO router is cross compiled, so that the modification of the data package is realized.
The invention has the beneficial effects that: the method utilizes a mode of combining Netfilter and RAW_SOCKET, utilizes a Netfilter mechanism in a bottom layer linux kernel of an SOHO router to discard the data packet needing to be modified, captures the original data packet entering the network card by using a RAW SOCKET, directly sends the modified data packet from the network card by bypassing a system kernel protocol stack after modifying the original data packet, does not influence the normal operation of the router and the normal communication of both communication parties, can be applied to a plurality of scenes such as network security detection, network attack and the like, has strong universality, ensures that a data sender does not feel when the data packet is discarded, only the modified data packet can not reach a receiver, the original data packet can not reach the receiver, avoids repeated arrival of the data packet, has higher processing efficiency through RAW_SOCKET data, has smaller data modification delay, does not influence normal communication, and simultaneously sends the data packet which is a data packet which is self-constructed by a user, and the data packet construction function can be written according to the requirement, and can realize random modification of the data packet.
Drawings
Fig. 1 is a flow chart illustrating the principles of the present invention.
Fig. 2 is a flow chart of the data packet capture transmission principle.
Fig. 3 is a graph of the position of the captured data and the position of the transmitted data versus the flow position of the data packet in the SOHO router.
Fig. 4 is a schematic flow chart of a packet processing system.
Fig. 5 is a flow chart of the SOHO router filtering packets.
Fig. 6 is a schematic diagram of an experimental environment for demonstrating a "discard-resend" data modification method.
Fig. 7 is a diagram of a result of a sender initiating a connection to a receiver informing the sender that the connection cannot be made in a normal network environment.
Fig. 8 is a diagram showing the result of discarding packets without returning any information in the "discard-retransmit" data modification method.
Fig. 9 is a schematic diagram of data sent by a sender.
Fig. 10 is a schematic diagram of data received by a receiving party.
Fig. 11 is program code for modifying the IP of a data packet to enable fake identity communication.
Fig. 12 is a schematic diagram of time difference information of two packets transmitted by a sender.
Fig. 13 is a schematic diagram of delay information of two received data packets by a receiver.
The specific embodiment is as follows:
the invention will be further described with reference to the drawings and examples.
In embodiment 1, after an attacker controls an SOHO router, further utilization of the router is often achieved by modifying a data packet flowing through the router, network security personnel need to detect malicious behaviors from a traffic layer by modifying the data packet and inserting a specific tag in order to discover the aggressive behaviors and trace the attacker, but the conventional modification data packet mode may affect normal operation of the router and affect normal communication of both communication parties, and meanwhile, research of the security technology of the router is mainly focused on vulnerability mining, so that the purpose is to take root rights of a linux kernel operating system at the bottom layer of the SOHO router, and the problem of data utilization after acquiring control rights is not solved, so that certain defects exist.
Aiming at the problems, the embodiment provides a data modification method of an SOHO router, which modifies data flowing through the SOHO router by combining Netfilter and RAW_SOCKET, wherein the data modification method does not influence the normal operation of the router and the normal communication of both communication parties, and can be applied to multiple scenes such as network security detection, network attack and the like; the principle is that a Netfilter mechanism in a bottom layer linux kernel of an SOHO router is utilized to discard a data packet to be modified, a raw socket (original socket) is utilized to capture an original data packet entering a network card, and after the original data packet is modified, a system kernel protocol stack is bypassed to send the modified data packet out of the network card;
the processing of data packets on routers can be divided into three categories: the data packets flowing into the router, the data packets flowing through the router and the data packets flowing out of the router, wherein the data packets flowing in and flowing out can be distinguished through the judgment of the router, and the messages flowing out and flowing in need to be sent out through the router, and in addition, the data packets flowing through have a FORWARD process, namely, the data packets are transferred from one network card to the other network card;
s1: discarding data packets
As shown in fig. 5, filtering of the data packet by the SOHO router is implemented based on Netfilter mechanism in the underlying linux kernel, where Netfilter is a series of call entries embedded in the kernel IP protocol stack and is set on the packet processing path, and according to the flow direction of the network packet, the Netfilter can provide five mounting points for modifying the data packet, as shown in the following figure, by using the Netfilter in the configuration component iptables of the user space, according to the characteristics of the data packet to be modified, the data packet filtering rule can be set at all three mounting points of Prerouting, forward, postrouting for the data packet flowing through the router, so as to perform preliminary screening of the data packet, discard the data packet, and in this embodiment, in order not to affect the data packet entering the router and the data packet sent by the router, the data packet filtering rule is set at the Forward mounting point, so as to discard the data packet;
s2: capturing packet modification issues
