Method and apparatus for preventing denial of service attacks

Information security – Access control or authentication – Network

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Method and apparatus for preventing denial of service attacks Method and apparatus for preventing denial of service attacks

: 2006-06-06
: 2006-06-06
: Barron, Jr., Gilberto (Department: 2132)
: Information security
: Access control or authentication
: Network

: C726S023000, C713S189000, C370S229000
: Reexamination Certificate
: active
: 07058974
: ABSTRACT:
A method and apparatus for preventing denial of service type attacks on data networks is described. The method involves scanning the contents of the data packets flowing over the data network using a traffic flow scanning engine. The data packets are reordered and reassembled and then the payload contents are scanned to determine whether they conform to predetermined requirements. Data packets which do not reorder or reassemble correctly or which do not conform to the predetermined requirements may be dropped. Dropping packets which do not reorder or reassemble correctly or which do not conform to the predetermined requirements prevent denial of service attack which exploit bugs in the TCP/IP implementation or shortcomings in the TCP/IP specification The traffic flow scanning engine is further operable to determine whether the data packets are associated with validated traffic flows. Those data packets associated with validated traffic flows are assigned to a higher priority while those not associated with a validated traffic flow are assigned to a low priority, which may occupy no more that a predetermined maximum of the available bandwidth. Assigning data packets associated with a non-validated traffic flow to a low priority prevent brute force type denial of service attacks designed to clog networks.

REFERENCES:
patent: 5813001 (1998-09-01), Bennett
patent: 6477669 (2002-11-01), Agarwal et al.
patent: 6598034 (2003-07-01), Kloth
patent: 6636512 (2003-10-01), Lorrain et al.
patent: 6654373 (2003-11-01), Maher et al.
patent: 6735219 (2004-05-01), Clauberg

Affiliated with

Bennett Victor A.

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Maher, III Robert Daniel

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Barron Jr. Gilberto

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Haynes and Boone LLP

Law Firm

[ 0.00 ] – not rated yet Voters 0 Comments 0

Lemma Samson

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Netrake Corporation

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Method and apparatus for preventing denial of service attacks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for preventing denial of service attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for preventing denial of service attacks will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-3631209

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure