公开(公告)号：US20180124101A1

公开(公告)日：2018-05-03

申请号：US15852359

申请日：2017-12-22

Applicant: CenturyLink Intellectual Property LLC

Inventor： Donald J. Smith ,  John A. Schiel

IPC: H04L29/06

CPC classification number: H04L63/1441 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/1458

Abstract: A method for remote triggered black hole filtering can include advertising a first modified next hop address for a destination address of network traffic, and advertising a second modified next hop address for a source address of network traffic. The first next hop address of the destination address might be overwritten with the first modified next hop address. Filtered traffic then can be forwarded to the first modified next hop address, wherein filtered traffic comprises only network traffic addressed to the destination address or from the source address. In some cases, the filtered traffic is transported and received via a sinkhole tunnel. A second next hop address of the source address can be overwritten to a second modified next hop address. The attack traffic, which can be filtered traffic that is both addressed to the destination address and from the source address, might be forwarded to a discard interface.

公开(公告)号：US20150195298A1

公开(公告)日：2015-07-09

申请号：US14663087

申请日：2015-03-19

Applicant: CenturyLink Intellectual Property LLC

Inventor： Michael Glenn ,  Donald J. Smith ,  John Butala

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  G06F21/55 ,  G06F21/552 ,  G06F21/56 ,  G06F21/561 ,  G06F21/562 ,  G06F21/564 ,  G06F21/566 ,  G06F21/568 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/20

Abstract: Novel solutions for detecting and/or treating malware on a subscriber's premise network. Such solutions can include, but are not limited to, tools and techniques that can detect, and/or enable the detection of, malware infections on individual subscriber devices within the subscriber's network. In a particular embodiment, for example, a premise gateway, or other device on the subscriber's premise network, is configured to analyze packets traveling through the premise gateway and, based on that analysis, identify one or more subscriber devices that are infected with malware.

Abstract translation: 用于在订户的内部网络上检测和/或处理恶意软件的新型解决方案。 这样的解决方案可以包括但不限于可以检测和/或使得能够检测用户网络内的各个订户设备上的恶意软件感染的工具和技术。 在特定实施例中，例如，一个驻地网关或该用户的驻地网络上的其他设备被配置成分析通过该住宅网关行进的分组，并且基于该分析识别被恶意软件感染的一个或多个订户设备。

公开(公告)号：US09888028B2

公开(公告)日：2018-02-06

申请号：US14267226

申请日：2014-05-01

Applicant: CenturyLink Intellectual Property LLC

Inventor： Donald J. Smith ,  John A. Schiel

IPC: G06F15/16 ,  H04L29/06

CPC classification number: H04L63/1441 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/1458

Abstract: A method for remote triggered black hole filtering can include advertising a first modified next hop address for a destination address of network traffic, and advertising a second modified next hop address for a source address of network traffic. The first next hop address of the destination address might be overwritten with the first modified next hop address. Filtered traffic then can be forwarded to the first modified next hop address, wherein filtered traffic comprises only network traffic addressed to the destination address or from the source address. In some cases, the filtered traffic is transported and received via a sinkhole tunnel. A second next hop address of the source address can be overwritten to a second modified next hop address. The attack traffic, which can be filtered traffic that is both addressed to the destination address and from the source address, might be forwarded to a discard interface.

公开(公告)号：US11095680B2

公开(公告)日：2021-08-17

申请号：US15135239

申请日：2016-04-21

Applicant: CenturyLink Intellectual Property LLC

Inventor： Donald J. Smith ,  Michael Glenn ,  John A. Schiel ,  Christopher L. Garner

IPC: H04L29/06 ,  H04L29/08 ,  H04L12/803 ,  H04L12/927

Abstract: Novel tools and techniques for filtering network traffic in an anycasting environment includes receiving network traffic addressed to a plurality of anycasted servers at an edge router, the plurality of anycasted servers comprising one or more anycasted servers. The network traffic is received from the edge server at least one data scrubbing appliance. The at least one data scrubbing appliance filters out undesirable traffic from the network traffic. The at least one data scrubbing appliance “on-ramps” the filtered network traffic to the plurality of anycasted servers. The filtered network traffic is transmitted to the plurality of anycasted servers in a load balanced manner.

公开(公告)号：US20140331308A1

公开(公告)日：2014-11-06

申请号：US14267226

申请日：2014-05-01

Applicant: CenturyLink Intellectual Property LLC

Inventor： Donald J. Smith ,  John A. Schiel

IPC: H04L29/06

CPC classification number: H04L63/1441 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/1458

Abstract: A method for remote triggered black hole filtering can include advertising a first modified next hop address for a destination address of network traffic, and advertising a second modified next hop address for a source address of network traffic. The first next hop address of the destination address might be overwritten with the first modified next hop address. Filtered traffic then can be forwarded to the first modified next hop address, wherein filtered traffic comprises only network traffic addressed to the destination address or from the source address. In some cases, the filtered traffic is transported and received via a sinkhole tunnel. A second next hop address of the source address can be overwritten to a second modified next hop address. The attack traffic, which can be filtered traffic that is both addressed to the destination address and from the source address, might be forwarded to a discard interface.

