Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2011-06-21
2011-06-21
Barron, Jr., Gilberto (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
Reexamination Certificate
active
07966661
ABSTRACT:
An improved network protocol for mitigating network amplification attacks is provided. The absolute network load that any transient distributed attack can cause is bounded based on a resource crediting scheme. The protocol accumulates “credit” upon reception and detection of candidate attack request packets, and draws against that credit when transmitting responsive packets. In some implementations, the time frame of such an attack is also bounded using time limits applied to a resource crediting scheme. Other resources may also be bounded by the resource crediting scheme, including without limitation CPU utilization, storage capacity, power, etc.
REFERENCES:
patent: 6377546 (2002-04-01), Guerin et al.
patent: 6724721 (2004-04-01), Cheriton
patent: 7043759 (2006-05-01), Kaashoek et al.
patent: 2001/0042200 (2001-11-01), Lamberton et al.
patent: 2002/0093918 (2002-07-01), Kim et al.
patent: 2002/0147925 (2002-10-01), Lingafelt et al.
patent: 2002/0166071 (2002-11-01), Lingafelt et al.
patent: 2003/0004689 (2003-01-01), Gupta et al.
patent: 2003/0023733 (2003-01-01), Lingafelt et al.
patent: 2003/0023876 (2003-01-01), Bardsley et al.
patent: 2003/0037164 (2003-02-01), Chaar et al.
patent: 2003/0061514 (2003-03-01), Bardsley et al.
patent: 2003/0084327 (2003-05-01), Lingafelt et al.
patent: 2003/0110393 (2003-06-01), Brock et al.
patent: 2003/0126514 (2003-07-01), Shabbir Alam et al.
patent: 2003/0145225 (2003-07-01), Bruton, III et al.
patent: 2003/0145226 (2003-07-01), Bruton, III et al.
patent: 2003/0145236 (2003-07-01), Tateoka
patent: 2003/0196095 (2003-10-01), Jeffries et al.
patent: 2003/0200441 (2003-10-01), Jeffries et al.
patent: 2003/0229714 (2003-12-01), Kiremidjian et al.
patent: 2004/0044912 (2004-03-01), Connary et al.
patent: 2003-283571 (2003-10-01), None
patent: 2003-318967 (2003-11-01), None
patent: WO 02/088879 (2002-11-01), None
Bugtraq, Possible Denial of Service using DNS, Jul. 30, 1999.
JP Application 2005-114426 Office Action Dated Jul. 2, 2010.
European Patent Office, “European Search Report”, for European Patent Application No. 05 102 903.1, Examiner Bengi-Akyuerek, K., Mar. 30, 2006, Munich.
J. Ioannidis, S. M. Bellovin “Implementing Pushback: Router-Based Defense Against DDoS Attacks”, 9thAnnual Symposium on Network and Distributed System Security, [Online] Feb. 2002, pp. 1-8.
Barron Jr. Gilberto
Microsoft Corporation
Zecher Cordelia
LandOfFree
Network amplification attack mitigation does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Network amplification attack mitigation, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Network amplification attack mitigation will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2658182