发明授权
US08091132B2 Behavior-based traffic differentiation (BTD) for defending against distributed denial of service (DDoS) attacks
有权
基于行为的流量分类(BTD),用于防御分布式拒绝服务(DDoS)攻击
- 专利标题: Behavior-based traffic differentiation (BTD) for defending against distributed denial of service (DDoS) attacks
- 专利标题(中): 基于行为的流量分类(BTD),用于防御分布式拒绝服务(DDoS)攻击
-
申请号: US11682119申请日: 2007-03-05
-
公开(公告)号: US08091132B2公开(公告)日: 2012-01-03
- 发明人: Nirwan Ansari , Zhiqiang Gao
- 申请人: Nirwan Ansari , Zhiqiang Gao
- 申请人地址: US NJ Newark
- 专利权人: New Jersey Institute of Technology
- 当前专利权人: New Jersey Institute of Technology
- 当前专利权人地址: US NJ Newark
- 代理机构: Connolly Bove Lodge & Hutz LLP
- 主分类号: G06F12/14
- IPC分类号: G06F12/14
摘要:
Embodiments are directed toward a method for Behavior-based Traffic Differentiation (BTD) that initially receives incoming packets and performs traffic classification to determine the protocol of the incoming packets. In addition, BTD performs bandwidth division/allocation to further support traffic classification amongst non-TCP traffic such as UDP and ICMP. For TCP traffic, the method for BTD determines whether a TCP connection has been established and performs at least one of rate limiting, waiting time reduction for half-open connections, and incrementing backlog queue size when the TCP connection has not been established. If the TCP connection has been established successfully, the method for BTD further includes proactive tests for traffic differentiation which identify normal traffic, which is admitted, and attack traffic, which is dropped.
公开/授权文献
信息查询
