WO2002025402A3 - Systems and methods that protect networks and devices against denial of service attacks - Google Patents

Systems and methods that protect networks and devices against denial of service attacks Download PDF

Info

Publication number
WO2002025402A3
WO2002025402A3 PCT/US2001/029336 US0129336W WO0225402A3 WO 2002025402 A3 WO2002025402 A3 WO 2002025402A3 US 0129336 W US0129336 W US 0129336W WO 0225402 A3 WO0225402 A3 WO 0225402A3
Authority
WO
WIPO (PCT)
Prior art keywords
systems
methods
packets
devices against
against denial
Prior art date
Application number
PCT/US2001/029336
Other languages
French (fr)
Other versions
WO2002025402A2 (en
Inventor
Robert J Donaghey
Original Assignee
Bbnt Solutions Llc
Robert J Donaghey
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bbnt Solutions Llc, Robert J Donaghey filed Critical Bbnt Solutions Llc
Priority to AU2002211242A priority Critical patent/AU2002211242A1/en
Publication of WO2002025402A2 publication Critical patent/WO2002025402A2/en
Publication of WO2002025402A3 publication Critical patent/WO2002025402A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service

Abstract

A system protects communicaton networks and devices against denial of service (DoS) attacks. A service provider (116) receives a signal indicating that a DoS attack has been detected, receives one or more packets intended for a victim device (420), and transmits the one or more packets to a triage device (140). The triage device determines whether each of the one or more packets is part of the DoS attack and forwards only packets that are deemed unrelated to the DoS attack to the victim device (420).
PCT/US2001/029336 2000-09-20 2001-09-19 Systems and methods that protect networks and devices against denial of service attacks WO2002025402A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002211242A AU2002211242A1 (en) 2000-09-20 2001-09-19 Systems and methods that protect networks and devices against denial of service attacks

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US66611400A 2000-09-20 2000-09-20
US09/666,114 2000-09-20

Publications (2)

Publication Number Publication Date
WO2002025402A2 WO2002025402A2 (en) 2002-03-28
WO2002025402A3 true WO2002025402A3 (en) 2002-08-01

Family

ID=24672884

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/029336 WO2002025402A2 (en) 2000-09-20 2001-09-19 Systems and methods that protect networks and devices against denial of service attacks

Country Status (2)

Country Link
AU (1) AU2002211242A1 (en)
WO (1) WO2002025402A2 (en)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7707305B2 (en) 2000-10-17 2010-04-27 Cisco Technology, Inc. Methods and apparatus for protecting against overload conditions on nodes of a distributed network
KR20030009887A (en) * 2001-07-24 2003-02-05 주식회사 케이티 A system and method for intercepting DoS attack
US8438241B2 (en) 2001-08-14 2013-05-07 Cisco Technology, Inc. Detecting and protecting against worm traffic on a network
EP1616269B1 (en) * 2003-04-09 2015-09-16 Cisco Technology, Inc. Selective diversion and injection of communication traffic
US7308716B2 (en) 2003-05-20 2007-12-11 International Business Machines Corporation Applying blocking measures progressively to malicious network traffic
US7617526B2 (en) 2003-05-20 2009-11-10 International Business Machines Corporation Blocking of spam e-mail at a firewall
US7464404B2 (en) 2003-05-20 2008-12-09 International Business Machines Corporation Method of responding to a truncated secure session attack
US6985920B2 (en) * 2003-06-23 2006-01-10 Protego Networks Inc. Method and system for determining intra-session event correlation across network address translation devices
US7925766B2 (en) 2004-02-18 2011-04-12 At&T Intellectual Property Ii, L.P. Method for distributed denial-of-service attack mitigation by selective black-holing in MPLS VPNS
US7444417B2 (en) 2004-02-18 2008-10-28 Thusitha Jayawardena Distributed denial-of-service attack mitigation by selective black-holing in IP networks
US8176126B2 (en) 2004-08-26 2012-05-08 International Business Machines Corporation System, method and program to limit rate of transferring messages from suspected spammers
WO2006040880A1 (en) 2004-10-12 2006-04-20 Nippon Telegraph And Telephone Corporation Service disabling attack protecting system, service disabling attack protecting method, and service disabling attack protecting program
EP1844596B1 (en) * 2005-01-28 2012-10-17 Broadcom Corporation Method and system for mitigating denial of service in a communication network
US8346960B2 (en) 2005-02-15 2013-01-01 At&T Intellectual Property Ii, L.P. Systems, methods, and devices for defending a network
US8089871B2 (en) 2005-03-25 2012-01-03 At&T Intellectual Property Ii, L.P. Method and apparatus for traffic control of dynamic denial of service attacks within a communications network
EP1744516A1 (en) * 2005-07-15 2007-01-17 AT&T Corp. Distributed denial-of-service attack mitigation by selective black-holing in IP networks
US7889735B2 (en) * 2005-08-05 2011-02-15 Alcatel-Lucent Usa Inc. Method and apparatus for defending against denial of service attacks in IP networks based on specified source/destination IP address pairs
US20070033650A1 (en) * 2005-08-05 2007-02-08 Grosse Eric H Method and apparatus for defending against denial of service attacks in IP networks by target victim self-identification and control
US20070300304A1 (en) * 2006-06-26 2007-12-27 Nokia Corporation SIP washing machine
US11683327B2 (en) * 2020-07-23 2023-06-20 Micro Focus Llc Demand management of sender of network traffic flow

