Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Protecting against distributed network flood attacks

A network device and network address technology, which is applied in the field of computer networks, can solve problems such as loss of income, customer dissatisfaction, and legal users cannot use it, and achieve the effect of reduced business traffic and good scalability

Active Publication Date: 2011-04-13
JUMIPER NETWORKS INC
View PDF3 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this may prevent legitimate users from using the service
In some cases, this approach may result in lost revenue or dissatisfied customers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Protecting against distributed network flood attacks
  • Protecting against distributed network flood attacks
  • Protecting against distributed network flood attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] figure 1 is a block diagram illustrating an exemplary enterprise computer network 4 in which an intrusion detection and prevention (IDP) device 10 may attempt to prevent flooding initiated by malicious entities, such as malicious automated software agents, in accordance with the techniques in this disclosure attack. Although the IDP device 10 is mainly described, it should be understood that the techniques disclosed in the present invention may be implemented by any of various network devices. For example, a network device including a service plane for coupling general security service cards (including implementations of these technologies) or service cards specifically implementing these technologies may implement the techniques disclosed herein. Gateway devices, routers, hubs, firewalls, and servers are examples of network devices that may contain these service planes. Likewise, any network security device can implement the techniques disclosed in this invention. T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A network security device performs a three-stage analysis of traffic to identify malicious clients. In one example, a device includes an attack detection module to, during a first stage, monitor network connections to a protected network device, during a second stage, to monitor a plurality of types of transactions for the plurality of network sessions when a parameter for the connections exceeds a connection threshold, and during a third stage, to monitor communications associated with network addresses from which transactions of the at least one of type of transactions originate when a parameter associated with the at least one type of transactions exceeds a transaction-type threshold. The device executes a programmed action with respect to at least one of the network addresses when the transactions of the at least one of the plurality of types of transactions originating from the at least one network address exceeds a client-transaction threshold.

Description

[0001] Cross References to Related Applications [0002] This application claims the benefit of US Provisional Application No. 61 / 239,690, filed September 3, 2009, and US Patent Application No. 12 / 607,107, filed October 28, 2009, the entire contents of which are hereby incorporated by reference. technical field [0003] The present disclosure relates to computer networks, and more particularly, to defending against attacks in computer networks. Background technique [0004] A computer network typically includes a collection of interconnected computing devices that exchange data and share resources. These devices may include, for example, web servers, database servers, file servers, routers, printers, end-user computers, and other devices. Various devices can implement a large number of different services and communication protocols. Each of the different services and communication protocols exposes the network to different security vulnerabilities. [0005] Traditional te...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26H04L29/08
CPCH04L63/1416H04L63/1458
Inventor 克里希纳·纳拉亚纳斯瓦米布赖恩·伯恩斯文卡塔·拉马·拉朱·曼特纳
Owner JUMIPER NETWORKS INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com