| 摘要 |
FIELD: computer engineering. ^ SUBSTANCE: in accordance to the method, standards of known attacks are set, as well as required coefficients, a set of N support packets is memorized, the graph of data packets addressed to client is observed, incoming data packets are checked for compliance with given rules, and in accordance to these rules a signal is dispatched for activating attack protection measures, before checking whether received data packets match rules, each packet is checked for compliance with fragmentation condition, while for each new type of IP-packet a queue of fragments is created, correctness of fragmentation of each packet in the queue is checked and in case of incorrect fragmentation of any packet in the queue a signal is dispatched to activate attack protection measures, and received fragment and all following and prior fragments of that type are dropped, and then incoming data packets are checked for compliance with defined rules. ^ EFFECT: improved probability of detection and prevention of remote attacks against automated systems. ^ 4 dwg, 1 tbl |