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5958053A (en) * 1997-01-30 1999-09-28 At&T Corp. Communications protocol with improved security
US6298445B1 (en) * 1998-04-30 2001-10-02 Netect, Ltd. Computer security
US6301668B1 (en) * 1998-12-29 2001-10-09 Cisco Technology, Inc. Method and system for adaptive network security using network vulnerability assessment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5958053A (en) * 1997-01-30 1999-09-28 At&T Corp. Communications protocol with improved security
US6298445B1 (en) * 1998-04-30 2001-10-02 Netect, Ltd. Computer security
US6301668B1 (en) * 1998-12-29 2001-10-09 Cisco Technology, Inc. Method and system for adaptive network security using network vulnerability assessment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
SMITH R., BHATTACHARYA S.: "Operating firewalls outside the LAN perimeter", MOTOROLA INC., February 1999 (1999-02-01), ARIZONA, pages 493 - 498, XP000859730 *
VAZHKUDAI S., MAGINNIS T.: "A high performance communication subsystem for PODOS", MISSISSIPPI UNIVERSITY, December 1999 (1999-12-01), MISSISSIPPI, pages 81 - 91, XP010365647 *

Also Published As

Publication number Publication date
WO2002025402A2 (en) 2002-03-28
AU2002211242A1 (en) 2002-04-02

Similar Documents

Publication Publication Date Title
WO2002025402A3 (en) Systems and methods that protect networks and devices against denial of service attacks
WO2002033870A3 (en) Methods and apparatus for protecting against overload conditions on nodes of a distributed network
AU2001252067A1 (en) Method and system for protection against denial of service attacks
JP4174392B2 (en) Network unauthorized connection prevention system and network unauthorized connection prevention device
AU2001288687A1 (en) Monitoring network traffic denial of service attacks
AU2001290612A1 (en) Device to protect victim sites during denial of service attacks
AU5935400A (en) System and method for protecting a computer network against denial of service attacks
WO2005022440A8 (en) Network isolation techniques suitable for virus protection
WO2008054952A3 (en) Method and apparatus for providing network based end-device protection
WO2010091186A3 (en) Method and system for providing remote protection of web servers
CA2334971A1 (en) Bi-directional process-to-process byte stream protocol
EP2555486A3 (en) Multi-method gateway-based network security systems and methods
GB2404544A (en) Network security system protecting against unauthorized agents
WO2002028057A3 (en) Method and system for transmitting data
WO2005107296A8 (en) Network security system
AU2001253534A1 (en) Method and system for overcoming denial of service attacks
WO2006019701A3 (en) Inline intrusion detection using a single physical port
WO2008004054A3 (en) Restricting and preventing pairing attempts from virus attack and malicious software
WO2004095281A3 (en) System and method for network quality of service protection on security breach detection
WO2001024013A3 (en) Protection circuit for an access-arbitrated bus system network
EP1135001A3 (en) Apparatus and method for automatic port identity discovery in hierarchical heterogenous systems
WO2003013070A3 (en) Packet flooding defense system
EP1193612A3 (en) Handling bus packets within a node on a bus structure
EP1479191A4 (en) System for intercepting network access and method thereof
AU2002337587A1 (en) Protecting network traffic against spoofed domain name system (dns) messages

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP