Process to thwart denial of service attacks on the internet

Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network access regulating

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Process to thwart denial of service attacks on the internet Process to thwart denial of service attacks on the internet

: 2007-07-31
: 2007-07-31
: Kang, Paul H. (Department: 2144)
: Electrical computers and digital processing systems: multicomput
: Computer network managing
: Computer network access regulating

: C709S232000, C709S238000
: Reexamination Certificate
: active
: 09672206
: ABSTRACT:
Denial of service (CSDoS) attacks are managed by a process that diverts a fraction of SYN packets destined to a server S to a web guard processor. The web guard processor acts as a termination point in the connection with the one or more clients from which the packets originated, and upon the establishment of a first TCP connection with a legitimate client, opens a new TCP connection to the server and transfers the data between these two connections. It also monitors the number of timed-out connections. When an attack is in progress, the number of the forged attack packets and timed-out connections increases significantly. If this number exceeds a predetermined threshold amount, the web guard processor declares that this server is under attack. The switch diverts all traffic (i.e. SYN packets) destined to this server to the web guard processor, or to delete all SYN packets to the server.

REFERENCES:
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6487204 (2002-11-01), Dacier et al.
patent: 6578147 (2003-06-01), Shanklin et al.
patent: 6609205 (2003-08-01), Bernhard et al.
patent: 2002/0031134 (2002-03-01), Poletto et al.
patent: 2002/0032871 (2002-03-01), Malan et al.
patent: 2002/0035698 (2002-03-01), Malan et al.
patent: 2003/0110394 (2003-06-01), Sharp et al.
The Internet Engineering Task Force(IETF) RFC 2827, “Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Addresss Spoofing”, May 2000, pp. 1-9.

Affiliated with

Raz Danny

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Kang Paul H.

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Lucent Technologies - Inc.

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Process to thwart denial of service attacks on the internet does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Process to thwart denial of service attacks on the internet, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Process to thwart denial of service attacks on the internet will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-3763343

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure