公开(公告)号：US09118707B2

公开(公告)日：2015-08-25

申请号：US13715651

申请日：2012-12-14

Applicant: Verizon Patent and Licensing Inc.

Inventor： Lin Sun ,  Yee Sin Chan

IPC: H04L29/06

CPC classification number: H04L63/1433 ,  H04L63/0227 ,  H04L63/0236 ,  H04L63/1441 ,  H04L63/1458

Abstract: An exemplary method includes an attack traffic mitigation system 1) identifying a range of ports left open by a firewall for a network element to receive network traffic provided by a computing device, 2) designating a subset of one or more ports included in the range of open ports as being included in a legitimate port range configured to receive legitimate network traffic provided by the computing device, and 3) directing the network element to drop network traffic provided by the computing device and received by each port included in the range of open ports that is not included in the legitimate port range. Corresponding methods and systems are also disclosed.

Abstract translation: 一种示例性方法包括攻击流量缓解系统1）识别由防火墙为网络元件保持打开以接收由计算设备提供的网络流量的端口的范围，2）指定包括在以下范围内的一个或多个端口的子集： 打开端口被包括在被配置为接收由计算设备提供的合法网络流量的合法端口范围中;以及3）指示网络元件丢弃由计算设备提供并由包括在开放端口范围内的每个端口接收的网络流量 这不包括在合法的端口范围内。 还公开了相应的方法和系统。

公开(公告)号：US09025458B2

公开(公告)日：2015-05-05

申请号：US13658452

申请日：2012-10-23

Applicant: Verizon Patent and Licensing, Inc.

Inventor： Yee Sin Chan ,  Arda Aksu ,  Lin Sun ,  Lalit R. Kotecha ,  Jin Yang

IPC: H04L12/26 ,  H04L12/24 ,  H04L12/851 ,  H04L12/823 ,  H04W28/02

CPC classification number: H04L41/5022 ,  H04L41/0893 ,  H04L43/0882 ,  H04L43/16 ,  H04L47/2433 ,  H04L47/32 ,  H04W28/0289

Abstract: A device may receive a packet that includes priority information that is based on a priority assigned to bits included in the packet. The priority may be assigned based on scalable code used to encode the bits for transmission. The device may determine that an indicator of network congestion satisfies a threshold, and may schedule the packet for transmission to a user device based on the priority information and the determination that the indicator satisfies the threshold.

Abstract translation: 设备可以接收包括基于分配给分组中包括的比特的优先级的优先级信息的分组。 可以基于用于对要传输的位进行编码的可分级代码来分配优先级。 设备可以确定网络拥塞的指示符满足阈值，并且可以基于优先级信息和指示符满足阈值的确定来调度用于传输到用户设备的分组。

公开(公告)号：US20140173722A1

公开(公告)日：2014-06-19

申请号：US13715651

申请日：2012-12-14

Applicant: VERIZON PATENT AND LICENSING INC.

Inventor： Lin Sun ,  Yee Sin Chan

IPC: H04L29/06

CPC classification number: H04L63/1433 ,  H04L63/0227 ,  H04L63/0236 ,  H04L63/1441 ,  H04L63/1458

Abstract: An exemplary method includes an attack traffic mitigation system 1) identifying a range of ports left open by a firewall for a network element to receive network traffic provided by a computing device, 2) designating a subset of one or more ports included in the range of open ports as being included in a legitimate port range configured to receive legitimate network traffic provided by the computing device, and 3) directing the network element to drop network traffic provided by the computing device and received by each port included in the range of open ports that is not included in the legitimate port range. Corresponding methods and systems are also disclosed.

Abstract translation: 一种示例性方法包括攻击流量缓解系统1）识别由防火墙为网络元件保持打开以接收由计算设备提供的网络流量的端口的范围，2）指定包括在以下范围内的一个或多个端口的子集： 打开端口被包括在被配置为接收由计算设备提供的合法网络流量的合法端口范围中;以及3）指示网络元件丢弃由计算设备提供并由包括在开放端口范围内的每个端口接收的网络流量 这不包括在合法的端口范围内。 还公开了相应的方法和系统。