公开(公告)号：US20090094000A1

公开(公告)日：2009-04-09

申请号：US12082022

申请日：2008-04-08

Applicant: Balachander Krishnamurthy ,  Srinivasa Aditya Akella ,  Pratap Ramamurthy ,  Vyas Sekar ,  Anees Shaikh

Inventor： Balachander Krishnamurthy ,  Srinivasa Aditya Akella ,  Pratap Ramamurthy ,  Vyas Sekar ,  Anees Shaikh

IPC: G06F15/00

CPC classification number: H04L41/5009 ,  G06F11/3419 ,  G06F11/3495 ,  G06F2201/81 ,  G06F2201/875 ,  G06F2201/88 ,  H04L43/0864

Abstract: Disclosed is a method and system for determining one or more performance characteristics of a target server. A command is transmitted from a coordinator to a plurality of clients. The command instructs the plurality of clients to each transmit a request targeting a sub-system of said target server. A response time is then received from each client and a performance characteristic is determined from the received response times.

Abstract translation: 公开了一种用于确定目标服务器的一个或多个性能特征的方法和系统。 命令从协调器发送到多个客户端。 该命令指示多个客户端各自发送针对所述目标服务器的子系统的请求。 然后从每个客户端接收响应时间，并根据接收到的响应时间确定性能特征。

公开(公告)号：US08509237B2

公开(公告)日：2013-08-13

申请号：US12492749

申请日：2009-06-26

Applicant: Srinivasa Aditya Akella ,  Ashok Anand ,  Vyas Sekar

Inventor： Srinivasa Aditya Akella ,  Ashok Anand ,  Vyas Sekar

IPC: H04L12/28 ,  H04L12/56

CPC classification number: H04L45/00 ,  H04L12/4625 ,  H04L47/10 ,  H04L47/12 ,  H04L47/19 ,  H04L47/32 ,  H04L47/38 ,  H04L69/04

Abstract: A network employing redundancy-aware hardware may actively allocate decompression tasks among different devices along a single path to improve data throughput. The allocation can be performed by a hash or similar process operating on a header of the packets to distribute caching according to predefined ranges of hash values without significant additional communication overhead. Decompression of packets may be similarly distributed by marking shim values to match the earlier caching of antecedent packets. Nodes may use coordinated cache sizes and organizations to eliminate the need for separate cache protocol communications.

Abstract translation: 使用冗余感知硬件的网络可以沿着单个路径主动地在不同设备之间分配解压缩任务以提高数据吞吐量。 分配可以通过在分组报头上操作的散列或类似过程来执行，以根据预定义的散列值范围分配高速缓存，而不会有显着的附加通信开销。 可以通过标记垫片值来匹配早先的先前缓存的分组，来分类分组。 节点可以使用协调的高速缓存大小和组织来消除对单独的缓存协议通信的需要。

公开(公告)号：US20100329256A1

公开(公告)日：2010-12-30

申请号：US12492749

申请日：2009-06-26

Applicant: Srinivasa Aditya Akella ,  Ashok Anand ,  Vyas Sekar

Inventor： Srinivasa Aditya Akella ,  Ashok Anand ,  Vyas Sekar

IPC: H04L12/28 ,  H04L12/56

CPC classification number: H04L45/00 ,  H04L12/4625 ,  H04L47/10 ,  H04L47/12 ,  H04L47/19 ,  H04L47/32 ,  H04L47/38 ,  H04L69/04

Abstract: A network employing redundancy-aware hardware may actively allocate decompression tasks among different devices along a single path to improve data throughput. The allocation can be performed by a hash or similar process operating on a header of the packets to distribute caching according to predefined ranges of hash values without significant additional communication overhead. Decompression of packets may be similarly distributed by marking shim values to match the earlier caching of antecedent packets. Nodes may use coordinated cache sizes and organizations to eliminate the need for separate cache protocol communications.

Abstract translation: 使用冗余感知硬件的网络可以沿着单个路径主动地在不同设备之间分配解压缩任务以提高数据吞吐量。 分配可以通过在分组报头上操作的散列或类似过程来执行，以根据预定义的散列值范围分配高速缓存，而不会有显着的附加通信开销。 可以通过标记垫片值来匹配早先的先前缓存的分组，来分类分组。 节点可以使用协调的高速缓存大小和组织来消除对单独的缓存协议通信的需要。

公开(公告)号：US20070283436A1

公开(公告)日：2007-12-06

申请号：US11452623

申请日：2006-06-14

Applicant: Nicholas Duffield ,  Jacobus Van Der Merwe ,  Vyas Sekar ,  Oliver Spatscheck

Inventor： Nicholas Duffield ,  Jacobus Van Der Merwe ,  Vyas Sekar ,  Oliver Spatscheck

