Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2011-01-18
2011-01-18
Dinh, Minh (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
Reexamination Certificate
active
07873997
ABSTRACT:
The deterministic packet marking (DPM) method is based on marking packets with the partial address information of ingress interface only. The attack victim is able to recover the complete address(es) information after receiving several packets from a particular attacking host or hosts. The full path is not really essential for the traceback since it can be different for different packets for different reasons.
REFERENCES:
patent: 6978223 (2005-12-01), Milliken
patent: 6981158 (2005-12-01), Sanchez et al.
patent: 7200105 (2007-04-01), Milliken et al.
patent: 7565426 (2009-07-01), Jones et al.
patent: 2004/0093521 (2004-05-01), Hamadeh et al.
patent: 2005/0086520 (2005-04-01), Dharmapurikar et al.
patent: WO 01/59584 (2001-08-01), None
A. Belenky and N. Ansari, On IP traceback, IEEE Commun. Mag., Jul. 2002 vol. 41, No. 7.
D.X. Song and A. Perrig, Advanced and authenticated marking schemes for IP traceback, Proc. of INFOCOM 2001, 2001, pp. 878-886, vol. 2.
D. Dean et al., An algebraic approach to IP traceback, ACM Trans. on Information and System Security, (TISSEC), May 2002, pp. 1190137, vol. 5, No. 2.
T.W. Doeppner, Using router stamping to identify the source of IP packets, Proc. of 7th ACM Inter. Conf. on Computer Comm. and Networks, Nov. 2000, pp. 184-189.
M. Bellovin, ICMP traceback message, IETF Draft, Mar. 2000, [Online]. Available: http//www.research.att.com/smb/papers/draft-bellovin-itrace-00.txt.
S.F. Wu et al., On design and evaluation of ‘intention-driven’ ICMP traceback, Proc. of 10th Inter. Conf. on Computer Comm. and Networks, Oct. 2001, pp. 159-165.
R. Stone, Center Track: An IP overlay network for tracking DoS floods, Proc. of 9th USENIX Security Symposium, Aug. 2000.
A.C. Snoren et al., Single-packet IP traceback, IEEE/ACM Trans. Networking. Dec. 2002, pp. 721-734, vol. 10, No. 6.
S. Matsuda et al., Design and implementation of unauthorized access tracing system, Proc. of the 2002 Symposium on Applications and the Internet, Jan./Feb. 2002, pp. 74-81.
T. Baba and S. Matsuda, Tracing network attacks to their sources, IEEE Internet Comput., Mar./Apr. 2002, pp. 20-26, vol. 6, No. 2.
H. Burch and B. Cheswick, Tracing anonymous packets to their approximate source, Proc. of 2000 USENIX LISA Conference, Dec. 2000, pp. 319-327.
H. Chang et al., DecldUouS: Decentralized source identification for network intrusions, Proc. of 6th IFEP/IEEE International Symposium on Integrated Net. Management, May 1999, pp. 701-714.
H. Cheng et al., Design and implementation of a real-time decentralized source identification system for untrusted ip packets, Proc. of the DARPA Information Survivability Conference & Exposition, Jan. 2000, pp. 100-111, vol. 2.
A. Belenky and N. Ansari, IP traceback with deterministic packet marking, IEEE Commun. Lett., Apr. 2003, 162-164 vol. 7 No. 4.
A. Belenky and N. Ansari, Tracing multiple attackers with deterministic packet marking (DPM), Proc. of IEEE PacRim, Aug. 2003, to be published.
S. Savage et al., Network support for IP Traceback, IEEE/ACM Trans. Networking, Jun. 2001, pp. 226-237, vol. 9, No. 3.
D. Moore et al., Inferring internet denial of service activity, Proc. of 10th USENIX Service Symposium, 2001, pp. 9-22.
R.K.C. Chang, Defending against flooding-based distributed denial-of-service attacks: A tutorial, IEEE Commun. Mag. Oct. 2002, pp. 42-51, vol. 40, No. 10.
S.C. Lee and C. Sheilds, Technical, Legal, and Societal challenges to automated attack Traceback, IT Profesional, May/Jun. 2002, 12-18, Vo. 4, No. 3.
L. Subramanian et al., Characterizating the Internet hierarchy from multiple vantage points, Proceedings of INFOCOM 2002 Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies, Jun. 2002, pp. 618-627, vol. 2.
P. Ferguson and D.Senie, Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing, RFC 2827, May 2000.
P. Srisuresh and K. Egevang, Traditional IP network address translator (traditional NAT), RFC 3022, Jan. 2001.
D. Wei and N. Ansari, “Implementing IP Traceback in the Internet—An ISP Perspective,” Proc. 3rd Annual IEEE Workshop on Information Assurance, West Point, NY, pp. 326-332, Jun. 17-19, 2002.
Y. Kim, J.-Y. Jo, and F. Merat, “Defeating Distributed Denial-of-Service Attack with Deterministic Bit Marking,” IEEE GLOBECOM, pp. 1363-1367, Dec. 2003.
Andrey Belenky, “IP Traceback with Deterministic Packet Marking (DPM),” Ph.D. dissertation, New Jersey Institute of Technology, Oct. 2003.
Ansari Nirwan
Belenky Andrey
Connolly Bove & Lodge & Hutz LLP
Dinh Minh
New Jersey Institute of Technology
LandOfFree
Deterministic packet marking does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Deterministic packet marking, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Deterministic packet marking will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2643625