Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular node for directing data and applying cryptography
Reexamination Certificate
2006-04-11
2006-04-11
Barron, Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular node for directing data and applying cryptography
C713S153000, C726S013000, C726S023000, C709S224000
Reexamination Certificate
active
07028179
ABSTRACT:
An apparatus and method for secure, automated response to distributed denial of service (DDoS) attacks are described. The method includes notification of a DDoS attack received by an Internet host. Once received by an Internet host, the Internet host establishes security authentication from an upstream router from which the attack traffic, transmitted by one or more host computers, is received. The Internet host then transmits filter(s) to the upstream router generated based upon characteristics of the attack traffic. Once installed by the upstream router, the attack traffic is dropped to terminate a DDoS attack. In addition, the router may determine upstream router(s) coupled to ports from which attack traffic is received, and securely forward the filter(s) to the upstream routers as a routing protocol updated in order to drop the attack traffic at a point closer to a source of the DDoS attack.
REFERENCES:
patent: 6141778 (2000-10-01), Kane et al.
patent: 6425004 (2002-07-01), Hardjono
patent: 6944673 (2005-09-01), Malan et al.
patent: 2002/0101819 (2002-08-01), Goldstone
patent: 1 024 642 (2000-08-01), None
Smith et al, A Protocol and Simulation for Distributed Communicating Firewalls, Computer Software and Applications Conference, 1999. COMPSAC '99. Proceedings. The Twenty-Third Annual International, Oct. 27-29, 1999, pp.: 74-79.
Shyne et al, Using Active Networking to Thwart Distributed Denial of Service Attacks, Aerospace Conference, 2001, IEEE Proceedings. , vol.: 3, Mar. 10-17, 2001, pp.: 3/1103-3/1108 vol. 3.
Geng et al, Defeaeting Distributed Denial of Service Attacks, IT Professional, vol.: 2, Issue:4, Jul.-Aug. 2000, pp.: 36-42.
Mahajan et al, Controlling High Bandwidth Aggregates in the Network, Feb. 2001, Retrieved from the Internet on Oct. 10, 2005, <URL: http://citeseer.ist.psu.edu/cache/papers/cs/23886/http:zSzzSzwww.aciri.orgzSzpushbackzSzpushback-toCCR.pdf/mahajan01controlling.pdf>.
Copy of Notification of Trans. of IPER mailed Aug. 12, 2004 in co-pending PCT Appl. No. PCT./US02/20759.
Smith, Robert N. and Bhattacharya, Soursav, “Operating Firewalls Outside the LAN Perimeter”, IEEE, 1999 pp. 493-498.
Ziegler, Thomas et al., “A Distributed Mechanism for Identification and Discrimination of non TCP-friendly Flows in the Internet”, NETWORKING 2000, LNCS 1815, pp. 763-775, 2000.
Copy of International Search Report mailed Apr. 9, 2003 for co-pending PCT Appl. No. PCT/US 02/20759 filed Jun. 27, 2002.
Anderson Todd A.
Putzolu David M.
Barron Gilberto
Blakely , Sokoloff, Taylor & Zafman LLP
Dinh Minh
LandOfFree
Apparatus and method for secure, automated response to... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus and method for secure, automated response to..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus and method for secure, automated response to... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3594476