The principle of capturing the data packet is to capture the data packet before the data packet is processed by the Netfilter frame, and the principle of transmitting the data packet is to bypass the Netfilter frame and the kernel protocol stack processing and transmit the modified data packet to the network;
as shown in fig. 2, a raw socket (original socket) is adopted, and a socket protocol of pf_packet is utilized, so that an original data frame from a data link layer is captured before the original data PACKET enters Netfilter processing, and a protocol stack of a system kernel can be bypassed to send a data PACKET which is self-constructed by a user, and the data PACKET is processed through a data PACKET processing system, wherein the data PACKET processing system comprises a data PACKET sniffing module, a data PACKET analysis module, a data PACKET modification module and a data PACKET sending module, so that the purposes of acquiring the original data PACKET from the data link layer and sending the data PACKET into a network are realized; as shown in figures 3-4 of the drawings,
(1) Before the original data packet enters Netfilter processing, the data packet sniffing module captures the original data packet to be processed from the network card;
(2) The data packet analysis module analyzes the captured original data packet, determines whether the data packet is a data packet needing to be modified, if the data packet is not the data packet needing to be modified, directly sends the data packet, if the data packet is the data packet needing to be modified, modifies the data packet through the data packet modification module, modifies the data packet length, SEQ and ACK fields in the data packet header and recalculates the checksum, and ensures the correctness of the data packet and the continuity of communication;
(3) The data packet sending module bypasses a TCP/IP protocol stack by using a raw socket (original socket) and sends the modified data packet from the network card;
the data sniffing module captures an original data packet entering the network card, the captured data packet is not a data packet needing to be modified, so the data packet is analyzed through the data analysis module, if the data packet is not the data packet needing to be modified, the data packet is directly sent out, if the data packet is the data packet needing to be modified, the data packet is modified according to the need, then the checksum window size field of the data packet header is recalculated, if the data packet is the content part of the TCP data packet, the data packet length, SEQ, ACK and other fields in the data packet header are modified, the correctness of the data packet and the continuity of communication are ensured, and finally the data packet is directly sent into a network through the data sending module; meanwhile, the SOHO router is of ARM or MIPS architecture, a corresponding cross compiling environment is built by using a building tool, and data capturing, data processing and data sending programs which can run on the SOHO router are compiled in a cross mode, so that modification of the data package is realized.
The method ensures that a data sender is not felt when the data packet is discarded, secondly, the method can ensure that only the modified data packet reaches a receiver, the original data packet can not reach the receiver, the problem that the data packet repeatedly arrives is avoided, the RAW_SOCKET data processing efficiency is higher, the data modification delay is smaller, normal communication is not influenced, the sent data packet is a data packet which is self-constructed by a user, the data packet construction function can be compiled according to the requirement, and random modification of the data packet can be realized in principle.
The "discard-retransmit" data modification method utilizes the scenario:
the data modification method of 'discard-resend' can realize the insertion of special data in a data packet or a data stream by modifying the data packet, realize the analysis of network security, the trace tracing method based on Marking-based trace back (MBT) is a trace tracing method which is researched more, the classical methods of probability packet Marking algorithm [8] (Probabilistic Packet Marking, PPM) and determination packet Marking algorithm [9] (Deterministic Packet Marking, DPM) need to carry out data modification, in the security analysis of an anonymous channel, watermark analysis [10] is a common method, whether the watermark of the data packet or the watermark of the flow rate is, the essence is the modification of the content of the data packet or the modification of the delay of the data packet, and the data modification method of 'discard-resend' can be realized;
experimental demonstration:
as shown in fig. 6, a host simulates an intranet and internet terminal, a host simulates an external network server, the middle is communicated through an SOHO router, the WAN port IP of the SOHO router is configured to be 10.0.0.1, the lan port IP is configured to be 192.168.1.1, the external network server IP is configured to be 10.0.0.2, the intranet host IP is configured to be 192.168.1.2, the data packets of the intranet host accessing the external network server are modified on the SOHO router, and the data packets are respectively captured on the intranet host and the external network server, it is to be noted that, due to the NAT mechanism of the SOHO router, the data packets captured on the intranet host are 192.168.1.2 and 10.0.0.2, but the data packets captured on the external network server are the data packets of the SOHO router, which are communicated with the WAN port 10.0.0.0.1 and 10.0.0.2.
Packet discard no-sense test:
in the network environment, if the data receiver refuses to receive the data packet, the data receiver returns a data packet with unreachable data to the data sender, and informs the data sender that the data packet is not received. The "discard-retransmit" data modification method cannot send any data packet to the data sender when discarding the data packet, so that the data sender is required to discard the data packet "without sense", otherwise, if the data sender knows that the data packet is discarded, the subsequent communication will be affected.
