公开(公告)号：US20160337397A1

公开(公告)日：2016-11-17

申请号：US15153534

申请日：2016-05-12

申请人： Alibaba Group Holding Limited

发明人： Han Li ,  Yaxiong Duan ,  Jiong Jia

IPC分类号： H04L29/06 ,  H04L12/26 ,  H04L29/08

CPC分类号： H04L63/1458 ,  H04L43/0876 ,  H04L43/16 ,  H04L63/0236 ,  H04L63/1425 ,  H04L67/02

摘要： Embodiments of the present application relate to a method and device for defending against website attacks. The method includes obtaining a traffic threshold value corresponding to a target IP address, determining whether real-time visitor traffic for the target IP address exceeds the traffic threshold value, and handling visitor traffic for the target IP address based at least in part on whether the real-time visitor traffic for the target IP address exceeds the traffic threshold value, wherein the handling incoming visitor traffic for the target IP address based at least in part on whether the real-time visitor traffic for the target IP address exceeds the traffic threshold value includes, in the event that the real-time visitor traffic for the target IP address exceeds the traffic threshold value, configuring a blackhole route for the target IP address, and redirecting the incoming visitor traffic for the target IP address to the blackhole route.

摘要翻译： 本申请的实施例涉及用于防御网站攻击的方法和装置。 该方法包括获取对应于目标IP地址的流量阈值，确定目标IP地址的实时访问者流量是否超过流量阈值，以及至少部分地基于目标IP地址的访问者流量来处理目标IP地址的访问流量 目标IP地址的实时访问者流量超过流量阈值，其中至少部分地基于目标IP地址的实时访问者流量是否超过流量阈值来处理目标IP地址的传入访问者流量 包括在目标IP地址的实时访问流量超过流量阈值的情况下，为目标IP地址配置黑洞路由，并将目标IP地址的入站访问流量重定向到黑洞路由。

公开(公告)号：US10931710B2

公开(公告)日：2021-02-23

申请号：US15153534

申请日：2016-05-12

申请人： Alibaba Group Holding Limited

发明人： Han Li ,  Yaxiong Duan ,  Jiong Jia

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L12/26

摘要： Embodiments of the present application relate to a method and device for defending against website attacks. The method includes obtaining a traffic threshold value corresponding to a target IP address, determining whether real-time visitor traffic for the target IP address exceeds the traffic threshold value, and handling visitor traffic for the target IP address based at least in part on whether the real-time visitor traffic for the target IP address exceeds the traffic threshold value, wherein the handling incoming visitor traffic for the target IP address based at least in part on whether the real-time visitor traffic for the target IP address exceeds the traffic threshold value includes, in the event that the real-time visitor traffic for the target IP address exceeds the traffic threshold value, configuring a blackhole route for the target IP address, and redirecting the incoming visitor traffic for the target IP address to the blackhole route.