-
公开(公告)号:US20090161567A1
公开(公告)日:2009-06-25
申请号:US11963039
申请日:2007-12-21
IPC分类号: G06F11/00
CPC分类号: H04L43/0847 , H04L45/00 , H04L45/18 , H04L45/20 , H04L63/1441 , H04L69/28
摘要: A method and system for detecting routing loops and time-to-live (TTL) expiry attacks in a telecommunications network are disclosed. The detection of routing loops and TTL expiry attacks can be achieved based on the comparison of TTL expiries occurring on two or more routers in the network. A quantity of TTL expiries associated with a router can be summed. Additionally, a quantity of TTL expiries associated with other routers that are operatively coupled to the router can be summed. A difference between the sums can be calculated and a determination of whether a routing loop exists can be made in response to the difference.
摘要翻译: 公开了一种在电信网络中检测路由环路和生存时间(TTL)到期攻击的方法和系统。 基于网络中两台或多台路由器上发生的TTL到期的比较,可以实现对路由环路和TTL到期攻击的检测。 可以将与路由器相关联的TTL到期数量相加。 另外,可以将与可操作地耦合到路由器的其他路由器相关联的一定数量的TTL到期值相加。 可以计算和之间的差异,并且可以响应于差异来确定是否存在路由环路。
-
公开(公告)号:US06807151B1
公开(公告)日:2004-10-19
申请号:US09536515
申请日:2000-03-27
申请人: Thusitha Jayawardena
发明人: Thusitha Jayawardena
IPC分类号: H04J306
摘要: Group-wise testing of the clocks arriving at a switching office is undertaken by multiplexing the clocks onto a single line and developing a signal therefrom that is indicative of a problem, if it exists, in any of the component signals that were multiplexed. In one embodiment, the developed signal is a gated portion of the multiplexed signal. That signal is integrated over an integration frame and compared to the integrated signal of another integration frame. A difference between the two compared signals indicates that at least one of the clocks is out of frequency synch. Subsequent tests identify the offending clock, or clocks.
摘要翻译: 通过对到达交换局的时钟进行分组测试,通过将时钟复用到单个线路上并从其中开发指示在多路复用的任何分量信号中的问题的信号(如果存在)。 在一个实施例中,显影信号是多路复用信号的选通部分。 该信号在集成框架上集成,并与另一个集成框架的集成信号进行比较。 两个比较信号之间的差异表示至少一个时钟频率同步。 随后的测试识别违规时钟或时钟。
-
23.发明授权Method for distributed denial-of-service attack mitigation by selective black-holing in MPLS VPNS 有权MPLS VPNS中选择性黑洞分布式拒绝服务攻击缓解方法公开(公告)号:US07925766B2
公开(公告)日:2011-04-12
申请号:US10782512
申请日:2004-02-18
CPC分类号: H04L45/00 , H04L45/50 , H04L63/0236 , H04L63/0272 , H04L63/1408 , H04L63/1416 , H04L63/1458
摘要: A system and method for aiding the handling of DDoS attacks in which VPN traffic entering an ISP network at some points will be black-holed, while VPN traffic entering the ISP network at other points will be routed, as it should be, to the system-under-attack. Thus, the system-under-attack is made available to some of the user community and made unavailable to suspect portions of the user community. Furthermore, the number of entry points where black-holing of VPN traffic occurs can be selected and changed in real-time during a DDoS attack.
摘要翻译: 用于协助处理DDoS攻击的系统和方法,其中在某些点进入ISP网络的VPN流量将是黑洞的,而在其他点进入ISP网络的VPN流量将按原样路由到系统 -遭到攻击。 因此,系统受到攻击是可用于一些用户社区,并且不可用于怀疑用户社区的部分。 此外,可以在DDoS攻击期间实时选择和更改VPN流量发生黑洞的入口点数。
-
24.发明申请Distributed denial-of-service attack mitigation by selective black-holing in IP networks 有权通过IP网络中的选择性黑洞攻击减轻分布式拒绝服务攻击公开(公告)号:US20090031040A1
公开(公告)日:2009-01-29
申请号:US12284254
申请日:2008-09-19
IPC分类号: G06F15/16
CPC分类号: H04L63/1408 , H04L29/06
摘要: In an IP network during a DDoS attack on a website or other internet entity having an IP address, selective black-holing of attack traffic is performed such that some of the traffic destined for the IP address under attack continues to go to the IP address under attack while other traffic, destined for the same IP address is, rerouted via BGP sessions to a black-hole router. Such a selective black-holing scheme can be used to allow some traffic to continue in route to the IP address under attack, while other traffic is diverted.
