Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing
Reexamination Certificate
2008-04-08
2008-04-08
Cardone, Jason (Department: 2141)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
C709S238000, C726S022000
Reexamination Certificate
active
10057043
ABSTRACT:
Automated techniques are described that provide continuous, uninterrupted operation of the secure packet tunnels in spite of access link flooding attacks. A system is described that includes a source device and a destination device coupled to a network. The source and destination devices may comprise, for example, edge routers that couple local area networks to the network via access links. The source device and the destination device establish a packet tunnel that has a source network address and a destination network address. Upon detecting a network attack, the destination device selects a new network address for at least one of the source network address and the destination network address and establishes a new packet tunnel with the source device. The source network address and the destination network address may comprise port numbers, Internet Protocol (IP) addresses, or other information describing the source and destination devices.
REFERENCES:
patent: 6092113 (2000-07-01), Maeshima et al.
patent: 6353593 (2002-03-01), Chen et al.
patent: 6473863 (2002-10-01), Genty et al.
patent: 6738910 (2004-05-01), Genty et al.
patent: 6880090 (2005-04-01), Shawcross
patent: 6920134 (2005-07-01), Hameleers et al.
patent: 2002/0083175 (2002-06-01), Afek et al.
patent: 2002/0099854 (2002-07-01), Jorgensen
patent: 2003/0016679 (2003-01-01), Adams et al.
patent: 2003/0093691 (2003-05-01), Simon et al.
patent: 2006/0050719 (2006-03-01), Barr et al.
S. Kent, and R.Atkinson, “Security Architecture for the Internet Protocol,” IETF RFC 2401, Nov. 1998.
K. Hamzeh, et al., “Point-to-Point Tunneling Protocol,” IETF RFC 2637, Jul. 1999.
W. Townsley, et al., “Layer Two Tunneling Protocol (L2TP),” IETF RFC 2661, Aug. 1999.
K.J. Houle, and G.M. Weaver, “Trends in Denial of Service Attack Technology,” Technical Report, CERT Coordination Center, Oct. 2001.
D. Moore, G.M. Voelker, and S. Savage, “Inferring Internet Denial-of-Service Activity,” Proceedings of the 2001 USENIX Security Symposium, Washington, D.C., Aug. 2001.
R. Braden, et al., “Resource Reservation Protocol (RSVP),” IETF RFC 2205, Sep. 1997.
S. Bhattachayya, et al., “An Overview of Source-Specific Multicast (SSM) Deployment,” IETF Internet Draft: draft-ietf-ssm-overview-01.txt, Aug. 2001.
S. Deering, “Host Extensions for IP Multicasting,” IETF RFC 1112, Aug. 1989.
G. Banga, P. Druschel, and J. Mogul, “Resource Containers: A New Facility for Resource Management in Server Systems,” in Proceedings of the 1999 USENIX/ACM Symp. on Operating System Design and Implementation, Feb. 1999.
S.M. Bellovin et al., “ICMP Traceback Messages,” Internet Draft: draft-ietf-I trace-01.txt, Oct. 2001.
Cisco Systems, Configuring TCP Intercept (Prevent Denial-of-Service Attacks), Cisco IOS Documentation, Dec. 1997.
S. Savage, D. Wetherall, A. Karlin, and T. Anderson, “Network Support for IP Traceback,” IEEE/ACM Trans. on Networking, vol. 9, No. 3, Jun. 2001.
D. Song and A. Perrig, “Advanced and Authenticated Marking Schemes for IP Traceback,” Jun. 2000.
O. Spatscheck and L. Peterson, “Defending Against Denial of Service Attacks in Scout,” Proceedings of the 1999 USENIX/ACM Symp. on Operating System Design and Implementation, Feb. 1999.
R. Stone, “CenterTrack: AN IP Overlay Network for Tracking DoS Floods,” Proceedings of the 2000 USENIX Security Symposium, Dec. 2000.
Kaddoura Maher N.
Millikin Kevin S.
Ramanujan Ranga S.
Wu Xiaoming
Architecture Technology Corp.
Cardone Jason
Gillis Brian J
Shumaker & Sieffert P.A.
LandOfFree
Protecting networks from access link flooding attacks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Protecting networks from access link flooding attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Protecting networks from access link flooding attacks will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3934529