摘要:
A system and method for identifying the source of a denial-of-service attack is described. In one implementation, flow information about packets transmitted through a network is collected at different points in the network. The flow level information is analyzed to reconstruct a path taken by a packet associated with a DoS attack to identify the source of such an attack.
摘要:
An advance is made over the prior art in accordance with the principles of the present invention that is directed to a new approach for a system and method of Single Rate Three Color Marker (srTCM) and Two Rate Three Color Marker (trTCM) methodology. The invention eliminates deficiencies present in existing standards that allow a user to defeat the traffic meter that is used to ensure bandwidth usage is within limits imposed by the provider. Adoption of these invention will ensure compliance with the goals of an ideal Single Rate Three Color Marker (srTCM) and Two Rate Three Color Marker (trTCM) scheme.
摘要:
A plurality of mappings corresponding to respective points of interest is generated. Each mapping indicates at least one group detected at the corresponding point of interest and respective times when each respective group among the at least one group was detected at the corresponding point of interest. A standard representation corresponding to a set of one or more groups appearing in a selected one of the plurality of mappings is defined. A path associated with the standard representation is determined, based on the plurality of mappings, the path defining a second plurality of points of interest at which the standard representation was detected and time information indicating when the standard representation was detected at each respective point of interest within the second plurality of points of interest. A point of interest may comprise a location associated with a billboard.
摘要:
The invention includes a method and apparatus for providing a distributed forwarding plane for a mobility home agent. The invention provides a method for controlling routing of packets for a mobile node in a network comprising a network domain including a plurality of forwarding elements being controlled by a control element. A method includes computing a route from one of the forwarding elements toward the mobile node and propagating the computed route toward that one of the forwarding elements. The route is computed using location information associated with the mobile node and routing information associated with the network domain.
摘要:
In a network arrangement where a client requests a service from a server system, e.g., through the Internet, a multiple-load balancer is used for balancing loads in two or more server clusters in the server system to completely identify a sequence of servers for processing the service request. Each server in the resulting sequence belongs to a different server cluster. The service request is sent to the first server in the sequence, along with information for routing the request through the sequence of servers.
摘要:
The invention includes a method and apparatus for providing a distributed forwarding plane for a mobility home agent. The invention provides a method for controlling routing of packets for a mobile node in a network comprising a network domain including a plurality of forwarding elements being controlled by a control element. A method includes computing a route from one of the forwarding elements toward the mobile node and propagating the computed route toward that one of the forwarding elements. The route is computed using location information associated with the mobile node and routing information associated with the network domain.
摘要:
In one embodiment, a method for estimating the number of tags in a set of tags in a system of tags and readers. The method includes, during each of a plurality of time intervals: (i) transmitting a command requesting that each tag that receives the command determine whether to transmit a reply; and (ii) receiving, in one or more timeslots of a frame corresponding to the time interval, replies from one or more tags. The method further includes providing an estimate of the number of tags in the set of one or more tags based on (i) timeslots in each of the plurality of time intervals that are zero timeslots, i.e., timeslots having no received reply, and (ii) the total number of timeslots in each frame.
摘要:
A method to provide authentication services to third party vendors by a service provider hosting an authentication, authorization and accounting (AAA) server or a similar device that can authenticate users for some other service. This method enables easy and substantially error-free end-user authentication, which forms the basis for enabling electronic transactions (e.g., web-based) that are less vulnerable to fraud.
摘要:
A SoftRouter architecture deconstructs routers by separating the control entities of a router from its forwarding components, enabling dynamic binding between them. In the SoftRouter architecture, control plane functions are aggregated and implemented on a few smart servers which control forwarding elements that are multiple network hops away. A dynamic binding protocol performs network-wide control plane failovers. Network stability is improved by aggregating and remotely hosting routing protocols, such as OSPF and BGP. This results in faster convergence, lower protocol messages processed, and fewer route changes following a failure. The SoftRouter architecture includes a few smart control entities that manage a large number of forwarding elements to provide greater support for network-wide control. In the SoftRouter architecture, routing protocols operate remotely at a control element and control one or more forwarding elements by downloading the forwarding tables, etc. into the forwarding elements. Intra-domain routing and inter-domain routing are also included.
摘要:
The invention includes a method and apparatus for providing load balancing of control traffic received by a mobility home agent implemented using multiple control elements. A method includes receiving, from a node, a control message intended for the network element, performing a load-balancing operation to select one of the control elements to handle the control message, and propagating the control message toward the selected one of the control elements. The load-balancing operation is performed using at least two load-balancing metrics comprising a first metric and a second metric. The load-balancing operation is performed in a manner for maintaining a context between the node from which the control message is received and the selected one of the control elements, such that subsequent control messages received from the node are propagated to the selected one of the control elements.