Method for protecting against attacks in a high-speed network

A high-speed network and network technology, applied in transmission systems, electrical components, etc., can solve problems such as inability to effectively prevent overflow attacks, and achieve the effect of preventing denial of service attacks

Inactive Publication Date: 2006-08-16
IBM CORP
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, for some protocols that follow a pre-specified sequence of handshake messages, this solution is not effective against overflow attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for protecting against attacks in a high-speed network
  • Method for protecting against attacks in a high-speed network
  • Method for protecting against attacks in a high-speed network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] figure 1 A possible scenario of a denial of service attack is shown. The attacker 10 sends the request to the target 14 over the optical fiber 16 using the source ID of the authorized initiator 12 . According to the present invention, this request is evaluated in the hardware networking module 18 to ensure that the resources of the main CPU 20 in the target are not being used and to prevent the target from overflowing.

[0034] to see figure 2 , a 3-way handshake protocol is illustrated in the figure. The initiator identified by the source ID sends a request message to the target identified by the destination ID. A target postback includes a ready-to-receive message for the target parameter. To establish a connection, the initiator sends a Ready to Receive message containing the initiator parameters.

[0035] With this 3-way handshake protocol, an attacker using a spoofed address can flood the target with connection requests because the target allocates resources ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method, module and computer program for protecting a target against attacks in a high-speed network. The method according to the invention comprises the steps of generating a question, after having received a request from an initiator identified by a sourcelD associated to a certain node in the network, sending the question to the node identified by the sourcelD, in case that an answer to the question is received, evaluating the answer, and in case that a proper answer has been received, enabling communication between the initiator and the target by sending a further message from the target to the initiator.

Description

technical field [0001] The invention relates to the technical field of preventing attacks in high-speed networks, in particular to a method and module for preventing targets from being attacked in high-speed networks. The invention also relates to a computer program product having a computer-readable medium and a computer program stored on the computer-readable medium having program code means adapted to, when said computer program is run on a computer, Execute the method above. Furthermore, the invention also relates to a method of processing requests in a high-speed network. Background technique [0002] In high-speed networks, data exchange takes place according to standardized protocols such as TCP / IP or InfiniBand. Communication between nodes in such a network is initiated by a so-called handshake protocol that guarantees correct data transfer between the network nodes involved. In this way, some so-called initiator nodes in the network can use services provided by o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/00G06F21/55
CPCH04L63/1458
Inventor 克里斯托弗·莱施马可·克里莫塞巴斯蒂安·科赛尔克里斯蒂·豪瑟
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap