Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-06-07
2005-06-07
Darrow, Justin T. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S151000, C713S152000
Reexamination Certificate
active
06904529
ABSTRACT:
A method and system protects a security parameter negotiation server that stores states for connection requests pending negotiations from malicious denial-of-service attacks that attempt to flood the server with false requests. The degradation of performance of the server is dynamically detected, such as by monitoring the running intervals of a reaper that removes unneeded states. When performance degradation of the system is detected, relevant performance variables such as negotiation delay, extra retransmission delay and packet drop percentage are dynamically adjusted to reduce the workload on the negotiation server. Limiting the number of states with incomplete negotiation status for each client and the total number of such states further enhances the effectiveness of the protection against denial-of-service attacks.
REFERENCES:
patent: 5923849 (1999-07-01), Venkatraman
patent: 5958053 (1999-09-01), Denker
patent: 6330562 (2001-12-01), Boden et al.
“Analysis of a Denial of Service Attack on TCP”, Proceedings of the 1997 IEEE Symposium on Security and Privacy, 1997, pp. 208-223.
Computer Communications 22(10): “TCP/IP Security Threats and Attack Methods”, Jun. 25, 1999, 885-97.
“Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks”, Proceedings of the 1999 Network and Distributed System Security Symposium, pp. 151-65.
“Analysis of a Denial of Service Attack on TCP”, Proceedings of the 1997 IEEE Symposium on Security and Privacy, 1997, pp. 208-223.
Darrow Justin T.
Leydig , Voit & Mayer, Ltd.
Microsoft Corporation
LandOfFree
Method and system for protecting a security parameter... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for protecting a security parameter..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for protecting a security parameter... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3466746