Invention Grant
US09246940B2 Systems and methods for protecting cluster systems from TCP SYN attack
有权
保护集群系统免受TCP SYN攻击的系统和方法
- Patent Title: Systems and methods for protecting cluster systems from TCP SYN attack
- Patent Title (中): 保护集群系统免受TCP SYN攻击的系统和方法
-
Application No.: US14245533Application Date: 2014-04-04
-
Publication No.: US09246940B2Publication Date: 2016-01-26
- Inventor: Krishna Khanal , Saravana Annamalaisami , Mahesh Mylarappa
- Applicant: Citrix Systems, Inc.
- Applicant Address: US FL Fort Lauderdale
- Assignee: CITRIX SYSTEMS, INC.
- Current Assignee: CITRIX SYSTEMS, INC.
- Current Assignee Address: US FL Fort Lauderdale
- Agency: Foley & Lardner LLP
- Agent Christopher J. McKenna
- Main IPC: G06F12/14
- IPC: G06F12/14 ; H04L29/06
Abstract:
The present solution is directed to systems and methods for synchronizing a random seed value among a plurality of multi-core nodes in a cluster of nodes for generating a cookie signature. The cookie signature may be used for protection from SYN flood attacks. A cluster of nodes comprises one master node and one or more other nodes. Each node comprises one master core and one or more other cores. A random number is generated at the master core of the master node. The random number is synchronized across every other core. The random number is used to generated a secret key value that is attached in the encoded initial sequence number of a SYN-ACK packet. If the responding ACK packet does not contain the secret key value, then the ACK packet is dropped.
Public/Granted literature
- US20140304810A1 SYSTEMS AND METHODS FOR PROTECTING CLUSTER SYSTEMS FROM TCP SYN ATTACK Public/Granted day:2014-10-09
Information query
