Dynamic defense of network attacks

Information security – Access control or authentication – Network

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Dynamic defense of network attacks Dynamic defense of network attacks

: 2011-08-23
: 2011-08-23
: Moazzami, Nasser (Department: 2436)
: Information security
: Access control or authentication
: Network

: C726S011000, C726S012000, C726S022000, C726S023000, C726S024000, C726S025000, C709S223000, C709S224000, C709S225000, C709S226000, C455S410000, C455S411000
: Reexamination Certificate
: active
: 08006285
: ABSTRACT:
A distributed denial of service attack can be defended against by challenging requests at a machine upstream from the target of the attack. The upstream machine limits access to the victim machine in response to indication of the victim machine being attacked. The upstream machine begins trapping protocol data units destined for the victim machine and challenging requests to access the victim machine with tests that require sentient responses, such as Turing tests. The upstream machine then updates a set of rules governing access to the victim machine based, at least in part, on responses to the challenges or administered tests.

REFERENCES:
patent: 6041053 (2000-03-01), Douceur et al.
patent: 6070219 (2000-05-01), McAlpine et al.
patent: 6163539 (2000-12-01), Alexander et al.
patent: 6477643 (2002-11-01), Vorbach et al.
patent: 6600721 (2003-07-01), Edholm
patent: 6662228 (2003-12-01), Limsico
patent: 6714960 (2004-03-01), Bitar et al.
patent: 6757731 (2004-06-01), Barnes et al.
patent: 6772334 (2004-08-01), Glawitsch
patent: 6775704 (2004-08-01), Watson et al.
patent: 6831893 (2004-12-01), Ben Nun et al.
patent: 6859841 (2005-02-01), Narad et al.
patent: 6944168 (2005-09-01), Paatela et al.
patent: 7046665 (2006-05-01), Walrand et al.
patent: 7165192 (2007-01-01), Cadieux et al.
patent: 7177311 (2007-02-01), Hussain et al.
patent: 7213264 (2007-05-01), Poletto et al.
patent: 7260102 (2007-08-01), Mehrvar et al.
patent: 7313142 (2007-12-01), Matsuo et al.
patent: 7324447 (2008-01-01), Morford
patent: 7386889 (2008-06-01), Shay
patent: 7404210 (2008-07-01), Lin
patent: 7464402 (2008-12-01), Briscoe et al.
patent: 7606915 (2009-10-01), Calinov et al.
patent: 7760722 (2010-07-01), Tripathi et al.
patent: 2002/0120702 (2002-08-01), Schiavone et al.
patent: 2002/0120853 (2002-08-01), Tyree
patent: 2003/0037154 (2003-02-01), Poggio et al.
patent: 2003/0110400 (2003-06-01), Cartmell et al.
patent: 2003/0204621 (2003-10-01), Poletto et al.
patent: 2004/0059951 (2004-03-01), Pinkas et al.
patent: 2004/0181571 (2004-09-01), Atkinson et al.
patent: 2004/0181581 (2004-09-01), Kosco
patent: 2005/0015455 (2005-01-01), Liu
patent: 2005/0108551 (2005-05-01), Toomey
patent: 2005/0108568 (2005-05-01), Bussiere et al.
patent: 2005/0132060 (2005-06-01), Mo et al.
patent: 2005/0135243 (2005-06-01), Lee et al.
patent: 2005/0138620 (2005-06-01), Lewites
patent: 2005/0144441 (2005-06-01), Govindarajan
patent: 2005/0204159 (2005-09-01), Davis et al.
patent: 2006/0026246 (2006-02-01), Fukuhara et al.
patent: 2006/0031680 (2006-02-01), Maiman
patent: 2006/0041667 (2006-02-01), Ahn et al.
patent: 2006/0048142 (2006-03-01), Roese et al.
patent: 2006/0069782 (2006-03-01), Manning et al.
patent: 2006/0070066 (2006-03-01), Grobman
patent: 2006/0168033 (2006-07-01), Cai et al.
patent: 2006/0168056 (2006-07-01), Gandhi et al.
patent: 2006/0174324 (2006-08-01), Zur et al.
patent: 2006/0271631 (2006-11-01), Qureshi et al.
patent: 2008/0168145 (2008-07-01), Wilson
