METHOD FOR CONTROL OF DISTRIBUTED INFORMATION SYSTEM DATA STREAMS IN DDoS ATTACKS Russian patent published in 2019 - IPC G06F21/00 

FIELD: information technology.

SUBSTANCE: invention relates to a method of controlling data streams of a distributed information system during DDoS attacks. Method comprises setting switching table, detecting security events in received data stream, from which network addresses and port numbers are selected, for analyzing and making decision on data transmission permissibility associated with this event, wherein the verification data table is additionally set, when detecting security events in the received data stream, comparing it with the allowed flows in accordance with the switching table, in case of their mismatching, generating and analyzing the verification data, for which after selecting network addresses and port numbers from said stream in accordance with the verification data table, selecting checking data for allocated addresses and port numbers and transmitting them to the corresponding network node of the distributed information system, receiving response data for checking for legitimacy of data streams, their values are compared with the verification data pre-set in the table and if they coincide, it is sent to the destination, and if the mismatch occurs, an illegitimate data stream is blocked.

EFFECT: technical result is improved security of distributed information systems.

1 cl, 3 dwg