发明申请
US20060010389A1 Identifying a distributed denial of service (DDoS) attack within a network and defending against such an attack
审中-公开
识别网络中的分布式拒绝服务(DDoS)攻击并防范此类攻击
- 专利标题: Identifying a distributed denial of service (DDoS) attack within a network and defending against such an attack
- 专利标题(中): 识别网络中的分布式拒绝服务(DDoS)攻击并防范此类攻击
-
申请号: US11177573申请日: 2005-07-08
-
公开(公告)号: US20060010389A1公开(公告)日: 2006-01-12
- 发明人: John Rooney , Christopher Giblin , Marcel Waldvogel , Paul Hurley
- 申请人: John Rooney , Christopher Giblin , Marcel Waldvogel , Paul Hurley
- 申请人地址: US NY Armonk
- 专利权人: International Business Machines Corporation
- 当前专利权人: International Business Machines Corporation
- 当前专利权人地址: US NY Armonk
- 优先权: EP04405438.5 20040709
- 主分类号: G06F17/00
- IPC分类号: G06F17/00
摘要:
The invention provides methods, apparatus and systems for detecting distributed denial of service (DDoS) attacks within the Internet by sampling packets at a point or points in Internet backbone connections to determine a packet metric parameter. The packet metric parameter which might comprise the volume of packets received is analysed over selected time intervals with respect to specified geographical locations in which the hosts transmitting the packets are located. The expected behaviour can be employed to identify traffic distortions revealing a DDoS attack. In a complementary aspect, the invention provides a method of authenticating packets at routers in order to elevate the QoS of authenticated packets. This method can be used to block or filter packets and can be used in conjunction with the DDoS attack detection system to defend against DDoS attacks within the Internet in a distributed manner.
信息查询
