Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2001-08-16
2010-11-16
Vu, Kimyen (Department: 2435)
Information security
Monitoring or scanning of software or data including attack...
Reexamination Certificate
active
07836498
ABSTRACT:
A system architecture for thwarting denial of service attacks on a victim data center is described. The system includes a first plurality of monitors that monitor network traffic flow through the network. The first plurality of monitors is disposed at a second plurality of points in the network. The system includes a central controller that receives data from the plurality of monitors, over a hardened, redundant network. The central controller analyzes network traffic statistics to identify malicious network traffic. In some embodiments of the system, a gateway device is disposed to pass network packets between the network and the victim site. The gateway is disposed to protect the victim site, and is coupled to the control center by the redundant hardened network.
REFERENCES:
patent: 5623601 (1997-04-01), Vu
patent: 5787253 (1998-07-01), McCreery et al.
patent: 5968176 (1999-10-01), Nessett et al.
patent: 6012152 (2000-01-01), Douik et al.
patent: 6128298 (2000-10-01), Wootton et al.
patent: 6253321 (2001-06-01), Nikander et al.
patent: 6272537 (2001-08-01), Kekic et al.
patent: 6606744 (2003-08-01), Mikurak
patent: 6678250 (2004-01-01), Grabelsky et al.
patent: 6704874 (2004-03-01), Porras et al.
patent: 6735702 (2004-05-01), Yavatkar et al.
patent: 6856676 (2005-02-01), Pirot et al.
patent: 6880086 (2005-04-01), Kidder et al.
patent: 6947445 (2005-09-01), Barnhart
patent: 6990591 (2006-01-01), Pearson
patent: 7046680 (2006-05-01), McDysan et al.
patent: 7120931 (2006-10-01), Cheriton
patent: 7178166 (2007-02-01), Taylor et al.
Steve Bellovin. DDoS Attacks and Pushback. NANOG21, Feb. 18, 2001 http://www.aciri.org/pushback.
Ratul Manajan, Steven M. Bellovin, Sally Floyd, Vern Paxson, Scott Shenker, and John Ioannidis. Controlling High Bandwidth Aggregates in the Network. draft paper, Feb. 2001. http://www.aciri.org/pushback.
Stefan Savage, David Wetherall, Anna Karlin and Tom Anderson. Practical Network Support for IP Tracebook. Proceedings of 2000 ACM SIGCOMM, Stockholm, Sweden, Aug. 2000. http://www.cs.washington.edu/homes/savage/tracebook.html.
Steve Bellovin. ICMP Tracebook Messages. AT&T Labs Research, Mar. 2000. http://www.research.att.com/˜smb/papers/draft-bellovin-itrace-00.txt.
Cisco. Characterizing and Tracing Packet Floods Using Cisco Routers. http://www.cisco.com/warp/public/707/22.html.
D. Senie. RFC2644 (BCP34), Changing the Default for Directed Broadcasts in Routers. IETF, Aug. 1999, http://www.ietf.org/rfc/rfc2644.txt.
P. Ferguson, D. Senie. RFC2827 (BCP38): Network Ingress Filtering: Defeating Denial of Service Attacks which employ Address Spoofing. IETF, May 2000. http://www.ietf.org/rfc/rfc2827.txt.
David G. Anderson, Hari Balakrishnan, and M. Frans Kaashoek, Robert Morris. The Case for Resilient Overlay Networks. Proc. of HotOS-VIII, Schloss Elmau, Germany, May 2001. http:/
ms.lcs.mit.edu/papers/ron-hotos2001.pdf.
Cisco. Web-Site Security and Denial-of-Service Protection. http://www.cisco.com/warp/public/cc/pd/si/11000/prodlit/cswsc—wi.htm.
Analysis of a Denial of Service Attack on TCP by Schuba et al Proceedings of the 1997 IEEE Symposium on Security and Privacy (IEEE Computer Society Press, May 1997.
Stefan Savage, David Wetherall, Anna Karlin and Tom Anderson. Practical Network Support for IP Tracebook. Work in progress Technical Report UW-CSE-00-02-01. Date unknown. http://www.cs.washington.edu/homes/savage/tracebook.html.
Web page entitled “Aggregate based Congestion Control and Pushback” last modified Apr. 2001 Found at http://www.aciri.org/pushback.
D. Song et al., “Advanced and Authenticated Marking Schemes for IP Traceback”, Proc. IEEE INFOCOM, Apr. 2001, pp. 878-886.
R. Stone, “CenterTrack: An IP Overlay Network for Tracking DoS Floods”, Proceedings of 9thUSENIX Security Symposium, Denver, CO, Aug. 2000, pp. 199-212.
H. Burch et al., “Tracing Anonymous Packets to Their Approximate Source”, Proc. USENIX LISA 00, Dec. 2000, pp. 319-327.
Kohler, Jr. Edward W.
Poletto Massimiliano Antonio
Park Vaughan Fleming & Dowler LLP
Riverbed Technology, Inc.
Truvan Leynna T
Vu Kimyen
LandOfFree
Device to protect victim sites during denial of service attacks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Device to protect victim sites during denial of service attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Device to protect victim sites during denial of service attacks will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4163165