摘要翻译: 在IP网络中对网站或具有IP地址的其他互联网实体进行DDoS攻击时,会执行攻击流量的选择性黑洞攻击,使得发往受攻击的IP地址的某些流量继续进入IP地址下的IP地址 攻击,而其他流量,注定相同的IP地址,通过BGP会话重新路由到一个黑洞路由器。 这种选择性黑洞方案可以用于允许某些流量继续路由到被攻击的IP地址,而其他流量被转移。
-
25.发明申请Method for distributed denial-of-service attack mitigation by selective black-holing in MPLS VPNS 有权MPLS VPNS中选择性黑洞分布式拒绝服务攻击缓解方法公开(公告)号:US20050180416A1
公开(公告)日:2005-08-18
申请号:US10782512
申请日:2004-02-18
申请人: Thusitha Jayawardena , Luis Morales
发明人: Thusitha Jayawardena , Luis Morales
CPC分类号: H04L45/00 , H04L45/50 , H04L63/0236 , H04L63/0272 , H04L63/1408 , H04L63/1416 , H04L63/1458
摘要: A system and method for aiding the handling of DDoS attacks in which VPN traffic entering an ISP network at some points will be black-holed, while VPN traffic entering the ISP network at other points will be routed, as it should be, to the system-under-attack. Thus, the system-under-attack is made available to some of the user community and made unavailable to suspect portions of the user community. Furthermore, the number of entry points where black-holing of VPN traffic occurs can be selected and changed in real-time during a DDoS attack.
摘要翻译: 用于协助处理DDoS攻击的系统和方法,其中在某些点进入ISP网络的VPN流量将是黑洞的,而在其他点进入ISP网络的VPN流量将按原样路由到系统 -遭到攻击。 因此,系统受到攻击是可用于一些用户社区,并且不可用于怀疑用户社区的部分。 此外,可以在DDoS攻击期间实时选择和更改VPN流量发生黑洞的入口点数。
-
26.发明授权Method and apparatus for performing automatic synchronization failure detection in an ATM network 失效在ATM网络中执行自动同步故障检测的方法和装置
公开(公告)号:US6044092A
公开(公告)日:2000-03-28
申请号:US872749
申请日:1997-06-11
CPC分类号: H04J3/0632 , H04Q11/0478 , H04L2012/5627 , H04L2012/5674 , H04L7/0083
摘要: By recognizing that it is not necessary to identify a synchronization failure immediately when the failure occurs, but rather not until the failure results in a detectable difference, the method and system described herein can distinguish between Cell Delay Variation (CDV) and loss of synchronization. Because CDV will have a larger effect on the stability than a failure of the frequency recovery system at the precise moment of the failure, a synchronization failure cannot usually be distinguished from CDV for several minutes or hours, depending upon the stability of the reference clock. The present invention monitors a fill level of a play-out buffer in the ATM network, and attempts to determine if a variation in the fill level is linear with time, which is indicative of a synchronization failure. Upon detecting such a failure, the method of the present invention switches to an adaptive method for frequency recovery. If the variation in the fill level of the play-out buffer is not linear, but an underflow/overflow (or slip) has occurred, then the method of the present invention can inform an intelligent buffer control that the underflow/overflow is not due to the presence of a synchronization failure, which enables the intelligent buffer controller to take appropriate action.
摘要翻译: 通过认识到当故障发生时不需要立即识别同步故障,而不是直到故障导致可检测的差异,本文描述的方法和系统可以区分小区延迟变化(CDV)和同步丢失。 由于CDV在故障的精确时刻对稳定性的影响大于频率恢复系统的故障,所以根据参考时钟的稳定性,同步故障通常不能与CDV区分数分钟或数小时。 本发明监测ATM网络中的播放缓冲器的填充级别,并尝试确定填充级别的变化是否与时间呈线性关系,这表示同步失败。 在检测到这种故障时,本发明的方法切换到用于频率恢复的自适应方法。 如果播放缓冲器的填充级别的变化不是线性的,但是发生了下溢/溢出(或滑动),则本发明的方法可以向智能缓冲器控制器通知下溢/溢出是不应该的 存在同步故障,这使得智能缓冲控制器能够采取适当的动作。
-
-
-
-
-
搜索结果
26 条记录 (耗时 0.041 秒)
