-
公开(公告)号:US07702806B2
公开(公告)日:2010-04-20
申请号:US09931223
申请日:2001-08-16
IPC分类号: G06F15/16 , G06F15/173 , G01R31/08 , G06F11/00 , G08C15/00 , H04J1/16 , H04J3/14 , H04L1/00 , H04L12/26 , G06F12/14 , G06F12/16
CPC分类号: H04L63/1408 , H04L43/00 , H04L43/026 , H04L43/106 , H04L43/16 , H04L63/1416 , H04L63/1458 , H04L2463/102
摘要: A system architecture for thwarting denial of service attacks on a victim data center is described. The system includes a first plurality of monitors that monitor network traffic flow through the network. The first plurality of monitors is disposed at a second plurality of points in the network. The system includes a central controller that receives data from the plurality of monitors, over a hardened, redundant network. The central controller analyzes network traffic statistics to identify malicious network traffic. In some embodiments of the system, a gateway device is disposed to pass network packets between the network and the victim site. The gateway is disposed to protect the victim site, and is coupled to the control center by the redundant hardened network.
摘要翻译: 描述了用于阻止对受害者数据中心的拒绝服务攻击的系统架构。 该系统包括第一多个监视器,其监视通过网络的网络业务流。 第一多个监视器被布置在网络中的第二多个点处。 该系统包括通过硬化的冗余网络从多个监视器接收数据的中央控制器。 中央控制器分析网络流量统计信息,识别恶意网络流量。 在系统的一些实施例中,设置网关设备以在网络和受害者站点之间传递网络分组。 网关被设置为保护受害者站点,并通过冗余硬化网络耦合到控制中心。
-
公开(公告)号:US07827272B2
公开(公告)日:2010-11-02
申请号:US10701155
申请日:2003-11-03
IPC分类号: G06F15/173 , G06F15/16 , G06F12/16
CPC分类号: H04L41/0893 , H04L41/0213 , H04L41/12 , H04L43/00 , H04L43/06 , H04L43/0894 , H04L43/16 , H04L63/1425
摘要: A system for detecting network intrusions and other conditions in a network is described. The system includes a plurality of collector devices that are disposed to collect data and statistical information on packets that are sent between nodes on a network. An aggregator device is disposed to receive data and statistical information from the plurality of collector devices. The aggregator device produces a connection table that maps each node on the network to a record that stores information about traffic to or from the node. The aggregator runs processes that determine network events from aggregating of anomalies into network events.
摘要翻译: 描述了一种用于检测网络中的网络入侵和其他条件的系统。 该系统包括多个收集器装置,其被设置为收集关于在网络上的节点之间发送的分组的数据和统计信息。 设置聚合器装置以从多个收集器装置接收数据和统计信息。 聚合器设备产生连接表,其将网络上的每个节点映射到存储关于到节点或从节点的流量的信息的记录。 聚合器运行确定网络事件的过程,从异常聚合到网络事件。
-
公开(公告)号:US07706273B2
公开(公告)日:2010-04-27
申请号:US10955450
申请日:2004-09-30
IPC分类号: H04L12/26
CPC分类号: H04L63/0218 , H04L63/145 , H04L63/1458
摘要: Techniques for tracking dynamically negotiated port connections in a network include collecting statistical information on packets that are sent between nodes on a network, inspecting packets of control connections to detect payload fragments that denote ephemeral port negotiation and producing a mapping from a ephemeral connection flow_id to a control connection flow_id. The techniques also include checking the flow_id to see whether a flow record maps to a control connection.
摘要翻译: 用于跟踪网络中动态协商的端口连接的技术包括收集关于在网络上的节点之间发送的分组的统计信息,检查控制连接的分组以检测表示短暂端口协商的有效载荷片段,并产生从短暂连接flow_id到 控制连接flow_id。 这些技术还包括检查flow_id以查看流记录是否映射到控制连接。
-
公开(公告)号:US07716737B2
公开(公告)日:2010-05-11
申请号:US10701404
申请日:2003-11-03
CPC分类号: H04L41/0893 , H04L29/12009 , H04L29/12018 , H04L41/065 , H04L43/00 , H04L43/0811 , H04L61/10 , H04L63/1416 , H04L63/1458
摘要: A system for detecting network intrusions and other conditions in a network is described. The system includes a plurality of collector devices that are disposed to collect data and statistical information on packets that are sent between nodes on a network. An aggregator device is disposed to receive data and statistical information from the plurality of collector devices. The aggregator device produces a connection table that maps each node on the network to a record that stores information about traffic to or from the node. The aggregator runs processes that determine network events from aggregating of anomalies into network events.
摘要翻译: 描述了一种用于检测网络中的网络入侵和其他条件的系统。 该系统包括多个收集器装置,其被设置为收集关于在网络上的节点之间发送的分组的数据和统计信息。 设置聚合器装置以从多个收集器装置接收数据和统计信息。 聚合器设备产生连接表,其将网络上的每个节点映射到存储关于到节点或从节点的流量的信息的记录。 聚合器运行确定网络事件的过程,从异常聚合到网络事件。
-
公开(公告)号:US07657934B2
公开(公告)日:2010-02-02
申请号:US10066252
申请日:2002-01-31
IPC分类号: H04L9/00
CPC分类号: H04L63/1408 , H04L63/1425 , H04L63/1458
摘要: A monitoring device is disposed to thwart denial of service attacks on a data center. The monitoring device is a device that collects statistical information on packets that are sent between a network and the data center for a plurality of customers by examining traffic as if the device was disposed on links that are downstream from links that the provisioned monitor is disposed on.
