Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing – Network resources access controlling
Reexamination Certificate
2008-07-08
2008-07-08
Barot, Bharat (Department: 2155)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
Network resources access controlling
C709S203000, C709S227000, C709S237000, C713S153000, C370S401000
Reexamination Certificate
active
07398317
ABSTRACT:
A system architecture for thwarting denial of service attacks on a victim data center is described. The system includes a first plurality of monitors that monitor network traffic flow through the network. The first plurality of monitors is disposed at a second plurality of points in the network. The system includes a central controller that receives data from the plurality of monitors, over a hardened, redundant network. The central controller analyzes network traffic statistics to identify malicious network traffic. In some embodiments of the system, a gateway device is disposed to pass network packets between the network and the victim site. The gateway is disposed to protect the victim site, and is coupled to the control center by the redundant hardened network.
REFERENCES:
patent: 5796956 (1998-08-01), Jones
patent: 6061341 (2000-05-01), Andersson et al.
patent: 6061789 (2000-05-01), Hauser et al.
patent: 6108782 (2000-08-01), Fletcher et al.
patent: 6279113 (2001-08-01), Vaidya
patent: 6301668 (2001-10-01), Gleichauf et al.
patent: 6304262 (2001-10-01), Maloney et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6353385 (2002-03-01), Molini et al.
patent: 6370116 (2002-04-01), Giroux et al.
patent: 6381649 (2002-04-01), Carlson
patent: 6388992 (2002-05-01), Aubert et al.
patent: 6389448 (2002-05-01), Primak et al.
patent: 6442694 (2002-08-01), Bergman et al.
patent: 6535484 (2003-03-01), Hughes et al.
patent: 6597661 (2003-07-01), Bonn
patent: 6597957 (2003-07-01), Beakley
patent: 6678827 (2004-01-01), Rothermel et al.
patent: 6691213 (2004-02-01), Luu et al.
patent: 6725378 (2004-04-01), Schuba et al.
patent: 6738814 (2004-05-01), Cox et al.
patent: 6775657 (2004-08-01), Baker
patent: 6789203 (2004-09-01), Belissent
patent: 6807667 (2004-10-01), Bar et al.
patent: 6816910 (2004-11-01), Ricciulli
patent: 6848005 (2005-01-01), Plevyak et al.
patent: 2002/0023089 (2002-02-01), Woo
patent: 2002/0031134 (2002-03-01), Poletto et al.
patent: 2002/0035628 (2002-03-01), Gil et al.
patent: 2002/0095492 (2002-07-01), Kaashoek et al.
patent: 2002/0103916 (2002-08-01), Chen et al.
“Analysis of a Denial of Service Attack on TCP”, Schuba et al., Proceedings of the 1997 IEEE Symposium on Security and Privacy (IEEE Computer Society Press, May 1997), 16 pps.
Communications News, Jun. 2000, 37, 6, 48.
McFadden, Oct. 25, 2000, Ent, 5, 17, 22.
Greene, Feb. 16, 1998, p. 20.
Johnson, Nov. 27, 2000, Network World.
Martin, Aug. 14, 2000, Network World, p. 86.
Snyder, Jul. 19, 1999, Network World, p. 53.
Mell, P. et al., “Mobile Agent Attack Resistant Distributed Hierarchical Intrusion Detection Systems,” RAID 1999, Sep. 99, pp. 1-8.
Messmer, E., “Security needs spawn services—Managed detection services growing in popularity”, Network World, Apr. 2000, Retrieved from the Internet on May 8, 2005: <networkworld.com
ews/2000/0403,intrusion.html>.
Mansfield et al., “Towards trapping wily intruders in the large”, RAID 1999, Sep. 99, pp. 1-13.
Stallings, William, “Cryptography and Network Security”,Principles and Practice, 2ndEdition, Intruders and Viruses, Chapter 15, pp. 478-501, date unknown.
Roesch, Martin, “Snort—Lightweight Intrusion Detection for Networks”, Proceedings of LISA XIII '99: 13thSystems Administration Conference, Nov. 7-12, 1999, pp. 229-238.
Ohta et al., “Detection, Defense, and Tracking of Internet-Wide Illegal Access in a Distributed Manner”, Internet Society, Jul. 18-21, 2000, Retrieved from the Internet on Oct. 27, 2004: <isoc.org/inet2000/edproceedings/lf/lf—2.htm>.
Chen Benjie
Poletto Massimiliano Antonio
Barot Bharat
Fish & Richardson P.C.
Mazu Networks, Inc.
LandOfFree
Thwarting connection-based denial of service attacks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Thwarting connection-based denial of service attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Thwarting connection-based denial of service attacks will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2757523