Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2004-01-15
2008-09-16
Zand, Kambiz (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C709S224000
Reexamination Certificate
active
07426634
ABSTRACT:
The present invention provides a method and apparatus for detecting and preventing a plurality of denial of service (DOS) and distributed denial of service (DDOS) attacks. The apparatus includes classifiers for parsing packets; meters storing statistics for the classified packets and detecting flood thresholds; an Ager for maintaining timeouts; a decision multiplexer for multiplexing inputs from various meters and determines whether to allow or deny the packet; and a threshold estimation means for estimating thresholds based on past data from meters, baselines, trends and seasonality. The apparatus includes a PCI interface through which a host can interact, learn continuously and set thresholds in a continuous and adaptive manner so as to prevent rate based DOS and DDOS attacks. The apparatus includes a mechanism to track culprit sources at layer 2 and layer 3 through a multiplicative increment method.
REFERENCES:
patent: 5805801 (1998-09-01), Holloway et al.
patent: 5919257 (1999-07-01), Trostle
patent: 5931946 (1999-08-01), Terada et al.
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6016546 (2000-01-01), Kephart et al.
patent: 6088804 (2000-07-01), Hill et al.
patent: 6115680 (2000-09-01), Coffee et al.
patent: 6279113 (2001-08-01), Vaidya
patent: 6301668 (2001-10-01), Gleichauf et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6408297 (2002-06-01), Ohashi
patent: 6934850 (2005-08-01), Sato
patent: 2002/0032871 (2002-03-01), Malan et al.
patent: 2002/0035698 (2002-03-01), Malan et al.
patent: 2002/0083175 (2002-06-01), Afek et al.
patent: 2002/0101819 (2002-08-01), Goldstone
patent: 2002/0144156 (2002-10-01), Copeland, III
patent: 2003/0065943 (2003-04-01), Geis et al.
Connie Howard, “Security consideration at the data link layer: layer 2 the weakest link,” Packet Magazine, fist Quarter 2003, pp. 30-33.
Rocky K. C. Chang, “Defending against flooding-based distributed denial-of-service attacks: a tutorial,” IEEE Communications Magazine, Oct. 2002, pp. 42-51.
David Moore et al., “Inferring internet denial—of—service activity,” Proc. 10thUSENIX Sec. Symp. 2001.
Rik Farrow, “VLANs: virtually insecure?” Network Magazine, Mar. 2003.
“NetScreen concepts and examples: screen OS reference guide, vol. 2: fundamentals P/N 09-0520-000 Rev F”, pp. 34-44. Retrieved on Sep. 7, 2002. Retrieved from the internet: < URL: http://www.netscreen.com/support/downloads/CE-v2.pdf>.
Jeff Forristal, “Fireproofing against DoS attacks,” Network Computing, Dec. 10, 2001. pp. 65-74.
Robert Beverly, “MS-SQL slammer/sapphire traffic analysis.” Retrieved on Mar. 31, 2003. Retrieved from the internet: < URL: http://mmo.lcs.mit.edu/slammer/>.
Jake D. Brutlag, “Aberrant behavior detection in time series for network monitoring,” presented at 2000 LISA XIV, Dec. 3-8, 2000, New Orleans, LA. <Retrieved from the internet: < URL: www.usenix.org/events/lisa2000/full—papers/brutlag/brutlag—html/>.
Stephen R. Lawrence, “Demand forecasting, time series models.” Retrieved on Sep. 8, 2003. Retrieved from the internet: < URL: http://www.-bus.colorado.edu/faculty/lawrence/tools/FORECAST/forecast.ppt>.
Harriman Dant B Shaifer
IntruGuard Devices, Inc.
Lumen Patent Firm, Inc.
Zand Kambiz
LandOfFree
Method and apparatus for rate based denial of service attack... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for rate based denial of service attack..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for rate based denial of service attack... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3991894