As shown in fig. 7, in a normal network environment, a sender initiates a connection to a receiver, and the receiver returns a data packet with an RST flag to inform the sender that the connection is impossible;
as shown in fig. 8, in the data modification method, no information is returned when the data packet is discarded, the data sender does not know that the data packet is discarded, and the subsequent communication process is not affected;
and (3) modifying the content test of the data packet:
in normal network communication, the content of the data packet received by the receiver is consistent with that of the data packet sent by the sender, the data packet is successfully modified by using a method of 'discard-resend', the content of the data packet received by the receiver is different from that of the data packet sent by the sender,
as can be seen from the data sent by the sender of fig. 9 and the data received by the receiver of fig. 10, the data content sent by the sender is test-! However, the data received by the recipient is a locked-! Indicating that the packet content is modified.
Falsified data sender IP test:
the data modification method of discarding-retransmitting can modify the IP of the data packet to realize communication of fake identity, as shown in figure 11, shows that the sender sends a request to the receiver 10.0.0.2, the receiver falsifies the identity when returning data, replies data to the sender by the IP of 8.8.8.8, and the method is often used by network attackers to hide the identity of the receiver, so as to prevent the receiver from being used in tracing;
modifying the inter-packet delay test:
the communication time delay of a normal network is relatively fixed, the time for a data packet with similar sending time to reach a receiving party is also similar, and a time delay can be inserted between two data packets in a data modification mode of 'discarding-retransmitting', so that the time watermark of a data stream is realized;
as shown in fig. 12, two data packets sent by the sender have very small difference in sending time;
as shown in fig. 13, the two data packets received by the receiving side are inserted with a 2 second delay;
the foregoing description of the preferred embodiments of the invention is not intended to limit the invention to the particular embodiments disclosed, but on the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the invention.
Claims (4)
1. A SOHO router data modification method is characterized in that a Netfilter mechanism in a linux kernel of a bottom layer of the SOHO router discards a data packet to be modified, a raw socket is used for capturing an original data packet entering a network card, and the modified data packet is sent out from the network card by bypassing a system kernel protocol stack after the original data packet is modified;
s1: discarding data packets
The SOHO router filters the data packet based on a Netfilter mechanism in a bottom linux kernel, the Netfilter is a series of call entries which are arranged on a message processing path and embedded in a kernel IP protocol stack, provides a mounting point for modifying the data packet according to the flow direction of a network message, and sets a data packet filtering rule at the mounting point according to the data packet characteristics to be modified by utilizing a configuration component iptables of the Netfilter in a user space, so as to perform preliminary screening of the data packet and discard the data packet;
s2: capturing packet modification issues
The method comprises the steps that a raw socket (original socket) is adopted, a socket protocol of a PF_PACKET is utilized, an original data frame from a data link layer is captured before an original data PACKET enters Netfilter processing, the data PACKET is processed through a data PACKET processing system, and the data PACKET processing system comprises a data PACKET sniffing module, a data PACKET analysis module, a data PACKET modification module and a data PACKET sending module;
(1) Before the original data packet enters Netfilter processing, the data packet sniffing module captures the original data packet to be processed from the network card;
(2) The data packet analysis module analyzes the captured original data packet, determines whether the data packet is a data packet needing to be modified, if the data packet is not the data packet needing to be modified, directly sends the data packet, if the data packet is the data packet needing to be modified, modifies the data packet through the data packet modification module, modifies the data packet length, SEQ and ACK fields in the data packet header and recalculates the checksum, and ensures the correctness of the data packet and the continuity of communication;
(3) And the data packet sending module bypasses a TCP/IP protocol stack by using a raw socket, and sends the modified data packet from the network card.
2. The SOHO router data modification method according to claim 1, wherein a packet capturing principle is capturing before a packet is processed by a Netfilter frame, and a packet transmitting principle is bypassing the Netfilter frame and kernel protocol stack processing, and transmitting the modified packet into the network.
3. The SOHO router data modification method according to claim 1, wherein Netfilter provides five mounting points for modifying the data packet according to the flow direction of the network packet, and each of the three mounting points Prerouting, forward, postrouting discards the data packet flowing through the router, so as not to affect the data packet entering the router and the data packet sent by the router, and selectively sets a data packet filtering rule at the Forward mounting point, and discards the data packet.
4. The method for modifying SOHO router data according to claim 1, wherein the SOHO router is an ARM or MIPS architecture, and uses a Buildroot tool to build a corresponding cross-coding environment, and cross-coding a data capturing, data processing and data transmitting program that can run on the SOHO router, so as to implement modification of the data packet.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211673853.2A CN116318801B (en) | 2022-12-26 | 2022-12-26 | SOHO router data modification method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211673853.2A CN116318801B (en) | 2022-12-26 | 2022-12-26 | SOHO router data modification method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116318801A true CN116318801A (en) | 2023-06-23 |
| CN116318801B CN116318801B (en) | 2024-07-12 |
Family
ID=86794873
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211673853.2A Active CN116318801B (en) | 2022-12-26 | 2022-12-26 | SOHO router data modification method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116318801B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104753928A (en) * | 2015-03-16 | 2015-07-01 | 苏州科达科技股份有限公司 | Code stream forwarding method and system |
| CN106059885A (en) * | 2016-06-15 | 2016-10-26 | 京信通信***(中国)有限公司 | Method and system for processing CAPWAP message by wireless controller |
| US20170026224A1 (en) * | 2015-07-22 | 2017-01-26 | Cisco Technology, Inc. | Resilient segment routing service hunting with tcp session stickiness |
| CN106911778A (en) * | 2017-02-27 | 2017-06-30 | 网宿科技股份有限公司 | A kind of flow bootstrap technique and system |
| CN107317810A (en) * | 2017-06-23 | 2017-11-03 | 济南浪潮高新科技投资发展有限公司 | A kind of data interception method and device |
| CN109361723A (en) * | 2018-04-18 | 2019-02-19 | 上海锐智集数电子有限公司 | A kind of effective message transmission timing control method of UDP |
-
2022
- 2022-12-26 CN CN202211673853.2A patent/CN116318801B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104753928A (en) * | 2015-03-16 | 2015-07-01 | 苏州科达科技股份有限公司 | Code stream forwarding method and system |
| US20170026224A1 (en) * | 2015-07-22 | 2017-01-26 | Cisco Technology, Inc. | Resilient segment routing service hunting with tcp session stickiness |
| CN106059885A (en) * | 2016-06-15 | 2016-10-26 | 京信通信***(中国)有限公司 | Method and system for processing CAPWAP message by wireless controller |
| CN106911778A (en) * | 2017-02-27 | 2017-06-30 | 网宿科技股份有限公司 | A kind of flow bootstrap technique and system |
| CN107317810A (en) * | 2017-06-23 | 2017-11-03 | 济南浪潮高新科技投资发展有限公司 | A kind of data interception method and device |
| CN109361723A (en) * | 2018-04-18 | 2019-02-19 | 上海锐智集数电子有限公司 | A kind of effective message transmission timing control method of UDP |
Non-Patent Citations (2)
| Title |
|---|
| 郭一辰;陈靖;张黎;黄聪会;: "大规模MANET路由协议SPDSR在Linux中的设计与实现", 空军工程大学学报(自然科学版), no. 04, 25 August 2012 (2012-08-25), pages 1 - 6 * |
| 陈炼;李桂林;刘耀瑞;赵亚楠;: "基于Android的DSDV路由协议实现与应用", 信息通信, no. 02, 15 February 2017 (2017-02-15), pages 1 - 4 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116318801B (en) | 2024-07-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9049220B2 (en) | Systems and methods for detecting and preventing flooding attacks in a network environment | |
| US7725938B2 (en) | Inline intrusion detection | |
| US8175096B2 (en) | Device for protection against illegal communications and network system thereof | |
| US8045550B2 (en) | Packet tunneling | |
| CN1938982B (en) | Method and apparatus for preventing network attacks by authenticating internet control message protocol packets | |
| US20120227088A1 (en) | Method for authenticating communication traffic, communication system and protective apparatus | |
| US20190149573A1 (en) | System of defending against http ddos attack based on sdn and method thereof | |
| CN108881328B (en) | Data packet filtering method and device, gateway equipment and storage medium | |
| KR101281160B1 (en) | Intrusion Prevention System using extract of HTTP request information and Method URL cutoff using the same | |
| CN112235329A (en) | Method, device and network equipment for identifying authenticity of SYN message | |
| CN116318801B (en) | SOHO router data modification method | |
| KR101081433B1 (en) | An ip traceback method with enhanced integrity for ipv6-based network and the recording medium thereof | |
| CN114710343A (en) | Intrusion detection method and detection equipment | |
| JP4391455B2 (en) | Unauthorized access detection system and program for DDoS attack | |
| CN109889475B (en) | Method and system for preventing TCP connection from being sniffed by bypass equipment | |
| Yoo | Protocol anomaly detection and verification | |
| CN116866055B (en) | Method, device, equipment and medium for defending data flooding attack | |
| Gai et al. | Packet modification and utilization technology of SOHO router | |
| TWI410080B (en) | Wireless routers and method for preventing malicious scanning by using the wireless routers | |
| KR100564750B1 (en) | Apparatus and method for providing a connecition traceback using TCP connection hijacking | |
| CN114050918A (en) | Audio data processing method and device, detection server and storage medium | |
| CN117834208A (en) | Improved redirection transmission method | |
| CN114826646A (en) | Network abnormal behavior detection method and device and electronic equipment | |
| Cardwell | IPv6 Security Issues in Linux and FreeBSD Kernels: A 20-Year Retrospective | |
| CN117997589A (en) | Network vulnerability scanning and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |