发明申请
US20070209068A1 BEHAVIOR-BASED TRAFFIC DIFFERENTIATION (BTD) FOR DEFENDING AGAINST DISTRIBUTED DENIAL OF SERVICE (DDoS) ATTACKS 有权
基于行为的交通差异(BTD)防御分布式服务(DDoS)攻击

BEHAVIOR-BASED TRAFFIC DIFFERENTIATION (BTD) FOR DEFENDING AGAINST DISTRIBUTED DENIAL OF SERVICE (DDoS) ATTACKS
摘要:
Embodiments are directed toward a method for Behavior-based Traffic Differentiation (BTD) that initially receives incoming packets and performs traffic classification to determine the protocol of the incoming packets. In addition, BTD performs bandwidth division/allocation to further support traffic classification amongst non-TCP traffic such as UDP and ICMP. For TCP traffic, the method for BTD determines whether a TCP connection has been established and performs at least one of rate limiting, waiting time reduction for half-open connections, and incrementing backlog queue size when the TCP connection has not been established. If the TCP connection has been established successfully, the method for BTD further includes proactive tests for traffic differentiation which identify normal traffic, which is admitted, and attack traffic, which is dropped.
信息查询
0/0