Multiplex communications – Diagnostic testing – Of a switching system
Reexamination Certificate
2006-04-20
2009-11-24
Ryman, Daniel J. (Department: 2419)
Multiplex communications
Diagnostic testing
Of a switching system
C370S389000
Reexamination Certificate
active
07623466
ABSTRACT:
Symmetric Connection Detection (SCD) is a method of detecting when a connection has been fully established in a resource-constrained environment, and works in high-speed routers, at line speed. Many network monitoring applications are only interested in connections that become fully established, so other connection attempts, such as port scanning attempts, simply waste resources if not filtered. SCD filters out unsuccessful connection attempts using a simple combination of Bloom filters to track the state of connection establishment for every flow in the network. Unsuccessful flows can be filtered out to a very high degree of accuracy, depending on the size of the bloom filter and traffic rate. The SCD methodology can also easily be adapted to accomplish port scan detection, and to detect or filter other types of invalid TCP traffic.
REFERENCES:
patent: 2003/0003895 (2003-01-01), Wallentin et al.
patent: 2006/0098585 (2006-05-01), Singh et al.
patent: 2006/0126522 (2006-06-01), Oh
patent: 2007/0297349 (2007-12-01), Arkin
Weaver et al, “Very Fast Containment of Scanning Worms,” found atnweaver@icsi.berkeley.edu.
V. Paxson, “Bro: A System for Detecting Network Intruders in Real-Time,” Computer Networks, 31 (23-24), pp. 2435-2463, Dec. 14, 1999.
Alcatel Lucent
Blanton John
Kramer & Amado P.C.
Ryman Daniel J.
LandOfFree
Symmetric connection detection does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Symmetric connection detection, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Symmetric connection detection will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4122314