Error detection/correction and fault detection/recovery – Pulse or data error handling – Digital data error correction
Reexamination Certificate
2007-09-04
2007-09-04
Lamarre, Guy J. (Department: 2133)
Error detection/correction and fault detection/recovery
Pulse or data error handling
Digital data error correction
C726S013000, C726S023000, C709S229000, C370S392000, C370S401000, C713S154000
Reexamination Certificate
active
10641494
ABSTRACT:
A method for detecting a suspicious packet flow in a packet-switched network comprises the computer-implemented step of receiving a first packet in which the SYN bit but not the ACK or RST bit of the packet's TCP header is set. If a specified first time has elapsed, a packet counter associated with the destination address of the flow is incremented. A determination as to whether the packet counter is greater than a specified threshold values is made. If the packet counter is greater than the threshold value, a notification message is generated. In one embodiment, information identifying a packet flow is aggregated to an aggregation cache based on the destination address of the flow.
REFERENCES:
patent: 7013482 (2006-03-01), Krumel
patent: 2002/0101819 (2002-08-01), Goldstone
patent: 2002/0145976 (2002-10-01), Meyer et al.
patent: 2003/0154399 (2003-08-01), Zuk et al.
patent: 2003/0191844 (2003-10-01), Meyer et al.
patent: 2004/0052234 (2004-03-01), Ameigeiras et al.
Cisco Systems, Inc., “Configuring TCP Internet (Prevent Denial-of-Service Attacks,” pp. SC-189-SC-194.
Cisco Systems, Inc., “TCP Intercept Commands,” Cisco IOS Command Summary, vol. 1 of 2, pp. CS1-817-CS1-820.
Cisco Systems, Inc., “ip tcp intercept drop-made,” Cisco IOS Security Command Reference, SR-399-SR-412.
Cisco Systems, Inc., “Establishing Security Components,” Chapter 8, Cisco SS7 Interconnect for Voice Gateways 2.0 Implementation Guide, pp. 8-1-8-6.
Stewart, R. “Transmission Control Protocol Security Considerations,” Network Working Group Internet Draft, Apr. 19, 2004, 11 pages.
International Searching Authority, “Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declarations,” PCT/US05/00551, dated May 26, 2006, 7 pages.
Current Claims, PCT/US05/00551, 4 pages.
Ramesh Chengelpet
Shah Pritam
Valluri Vamsidhar
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Lamarre Guy J.
LandOfFree
Detecting network denial of service attacks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Detecting network denial of service attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Detecting network denial of service attacks will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3777903