Abstract translation: 用于远程触发黑洞过滤的方法可以包括：为网络流量的目的地地址发布第一修改的下一跳地址，以及为网络业务的源地址通告第二修改的下一跳地址。 目标地址的第一个下一跳地址可能会被第一个修改的下一跳地址覆盖。 过滤的流量然后可以被转发到第一修改的下一跳地址，其中被过滤的流量仅包括寻址到目的地地址或源地址的网络流量。 在某些情况下，经过沉没隧道传输和接收过滤后的流量。 源地址的第二个下一跳地址可以被覆盖到第二个修改的下一跳地址。 可以将可以被过滤的流量的目标地址和来自源地址的攻击流量转发到丢弃接口。

公开(公告)号：US20180034841A1

公开(公告)日：2018-02-01

申请号：US15729140

申请日：2017-10-10

Applicant: CenturyLink Intellectual Property LLC

Inventor： Michael Glenn ,  Donald J. Smith ,  John Butala

IPC: H04L29/06 ,  G06F21/56 ,  G06F21/55

CPC classification number: H04L63/1425 ,  G06F21/55 ,  G06F21/552 ,  G06F21/56 ,  G06F21/561 ,  G06F21/562 ,  G06F21/564 ,  G06F21/566 ,  G06F21/568 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/20

Abstract: Novel solutions for detecting and/or treating malware on a subscriber's premise network. Such solutions can include, but are not limited to, tools and techniques that can detect, and/or enable the detection of, malware infections on individual subscriber devices within the subscriber's network. In a particular embodiment, for example, a premise gateway, or other device on the subscriber's premise network, is configured to analyze packets traveling through the premise gateway and, based on that analysis, identify one or more subscriber devices that are infected with malware.

公开(公告)号：US10484412B2

公开(公告)日：2019-11-19

申请号：US15729140

申请日：2017-10-10

Applicant: CenturyLink Intellectual Property LLC

Inventor： Michael Glenn ,  Donald J. Smith ,  John Butala

IPC: H04L29/06 ,  G06F21/55 ,  G06F21/56

Abstract: Novel solutions for detecting and/or treating malware on a subscriber's premise network. Such solutions can include, but are not limited to, tools and techniques that can detect, and/or enable the detection of, malware infections on individual subscriber devices within the subscriber's network. In a particular embodiment, for example, a premise gateway, or other device on the subscriber's premise network, is configured to analyze packets traveling through the premise gateway and, based on that analysis, identify one or more subscriber devices that are infected with malware.

公开(公告)号：US10091234B2

公开(公告)日：2018-10-02

申请号：US15852359

申请日：2017-12-22

Applicant: CenturyLink Intellectual Property LLC

Inventor： Donald J. Smith ,  John A. Schiel

IPC: G06F15/16 ,  H04L29/06

Abstract: A method for remote triggered black hole filtering can include advertising a first modified next hop address for a destination address of network traffic, and advertising a second modified next hop address for a source address of network traffic. The first next hop address of the destination address might be overwritten with the first modified next hop address. Filtered traffic then can be forwarded to the first modified next hop address, wherein filtered traffic comprises only network traffic addressed to the destination address or from the source address. In some cases, the filtered traffic is transported and received via a sinkhole tunnel. A second next hop address of the source address can be overwritten to a second modified next hop address. The attack traffic, which can be filtered traffic that is both addressed to the destination address and from the source address, might be forwarded to a discard interface.

公开(公告)号：US09819693B2

公开(公告)日：2017-11-14

申请号：US14663087

申请日：2015-03-19

Applicant: CenturyLink Intellectual Property LLC

Inventor： Michael Glenn ,  Donald J. Smith ,  John Butala

IPC: H04L29/00 ,  H04L29/06 ,  G06F21/55 ,  G06F21/56

CPC classification number: H04L63/1425 ,  G06F21/55 ,  G06F21/552 ,  G06F21/56 ,  G06F21/561 ,  G06F21/562 ,  G06F21/564 ,  G06F21/566 ,  G06F21/568 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/20

Abstract: Novel solutions for detecting and/or treating malware on a subscriber's premise network. Such solutions can include, but are not limited to, tools and techniques that can detect, and/or enable the detection of, malware infections on individual subscriber devices within the subscriber's network. In a particular embodiment, for example, a premise gateway, or other device on the subscriber's premise network, is configured to analyze packets traveling through the premise gateway and, based on that analysis, identify one or more subscriber devices that are infected with malware.

公开(公告)号：US20160241590A1

公开(公告)日：2016-08-18

申请号：US15135239

申请日：2016-04-21

Applicant: CenturyLink Intellectual Property LLC

Inventor： Donald J. Smith ,  Michael Glenn ,  John A. Schiel ,  Christopher L. Garner

IPC: H04L29/06 ,  H04L12/803 ,  H04L12/927

CPC classification number: H04L63/1458 ,  H04L47/125 ,  H04L47/801 ,  H04L63/0227 ,  H04L63/0245 ,  H04L63/029 ,  H04L63/10 ,  H04L63/1441 ,  H04L67/1002

Abstract: Novel tools and techniques for filtering network traffic in an anycasting environment includes receiving network traffic addressed to a plurality of anycasted servers at an edge router, the plurality of anycasted servers comprising one or more anycasted servers. The network traffic is received from the edge server at least one data scrubbing appliance. The at least one data scrubbing appliance filters out undesirable traffic from the network traffic. The at least one data scrubbing appliance “on-ramps” the filtered network traffic to the plurality of anycasted servers. The filtered network traffic is transmitted to the plurality of anycasted servers in a load balanced manner.

Abstract translation: 用于在任播播放环境中过滤网络流量的新型工具和技术包括接收寻址到边缘路由器处的多个任播服务器的网络流量，所述多个任播服务器包括一个或多个任播服务器。 从边缘服务器接收至少一个数据擦除设备的网络流量。 至少一个数据擦除设备从网络流量中滤除不需要的流量。 所述至少一个数据擦除设备将已过滤的网络流量“上升”到多个任播服务器。 滤波后的网络业务以负载平衡的方式被发送到多个任播服务器。