Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2004-10-26
2010-12-14
Homayounmehr, Farid (Department: 2434)
Information security
Monitoring or scanning of software or data including attack...
C713S151000
Reexamination Certificate
active
07854000
ABSTRACT:
A method for addressing attacks on a computer connected to a network includes receiving at a router a TCP SYN request to be screened. The method also includes comparing the received TCP SYN request to be screened to at least one stored tuple representative of one or more SYN requests previously received at the router and determining that the received TCP SYN request to be screened matches the stored tuple. In response to determining that the received TCP SYN request to be screened matches the stored tuple, the TCP SYN+ACK response is prevented from being sent by the router in response to the TCP SYN request to be screened.
REFERENCES:
patent: 6009103 (1999-12-01), Woundy
patent: 6256314 (2001-07-01), Rodrig et al.
patent: 6338089 (2002-01-01), Quinlan
patent: 6907470 (2005-06-01), Sawada et al.
patent: 7134012 (2006-11-01), Doyle et al.
patent: 2002/0013844 (2002-01-01), Garrett et al.
patent: 2002/0108059 (2002-08-01), Canion et al.
patent: 2004/0003285 (2004-01-01), Whelan et al.
Peng, Tao, Leckie, Christopher, Ramamohanarao, Kotagiri., “Protection from Distributed Denial of Service Attack Using History—Based IP Filtering,” ARC Special Resarch Center for Ultra—Broadband Information Networks, Department of Electrical Engineering and Electronic Engineering, The University of Melbourne, Victoria 3010, Austrailia, Apr. 2000.
Paxson, Vern., “An Analysis of Using Reflectors for Distributed Denial of Service Attacks,” AT&T Center for Internet Research at ICSI International Computer Science Institute, Berkeley, CA. USA Publication date: Jul. 2001.
Savage, Stefan, Wetherell, David, Karlin, Anna, Anderson, Tom., “Practical Network Support for IP Traceback,” Department of Computer Science and Engineering, University of Washington, Seattle, WA, USA, Sigcomm, 2000, Stockholm, Sweden.
Vern Paxson, “An Analysis of Using Reflectors for Distributed Denial-of-Service Attacks,”AT&T Center for Internet Research at ICSI International Computer Science Institute,vern@aciri.org; To appear in Computer Communication Review 31(3); http://citeseer.ist.psu.edu/451074.html, Jul. 2001.
Tao Peng, Christopher Leckie, Kotagiri Ramamohanarao, “Protection from Distributed Denial of Service Attack Using History-based IP Filtering”, ARC Special Research Center for Ultra-Broadband Information Networks, Department of Electrical and Electronic Engineering; http://citeseer.ist.psu.edu/5555589.html, Oct. 19, 2004.
“The Most Experience in Network Intrusion Prevention Solutions”, Top Layer, http://www.toplayer.com/content/products/intrusion—detection/attack—mitigator.js p, Oct. 19, 2004.
Avi Freedman, “ISP Tech Talk, Stopping the Flood”, http://avifreedman.net/bw/mar97.html, Oct. 19, 2004.
Steve Gibson, “DRDoS Distributed Reflection Denial of Service”, http://grc.com/dos/drdos.htm (23 pages), Feb. 22, 2002.
Raman Shankar
Ramani Venkat
Subramanian Srinivas
Venkat Balaji
Baker & Botts L.L.P.
Cisco Technology Inc.
Harriman Dant B Shaifer
Homayounmehr Farid
LandOfFree
Method and system for addressing attacks on a computer... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for addressing attacks on a computer..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for addressing attacks on a computer... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4198240