摘要翻译: 设置监控设备以阻止对数据中心的拒绝服务攻击。 监视装置是通过检查流量来收集关于在多个客户的网络和数据中心之间发送的分组的统计信息的装置,就好像该设备被布置在所配置的监视器所在的链路的下游的链路上 。
-
公开(公告)号:US08191136B2
公开(公告)日:2012-05-29
申请号:US10701381
申请日:2003-11-03
IPC分类号: H04L29/06
CPC分类号: H04L41/0893 , H04L41/0213 , H04L41/22 , H04L43/06 , H04L43/0894 , H04L43/16 , H04L63/1458
摘要: A system for detecting network intrusions and other conditions in a network is described. The system includes a plurality of collector devices that are disposed to collect data and statistical information on packets that are sent between nodes on a network. An aggregator device is disposed to receive data and statistical information from the plurality of collector devices. The aggregator device produces a connection table that maps each node on the network to a record that stores information about traffic to or from the node. The aggregator runs processes that determine network events from aggregating of anomalies into network events.
摘要翻译: 描述了一种用于检测网络中的网络入侵和其他条件的系统。 该系统包括多个收集器装置,其被设置为收集关于在网络上的节点之间发送的分组的数据和统计信息。 设置聚合器装置以从多个收集器装置接收数据和统计信息。 聚合器设备产生连接表,其将网络上的每个节点映射到存储关于到节点或从节点的流量的信息的记录。 聚合器运行确定网络事件的过程,从异常聚合到网络事件。
-
公开(公告)号:US07213264B2
公开(公告)日:2007-05-01
申请号:US10062974
申请日:2002-01-31
IPC分类号: G06F12/16
CPC分类号: H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1458
摘要: A monitoring device disposed for thwarting denial of service attacks on the data center is described. The monitoring device includes a plurality of probe devices that are disposed to collect statistical information on packets that are sent between the network and the data center and a cluster head coupled to each of the plurality of probe devices, the cluster head receiving collected statistical information from the probe devices and determining from the collected information whether the data center is under a denial of service attack.
摘要翻译: 描述了一种用于阻止对数据中心的拒绝服务攻击的监视设备。 所述监控装置包括多个探测设备,所述多个探测设备被设置为收集关于在所述网络和所述数据中心之间发送的分组的统计信息,以及耦合到所述多个探测设备中的每一个的簇头,所述群集头从 探测设备,并从收集的信息中确定数据中心是否处于拒绝服务攻击状态。
-
公开(公告)号:US07760653B2
公开(公告)日:2010-07-20
申请号:US10974386
申请日:2004-10-26
IPC分类号: G01R31/08 , G06F15/173
CPC分类号: H04L41/0631 , H04L41/0213 , H04L43/02 , H04L43/12 , H04L63/14 , H04L69/40
摘要: A system includes a plurality of collector devices that are disposed to collect statistical information on packets that are sent between nodes on a network. The system also includes a stackable aggregator that receives network data from the plurality of collector devices, and which produces a connection table that maps each node on the network to a record that stores information about traffic to or from the node. The stackable aggregator includes a manager blade, a database blade, and two or more, analyzer blades.
摘要翻译: 系统包括多个收集器装置,其被设置为收集关于在网络上的节点之间发送的分组的统计信息。 该系统还包括可堆叠聚合器,其从多个收集器设备接收网络数据,并且其产生将网络上的每个节点映射到存储关于到节点或从节点的流量的信息的记录的连接表。 可堆叠聚合器包括管理器刀片,数据库刀片和两个或更多个分析器刀片。
-
公开(公告)号:US07581023B2
公开(公告)日:2009-08-25
申请号:US10137744
申请日:2002-04-30
IPC分类号: G06F15/173 , G06F12/16
CPC分类号: H04L45/00 , H04L63/1408 , H04L63/1458
摘要: An arrangement is disposed in a network. The arrangement includes a device that is logically disposed adjacent logically nearby routers having a first type of probe that are disposed to sample traffic, and that is has second type of probe that is disposed in-line during an attack by modifying router tables on the nearby routers.
摘要翻译: 布置在网络中。 该装置包括逻辑上设置在逻辑上邻近的路由器附近的设备,该设备具有设置成采样业务的第一类型的探测器,并且具有在攻击期间在线布置的第二类型的探测器,通过修改附近的路由器表 路由器
-
公开(公告)号:US08458795B2
公开(公告)日:2013-06-04
申请号:US12106272
申请日:2008-04-19
CPC分类号: H04L63/1425 , H04L63/145 , H04L63/1458
摘要: A system for detecting network intrusions and other conditions in a network is described. The system includes a plurality of collector devices that are disposed to collect data and statistical information on packets that are sent between nodes on a network. An aggregator device is disposed to receive data and statistical information from the plurality of collector devices. The aggregator device produces a connection table that maps each node on the network to a record that stores information about traffic to or from the node. The aggregator runs processes that determine network events from aggregating of anomalies into network events.
摘要翻译: 描述了一种用于检测网络中的网络入侵和其他条件的系统。 该系统包括多个收集器装置,其被设置为收集关于在网络上的节点之间发送的分组的数据和统计信息。 设置聚合器装置以从多个收集器装置接收数据和统计信息。 聚合器设备产生连接表,其将网络上的每个节点映射到存储关于到节点或从节点的流量的信息的记录。 聚合器运行确定网络事件的过程,从异常聚合到网络事件。
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.026 秒)