IPC: G06F12/14

CPC classification number: H04L63/1425 ,  H04L63/1458

Abstract: A multi-staged framework for detecting and diagnosing Denial of Service attacks is disclosed in which a low-cost anomaly detection mechanism is first used to collect coarse data, such as may be obtained from Simple Network Management Protocol (SNMP) data flows. Such data is analyzed to detect volume anomalies that could possibly be indicative of a DDoS attack. If such an anomaly is suspected, incident reports are then generated and used to trigger the collection and analysis of fine grained data, such as that available in Netflow data flows. Both types of collection and analysis are illustratively conducted at edge routers within the service provider network that interface customers and customer networks to the service provider. Once records of the more detailed information have been retrieved, they are examined to determine whether the anomaly represents a distributed denial of service attack, at which point an alarm is generated.

Abstract translation: 公开了一种用于检测和诊断拒绝服务攻击的多阶段框架，其中首先使用低成本异常检测机制来收集粗略数据，例如可以从简单网络管理协议（SNMP）数据流中获得。 分析这些数据以检测可能表示DDoS攻击的体积异常。 如果怀疑出现这种异常，则会生成事件报告，并用于触发对Netflow数据流中可用的细粒度数据的收集和分析。 这两种类型的收集和分析在服务提供商网络中的边缘路由器上进行说明性地进行，其将客户和客户网络接入服务提供商。 一旦检索到更详细信息的记录，就检查它们以确定异常是否表示分布式拒绝服务攻击，此时产生警报。

公开(公告)号：US08001601B2

公开(公告)日：2011-08-16

申请号：US11452623

申请日：2006-06-14

Applicant: Nicholas Duffield ,  Jacobus Van Der Merwe ,  Vyas Sekar ,  Oliver Spatscheck

Inventor： Nicholas Duffield ,  Jacobus Van Der Merwe ,  Vyas Sekar ,  Oliver Spatscheck

IPC: G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00

CPC classification number: H04L63/1425 ,  H04L63/1458

Abstract: A multi-staged framework for detecting and diagnosing Denial of Service attacks is disclosed in which a low-cost anomaly detection mechanism is first used to collect coarse data, such as may be obtained from Simple Network Management Protocol (SNMP) data flows. Such data is analyzed to detect volume anomalies that could possibly be indicative of a DDoS attack. If such an anomaly is suspected, incident reports are then generated and used to trigger the collection and analysis of fine grained data, such as that available in Netflow data flows. Both types of collection and analysis are illustratively conducted at edge routers within the service provider network that interface customers and customer networks to the service provider. Once records of the more detailed information have been retrieved, they are examined to determine whether the anomaly represents a distributed denial of service attack, at which point an alarm is generated.

Abstract translation: 公开了一种用于检测和诊断拒绝服务攻击的多阶段框架，其中首先使用低成本异常检测机制来收集粗略数据，例如可以从简单网络管理协议（SNMP）数据流中获得。 分析这些数据以检测可能表示DDoS攻击的体积异常。 如果怀疑出现这种异常，则会生成事件报告，并用于触发对Netflow数据流中可用的细粒度数据的收集和分析。 这两种类型的收集和分析在服务提供商网络中的边缘路由器上进行说明性地进行，其将客户和客户网络接入服务提供商。 一旦检索到更详细信息的记录，就检查它们以确定异常是否表示分布式拒绝服务攻击，此时产生警报。

公开(公告)号：US07933745B2

公开(公告)日：2011-04-26

申请号：US12082022

申请日：2008-04-08

Applicant: Balachander Krishnamurthy ,  Srinivasa Aditya Akella ,  Pratap Ramamurthy ,  Vyas Sekar ,  Anees Shaikh

Inventor： Balachander Krishnamurthy ,  Srinivasa Aditya Akella ,  Pratap Ramamurthy ,  Vyas Sekar ,  Anees Shaikh

IPC: G06F19/00

CPC classification number: H04L41/5009 ,  G06F11/3419 ,  G06F11/3495 ,  G06F2201/81 ,  G06F2201/875 ,  G06F2201/88 ,  H04L43/0864

Abstract: Disclosed is a method and system for determining one or more performance characteristics of a target server. A command is transmitted from a coordinator to a plurality of clients. The command instructs the plurality of clients to each transmit a request targeting a sub-system of said target server. A response time is then received from each client and a performance characteristic is determined from the received response times.

Abstract translation: 公开了一种用于确定目标服务器的一个或多个性能特征的方法和系统。 命令从协调器发送到多个客户端。 该命令指示多个客户端各自发送针对所述目标服务器的子系统的请求。 然后从每个客户端接收响应时间，并根据接收到的响应时间确定性能特征。