Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2007-03-06
2007-03-06
Moazzami, Nasser (Department: 2134)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S011000, C726S013000, C726S024000, C726S025000, C713S153000, C709S249000, C709S224000, C709S235000, C709S225000
Reexamination Certificate
active
09948350
ABSTRACT:
When DDoS attack packets are transmitted from the attacker to the victim's server, the attack packets are detected in the edge router of the LAN accommodating the server. These packets are then destroyed, the address of the upstream routers close to the attack source are retrieved, and attack source retrieval modules are transmitted from the edge router to all the upstream routers. By executing the retrieval modules in the upstream routers, verification is performed as to whether the attack packets are passing through those upstream routers. The results are notified to the transmission source router and if the attack packets are passing through, the retrieval modules are transmitted to routers at the upper stream. When the router at the uppermost stream is reached, a protection module is executed to destroy the attack packets. When the attacks cease, the protection module deletes itself and the protection process is ended.
REFERENCES:
patent: 6009475 (1999-12-01), Shrader
patent: 6212633 (2001-04-01), Levy et al.
patent: 6721890 (2004-04-01), Shrikhande
patent: 6886102 (2005-04-01), Lyle
patent: 2001/0014912 (2001-08-01), Segal
patent: 2000172499 (2000-06-01), None
patent: WO98/54644 (1998-03-01), None
“Moving Firewall: An Active Networks Application For Defending Against DDoS Attacks” by Eric Y. Chen and Hitoshi Fuji, 61stNational Convention of Information Processing Society of Japan, Oct. 2000.
“RFC2267 Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing” by P. Ferguston and D. Senie, Jan. 1998.
“Center Track: An IP Overlay Network for Tracking DoS Floods” by Robert Stone, North American Network Operators Group, Oct. 1, 1999.
“On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack” by Kihong Park and Heejo Lee, Network Systems Lab and CERIAS, Purdue University, Jun. 10, 2000.
“Practical Network Support for IP Traceback” by Stefan Savage, David Wetherall, Anna Karlin, and Tom Anderson, Proceedings of the 2000 ACM SIGCOMM Conference, pp. 295-306, Stockholm, Sweden, Aug. 2000.
“MULTOPS: a date-structure for bandwidth attack detection” by Thomer M. Gil and Massilimiano Poletto, Master's thesis, Vrje Universiteit, Aug. 2000.
Asaka, Midori. “Information-Gathering with Mobile Agents for Intrusion Detection System”, The Transaction of the Institute of Electronics, Information and Communication Engineers D-I, vol. J81-D-1, No. 5, pp. 532-539, May 25, 1998.
Takeda, Keiji, et al., “On the Development of Intrusion Detection System with the Open Source Model”, IPSJ (Information Processing Society of Japan) SIG (Special Interest Group) Notes, 2000-DPS-97-32, vol. 2000, No. 30, pp. 183-188, Mar. 21-22, 2000.
Katsuragawa, Masaharu. “Implementation and Opoeration of IDS (Intrusion Detection System)”, Interop Magazine, vol. 10, No. 6, Softbank Publishing Inc., pp. 126-130, Jun. 2000.
Abstract. Japanese Translation of PCT Patent Application No. 2003-524925 with English patent abstract.
Tomobe, Minoru. “Active Network and Mobile Code Technology”, Computer Software, vol. 17, No. 3, Japan Society for Software Science and Technology, pp. 86-92, May 15, 2000.
“Trailogue: Information Circulation Platform (2)—Network Security-”, Business Communication, vol. 38, No. 8, Business Communcation Inc., pp. 70-79, Aug. 2001.
JP1/NETM/DM Manager explanation, operation, and syntax manual, Japan, Hitachi Ltd., Jun. 30, 2000, First Edition, p. 16, pp. 251-253, p. 255, pp. 257-258.
Masashi Shimizu, Windows 2000 Japanese prerelease edition (Beta 3 guide), DOS/V Power Report, Japan Impress Corporation, Oct. 1, 1999, vol. 9, Number 10, pp. 37-38.
Notice of Reasons for Rejection mailed Jul. 25, 2006.
Chen Eric Yi-hua
Fuji Hitoshi
Darby & Darby
Moazzami Nasser
Nippon Telegraph and Telephone Corporation
Tran Tongoc
LandOfFree
Distributed denial of service attack defense method and device does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Distributed denial of service attack defense method and device, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Distributed denial of service attack defense method and device will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3736521