发明公开
EP1999585A2 BEHAVIOR-BASED TRAFFIC DIFFERENTIATION (BTD) TO DEFEND AGAINST DISTRIBUTED DENIAL OF SERVICE(DDoS) ATTACKS
审中-公开
基于行为的流量区分用于防御的分布式拒绝服务攻击
- 专利标题: BEHAVIOR-BASED TRAFFIC DIFFERENTIATION (BTD) TO DEFEND AGAINST DISTRIBUTED DENIAL OF SERVICE(DDoS) ATTACKS
- 专利标题(中): 基于行为的流量区分用于防御的分布式拒绝服务攻击
-
申请号: EP07757903.5申请日: 2007-03-05
-
公开(公告)号: EP1999585A2公开(公告)日: 2008-12-10
- 发明人: GAO, Zhiqiang , ANSARI, Nirwan
- 申请人: New Jersey Institute of Technology
- 申请人地址: 323 Martin Luther King Blvd. University Heights Newark, NJ 07102 US
- 专利权人: New Jersey Institute of Technology
- 当前专利权人: New Jersey Institute of Technology
- 当前专利权人地址: 323 Martin Luther King Blvd. University Heights Newark, NJ 07102 US
- 代理机构: Waddington, Richard
- 优先权: US778662P 20060303
- 国际公布: WO2007103864 20070913
- 主分类号: G06F11/00
- IPC分类号: G06F11/00
摘要:
Embodiments are directed toward a method for Behavior-based Traffic Differentiation (BTD) that initially receives incoming packets and performs traffic classification to determine the protocol of the incoming packets. In addition, BTD performs bandwidth division/allocation to further support traffic classification amongst non-TCP traffic types such as UDP and ICMP. For TCP traffic, the method for BTD determines whether a TCP connection has been established and performs at least one of rate limiting, waiting time reduction for half-open connections, and incrementing backlog queue size, when the TCP connection has not been established. If the TCP connection has been established successfully, the method for BTD further includes proactive tests for traffic differentiation which identify normal traffic, which is admitted, and attack traffic, which is dropped.
信息查询