patent: 2008/0226047 (2008-09-01), Reumann et al.
patent: 2008/0229415 (2008-09-01), Kapoor et al.
Christos Douligeris et al, DDoS attacks and defense mechanisms: classification and state-of-the-art, pp. 643-666, Elsevier B.V. 2003.
Frank Kargl et al, Protecting Web servers from Distributed Denial of Service Attacks, pp. 514-524, ACM, 2001.
William G Morein et al, Using Graphic Turing Tests to Counter Automated DDoS Attacks Against Web Servers, pp. 8-19, ACM, 2003.
Frisch, AEleen, et al., Essential System Administration, Second Edition,TCP/IP Network Management, O'Reilly & Associates, Inc., Ch. 13, pp. 620-633, 1991, 1995.
Jin, Cheng, et al., “Hop-count filtering: an effective defense against spoofed DDoS traffic,” inProceedings of the 10th ACM Conference on Computer and Communications Security(Washington D.C., USA, Oct. 27-30, 2003), pp. 30-41, CCS '03, ACM Press, New York, NY.
Mirkovic, Jelena and Reiher, Peter, “A taxonomy of DDoS attack and DDoS defense mechanisms,”ACM SIGCOMM Computer Communication Review, vol. 34, No. 2, pp. 39-53, Apr. 2004.
Mirkovic, Jelena, et al., “Alliance formation for DDoS defense,” inProceedings of the 2003 Workshop on New Security Paradigms(Ascona, Switzerland, Aug. 18-21, 2003). C. F. Hempelmann and V. Raskin, Eds., pp. 11-18, NSPW '03, ACM Press, New York, NY.
Morein, William G., et al., “Using graphic turing tests to counter automated DDoS attacks against web servers,” inProceedings of the 10th ACM Conference on Computer and Communications Security(Washington D.C., USA, Oct. 27-30, 2003) pp. 8-19, CCS '03, ACM Press, New York, NY.
Steinke, Steve, et al., Network Tutorial: A Complete Introduction to Networks,Network Security and Backup Systems, Section X, pp. 477-485, 513-514, 2000, CMP Books, San Francisco, CA.
Wang, Ju, et al., “Tolerating denial-of-service attacks using overlay networks—impact of topology,” inProceedings of the 2003 ACM Workshop on Survivable and Self-Regenerative Systems: in Association with 10th ACM Conference on Computer and Communications Security(Fairfax, VA, Oct. 31-31, 2003) pp. 43-52, SSRS '03, ACM Press, New York, NY.
Wang, XiaoFeng and Reiter, Michael K., “Mitigating bandwidth-exhaustion attacks using congestion puzzles,” inProceedings of the 11th ACM Conference on Computer and Communications Security(Washington DC, USA, Oct. 25-29, 2004) pp. 257-267, CCS '04, ACM Press, New York, NY.
Xu, Ying. and Guérin, Roch, “On the robustness of router-based denial-of-service (DoS) defense systems,”ACM SIGCOMM Computer Communication Review, vol. 35, No. 2, pp. 47-60, Jul. 2005.
Dovrolis, C., Thayer, B. and Ramanathan, P., “HIP: Hybrid Interrupt—Polling for the network Interface,” ACM SIGOPS Operating Systems Review, vol. 35, Iss. 4, Oct. 2001, 11 pages.

Affiliated with

Perlman Radia J.

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Abedin Shanto M

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Kowert Robert C.

Attorney

[ 0.00 ] – not rated yet Voters 0 Comments 0

Meyertons Hood Kivlin Kowert & Goetzel P.C.

Law Firm

[ 0.00 ] – not rated yet Voters 0 Comments 0

Moazzami Nasser

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Oracle America Inc.

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Dynamic defense of network attacks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Dynamic defense of network attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Dynamic defense of network attacks will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-2786845

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure