IN2014DN06766A - - Google Patents

Download PDF

Info

Publication number
IN2014DN06766A
IN2014DN06766A IN6766DEN2014A IN2014DN06766A IN 2014DN06766 A IN2014DN06766 A IN 2014DN06766A IN 6766DEN2014 A IN6766DEN2014 A IN 6766DEN2014A IN 2014DN06766 A IN2014DN06766 A IN 2014DN06766A
Authority
IN
India
Prior art keywords
network
notification
routing rule
determining
denial
Prior art date
Application number
Inventor
Matthew Strebe
Nathan V Whittenton
Timothy C Collins
Original Assignee
L3 Comm Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by L3 Comm Corp filed Critical L3 Comm Corp
Publication of IN2014DN06766A publication Critical patent/IN2014DN06766A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

Methods apparatus and computer readable storage media reduce or eliminate network traffic meeting criteria. In some aspects network traffic transmitted by one or more source nodes to one or more destination nodes may comprise a denial of service attack against the destination node(s). At least a portion of the denial of service attack traffic may be reduced or eliminated with the disclosed methods and apparatus. In one aspect a method of managing undesirable network traffic transmitted from a source node to a destination node over a communications network includes receiving a notification of a routing rule change authenticating the notification determining a network routing rule based on the notification applying the network routing rule determining a network path toward the source node determining an entity based on the network path and transmitting a notification of the routing rule change to the entity.
IN6766DEN2014 2012-01-24 2013-01-23 IN2014DN06766A (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201261590279P 2012-01-24 2012-01-24
US13/748,329 US20130198805A1 (en) 2012-01-24 2013-01-23 Methods and apparatus for managing network traffic
US13/748,297 US8677489B2 (en) 2012-01-24 2013-01-23 Methods and apparatus for managing network traffic
PCT/US2013/022773 WO2013112606A1 (en) 2012-01-24 2013-01-23 Methods and apparatus for managing network traffic

Publications (1)

Publication Number Publication Date
IN2014DN06766A true IN2014DN06766A (en) 2015-05-22

Family

ID=48573334

Family Applications (1)

Application Number Title Priority Date Filing Date
IN6766DEN2014 IN2014DN06766A (en) 2012-01-24 2013-01-23

Country Status (4)

Country Link
US (3) US8677489B2 (en)
EP (1) EP2807574A4 (en)
IN (1) IN2014DN06766A (en)
WO (1) WO2013112606A1 (en)

Families Citing this family (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110282981A1 (en) * 2010-05-11 2011-11-17 Alcatel-Lucent Canada Inc. Behavioral rule results
US11095687B2 (en) * 2011-11-18 2021-08-17 Blue Armor Technologies, LLC Network security system using statistical object identification
EP3249546B1 (en) 2011-12-14 2022-02-09 Level 3 Communications, LLC Content delivery network
US8972509B2 (en) * 2012-07-27 2015-03-03 Adobe Systems Incorporated Automated rich-content messaging
US9344320B1 (en) * 2012-10-18 2016-05-17 Amazon Technologies, Inc. Return path trace
US9565213B2 (en) * 2012-10-22 2017-02-07 Centripetal Networks, Inc. Methods and systems for protecting a secured network
US10701148B2 (en) 2012-12-13 2020-06-30 Level 3 Communications, Llc Content delivery framework having storage services
US9634918B2 (en) 2012-12-13 2017-04-25 Level 3 Communications, Llc Invalidation sequencing in a content delivery framework
US20140337472A1 (en) 2012-12-13 2014-11-13 Level 3 Communications, Llc Beacon Services in a Content Delivery Framework
US10701149B2 (en) 2012-12-13 2020-06-30 Level 3 Communications, Llc Content delivery framework having origin services
US10652087B2 (en) 2012-12-13 2020-05-12 Level 3 Communications, Llc Content delivery framework having fill services
US10791050B2 (en) 2012-12-13 2020-09-29 Level 3 Communications, Llc Geographic location determination in a content delivery framework
US9628343B2 (en) 2012-12-13 2017-04-18 Level 3 Communications, Llc Content delivery framework with dynamic service network topologies
US8856330B2 (en) * 2013-03-04 2014-10-07 Fmr Llc System for determining whether to block internet access of a portable system based on its current network configuration
US9338223B2 (en) * 2013-08-14 2016-05-10 Verizon Patent And Licensing Inc. Private cloud topology management system
US9027140B1 (en) * 2013-08-22 2015-05-05 Appthority, Inc. Application malware filtering for advertising networks
CN103428224B (en) * 2013-08-29 2016-08-31 上海瀛联体感智能科技有限公司 A kind of method and apparatus of intelligence defending DDoS (Distributed Denial of Service) attacks
US9060021B2 (en) * 2013-08-30 2015-06-16 Bank Of America Corporation DDoS detection using sensor grid
US9929939B2 (en) 2013-12-26 2018-03-27 Coriant Operations, Inc. Systems, apparatuses, and methods for rerouting network traffic
US9973472B2 (en) 2015-04-02 2018-05-15 Varmour Networks, Inc. Methods and systems for orchestrating physical and virtual switches to enforce security boundaries
US9774611B1 (en) * 2014-03-11 2017-09-26 Amazon Technologies, Inc. Dynamically deploying a network traffic filter
US9866587B2 (en) 2014-04-09 2018-01-09 Entit Software Llc Identifying suspicious activity in a load test
US9686278B1 (en) * 2014-05-07 2017-06-20 Skyport Systems, Inc. Method and system for configuring computing devices
JP6735021B2 (en) * 2014-12-11 2020-08-05 ビットディフェンダー アイピーアール マネジメント リミテッド User interface for secure and remote management of network endpoints
US9591022B2 (en) 2014-12-17 2017-03-07 The Boeing Company Computer defenses and counterattacks
US10193922B2 (en) 2015-01-13 2019-01-29 Level 3 Communications, Llc ISP blacklist feed
US10193929B2 (en) 2015-03-13 2019-01-29 Varmour Networks, Inc. Methods and systems for improving analytics in distributed networks
US9467476B1 (en) 2015-03-13 2016-10-11 Varmour Networks, Inc. Context aware microsegmentation
US9438634B1 (en) 2015-03-13 2016-09-06 Varmour Networks, Inc. Microsegmented networks that implement vulnerability scanning
US10178070B2 (en) 2015-03-13 2019-01-08 Varmour Networks, Inc. Methods and systems for providing security to distributed microservices
US9294442B1 (en) 2015-03-30 2016-03-22 Varmour Networks, Inc. System and method for threat-driven security policy controls
US9380027B1 (en) 2015-03-30 2016-06-28 Varmour Networks, Inc. Conditional declarative policies
US9525697B2 (en) * 2015-04-02 2016-12-20 Varmour Networks, Inc. Delivering security functions to distributed networks
US9483317B1 (en) 2015-08-17 2016-11-01 Varmour Networks, Inc. Using multiple central processing unit cores for packet forwarding in virtualized networks
US9824170B1 (en) * 2016-01-06 2017-11-21 Xilinx, Inc. Message filtering for electronic design automation systems
US9961107B2 (en) * 2016-02-19 2018-05-01 Secureworks Corp. System and method for detecting and monitoring persistent events
EP3424196A1 (en) * 2016-02-29 2019-01-09 Level 3 Communications, LLC Systems and methods for dynamic firewall policy configuration
US10432650B2 (en) 2016-03-31 2019-10-01 Stuart Staniford System and method to protect a webserver against application exploits and attacks
US10148618B2 (en) * 2016-06-07 2018-12-04 Abb Schweiz Ag Network isolation
US10505971B1 (en) * 2016-11-07 2019-12-10 Xilinx, Inc. Protecting local network devices against attacks from remote network devices
WO2018111161A1 (en) * 2016-12-15 2018-06-21 Telefonaktiebolaget Lm Ericsson (Publ) Method for secure communication on ethernet
US10038671B2 (en) * 2016-12-31 2018-07-31 Fortinet, Inc. Facilitating enforcement of security policies by and on behalf of a perimeter network security device by providing enhanced visibility into interior traffic flows
US10958623B2 (en) * 2017-05-26 2021-03-23 Futurewei Technologies, Inc. Identity and metadata based firewalls in identity enabled networks
WO2018224720A1 (en) * 2017-06-07 2018-12-13 Airo Finland Oy Defend against denial of service attack
US10757105B2 (en) * 2017-06-12 2020-08-25 At&T Intellectual Property I, L.P. On-demand network security system
US11063910B2 (en) * 2017-07-31 2021-07-13 Fastly, Inc. Web application firewall for an online service
CN110505176B9 (en) * 2018-05-16 2023-04-11 中兴通讯股份有限公司 Method and device for determining and sending message priority, and routing system
US11483287B2 (en) * 2018-06-13 2022-10-25 Nokia Solutions And Networks Oy Reliable firewall
US10862750B2 (en) * 2019-03-31 2020-12-08 Td Ameritrade Ip Company, Inc. Network configuration apparatus
CN110572451B (en) * 2019-09-04 2021-04-30 腾讯科技(深圳)有限公司 Data processing method, device and storage medium
FR3103920A1 (en) * 2019-11-29 2021-06-04 Orange Assistance method for the management of a computer attack, associated device and system.
US11494487B2 (en) 2020-04-27 2022-11-08 The Boeing Company Methods and systems for secure message transmissions between trust domains
US11838267B2 (en) 2020-07-16 2023-12-05 Twistlock, Ltd. Distributed identity-based firewall policy evaluation

Family Cites Families (67)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5898830A (en) * 1996-10-17 1999-04-27 Network Engineering Software Firewall providing enhanced network security and user transparency
US7376835B2 (en) * 2000-04-25 2008-05-20 Secure Data In Motion, Inc. Implementing nonrepudiation and audit using authentication assertions and key servers
US7917647B2 (en) * 2000-06-16 2011-03-29 Mcafee, Inc. Method and apparatus for rate limiting
US6789203B1 (en) * 2000-06-26 2004-09-07 Sun Microsystems, Inc. Method and apparatus for preventing a denial of service (DOS) attack by selectively throttling TCP/IP requests
US20020120853A1 (en) * 2001-02-27 2002-08-29 Networks Associates Technology, Inc. Scripted distributed denial-of-service (DDoS) attack discrimination using turing tests
US20040015579A1 (en) * 2001-06-14 2004-01-22 Geoffrey Cooper Method and apparatus for enterprise management
US7028179B2 (en) * 2001-07-03 2006-04-11 Intel Corporation Apparatus and method for secure, automated response to distributed denial of service attacks
US20040143670A1 (en) * 2002-07-02 2004-07-22 Pratik Roychowdhury System, method and computer program product to avoid server overload by controlling HTTP denial of service (DOS) attacks
KR100481614B1 (en) * 2002-11-19 2005-04-08 한국전자통신연구원 METHOD AND APPARATUS FOR PROTECTING LEGITIMATE TRAFFIC FROM DoS AND DDoS ATTACKS
US20040128542A1 (en) 2002-12-31 2004-07-01 International Business Machines Corporation Method and system for native authentication protocols in a heterogeneous federated environment
JP2004229125A (en) * 2003-01-24 2004-08-12 Sony Corp Transmitter and receiver
US7254713B2 (en) * 2003-09-11 2007-08-07 Alcatel DOS attack mitigation using upstream router suggested remedies
US7788711B1 (en) * 2003-10-09 2010-08-31 Oracle America, Inc. Method and system for transferring identity assertion information between trusted partner sites in a network using artifacts
US20050144441A1 (en) * 2003-12-31 2005-06-30 Priya Govindarajan Presence validation to assist in protecting against Denial of Service (DOS) attacks
CN100370757C (en) * 2004-07-09 2008-02-20 国际商业机器公司 Method and system for dentifying a distributed denial of service (DDOS) attack within a network and defending against such an attack
US7634813B2 (en) 2004-07-21 2009-12-15 Microsoft Corporation Self-certifying alert
US7984149B1 (en) * 2004-08-04 2011-07-19 Cisco Technology, Inc. Method and apparatus for identifying a policy server
US8423645B2 (en) * 2004-09-14 2013-04-16 International Business Machines Corporation Detection of grid participation in a DDoS attack
US7669241B2 (en) * 2004-09-30 2010-02-23 Alcatel-Lucent Usa Inc. Streaming algorithms for robust, real-time detection of DDoS attacks
US20060095459A1 (en) * 2004-10-29 2006-05-04 Warren Adelman Publishing domain name related reputation in whois records
US20060200487A1 (en) 2004-10-29 2006-09-07 The Go Daddy Group, Inc. Domain name related reputation and secure certificates
US9160755B2 (en) 2004-12-21 2015-10-13 Mcafee, Inc. Trusted communication network
US7779471B2 (en) * 2005-04-05 2010-08-17 Cisco Technology, Inc. Method and system for preventing DOS attacks
US7694338B1 (en) * 2005-06-03 2010-04-06 Sprint Communications Company L.P. Shared tap DOS-attack protection
JP4557815B2 (en) * 2005-06-13 2010-10-06 富士通株式会社 Relay device and relay system
US8181240B2 (en) * 2005-06-14 2012-05-15 Cisco Technology, Inc. Method and apparatus for preventing DOS attacks on trunk interfaces
US7584507B1 (en) * 2005-07-29 2009-09-01 Narus, Inc. Architecture, systems and methods to detect efficiently DoS and DDoS attacks for large scale internet
US20070083927A1 (en) * 2005-10-11 2007-04-12 Intel Corporation Method and system for managing denial of services (DoS) attacks
US20070130619A1 (en) * 2005-12-06 2007-06-07 Sprint Communications Company L.P. Distributed denial of service (DDoS) network-based detection
US8225399B1 (en) * 2005-12-14 2012-07-17 At&T Intellectual Property Ii, Lp System and method for avoiding and mitigating a DDoS attack
US7797738B1 (en) * 2005-12-14 2010-09-14 At&T Corp. System and method for avoiding and mitigating a DDoS attack
US20070147376A1 (en) * 2005-12-22 2007-06-28 Sun Microsystems, Inc. Router-assisted DDoS protection by tunneling replicas
KR100828372B1 (en) * 2005-12-29 2008-05-08 삼성전자주식회사 Method and apparatus for protecting servers from DOS attack
EP1999585A4 (en) * 2006-03-03 2012-01-25 New Jersey Tech Inst BEHAVIOR-BASED TRAFFIC DIFFERENTIATION (BTD) TO DEFEND AGAINST DISTRIBUTED DENIAL OF SERVICE(DDoS) ATTACKS
US8248946B2 (en) * 2006-06-06 2012-08-21 Polytechnic Institute of New York Unversity Providing a high-speed defense against distributed denial of service (DDoS) attacks
US7673332B2 (en) * 2006-07-31 2010-03-02 Ebay Inc. Method and system for access authentication
US8966619B2 (en) * 2006-11-08 2015-02-24 Verizon Patent And Licensing Inc. Prevention of denial of service (DoS) attacks on session initiation protocol (SIP)-based systems using return routability check filtering
US9473529B2 (en) * 2006-11-08 2016-10-18 Verizon Patent And Licensing Inc. Prevention of denial of service (DoS) attacks on session initiation protocol (SIP)-based systems using method vulnerability filtering
US20080127324A1 (en) * 2006-11-24 2008-05-29 Electronics And Telecommunications Research Institute DDoS FLOODING ATTACK RESPONSE APPROACH USING DETERMINISTIC PUSH BACK METHOD
US7853998B2 (en) * 2007-03-22 2010-12-14 Mocana Corporation Firewall propagation
US8180032B2 (en) * 2007-05-11 2012-05-15 At&T Intellectual Property I, L.P. Methods and systems for protecting a telecommunication service from Denial of Service (DoS) attack
WO2008148099A1 (en) * 2007-05-25 2008-12-04 New Jersey Institute Of Technology Method and system to mitigate low rate denial of service (dos) attacks
US8302186B2 (en) * 2007-06-29 2012-10-30 Verizon Patent And Licensing Inc. System and method for testing network firewall for denial-of-service (DOS) detection and prevention in signaling channel
US20090013404A1 (en) * 2007-07-05 2009-01-08 Alcatel Lucent Distributed defence against DDoS attacks
US8370937B2 (en) * 2007-12-03 2013-02-05 Cisco Technology, Inc. Handling of DDoS attacks from NAT or proxy devices
CN101505263B (en) 2008-02-05 2011-10-26 华为技术有限公司 Method and device for maintaining routing information
US8045486B2 (en) 2008-05-15 2011-10-25 Solarwinds Worldwide, Llc Discovery and visualization of active directory domain controllers in topological network maps
KR100908404B1 (en) * 2008-09-04 2009-07-20 (주)이스트소프트 System and method for protecting from distributed denial of service
US8769682B2 (en) * 2008-09-18 2014-07-01 Alcatel Lucent Mechanism for identifying malicious content, DoS attacks, and illegal IPTV services
KR100900491B1 (en) * 2008-12-02 2009-06-03 (주)씨디네트웍스 Method and apparatus for blocking distributed denial of service
EP2249540B1 (en) 2009-05-04 2020-03-18 Alcatel Lucent Method for verifying a user association, intercepting module and network node element
KR100942456B1 (en) * 2009-07-23 2010-02-12 주식회사 안철수연구소 Method for detecting and protecting ddos attack by using cloud computing and server thereof
KR101077135B1 (en) * 2009-10-22 2011-10-26 한국인터넷진흥원 Apparatus for detecting and filtering application layer DDoS Attack of web service
US8874929B2 (en) 2009-10-27 2014-10-28 Lockheed Martin Corporation Cross domain discovery
KR101061375B1 (en) * 2009-11-02 2011-09-02 한국인터넷진흥원 JR type based DDoS attack detection and response device
US20110138463A1 (en) * 2009-12-07 2011-06-09 Electronics And Telecommunications Research Institute Method and system for ddos traffic detection and traffic mitigation using flow statistics
US8904183B2 (en) * 2010-03-25 2014-12-02 GM Global Technology Operations LLC Efficient technique to achieve non-repudiation and resilience to DoS attacks in wireless networks
US8819282B2 (en) * 2010-08-06 2014-08-26 International Business Machines Corporation Using unique local unicast addresses in a global domain name server
KR101377462B1 (en) * 2010-08-24 2014-03-25 한국전자통신연구원 Automated Control Method And Apparatus of DDos Attack Prevention Policy Using the status of CPU and Memory
US8935785B2 (en) * 2010-09-24 2015-01-13 Verisign, Inc IP prioritization and scoring system for DDoS detection and mitigation
US8872835B2 (en) * 2010-09-29 2014-10-28 Microsoft Corporation Prevention of DoS attack by a rogue graphics application
US8566449B2 (en) 2010-12-03 2013-10-22 Salesforce.Com, Inc. Method and system for validating configuration data in a multi-tenant environment
KR101574193B1 (en) * 2010-12-13 2015-12-11 한국전자통신연구원 Apparatus and method for defending DDoS attack
US8711791B2 (en) * 2010-12-20 2014-04-29 Telefonaktiebolaget L M Ericsson (Publ) Denial of service (DoS) attack prevention through random access channel resource reallocation
US20120174196A1 (en) * 2010-12-30 2012-07-05 Suresh Bhogavilli Active validation for ddos and ssl ddos attacks
US8689328B2 (en) * 2011-02-11 2014-04-01 Verizon Patent And Licensing Inc. Maliciouis user agent detection and denial of service (DOS) detection and prevention using fingerprinting
US9019815B2 (en) 2011-08-01 2015-04-28 Cisco Technology, Inc. Source alive route injection

Also Published As

Publication number Publication date
US20130152187A1 (en) 2013-06-13
EP2807574A1 (en) 2014-12-03
US20130198805A1 (en) 2013-08-01
WO2013112606A1 (en) 2013-08-01
EP2807574A4 (en) 2015-11-18
US20140304776A1 (en) 2014-10-09
US9088581B2 (en) 2015-07-21
US8677489B2 (en) 2014-03-18

Similar Documents

Publication Publication Date Title
IN2014DN06766A (en)
EP3756383A4 (en) Methods and systems for routing data through iab nodes in 5g communication networks
WO2011100629A3 (en) Methods, systems, and computer readable media for diameter network management
MY180943A (en) Framework for traffic engineering in software defined networking
GB2548232A (en) Methods and systems for business intent driven policy based network traffic characterization, monitoring and control
MX2020003366A (en) Method for qos capability negotiation between a user equipment and a session management function in a 5g system.
WO2016028527A3 (en) Admission control and load balancing
WO2015119895A8 (en) Bandwidth and latency estimation in a communication network
EP4293935A3 (en) Passive optical-based data center networks
WO2012129171A3 (en) Methods, systems, and computer readable media for configurable diameter address resolution
WO2015072957A3 (en) Offloaded security as a service
WO2012145701A3 (en) Routing optimization
GB2509646A (en) A system for regulating wireless device operations in wireless networks
IN2013MU02744A (en)
WO2012177763A3 (en) Method and apparatus for video aware bandwidth aggregation and/or management
MX369053B (en) Method to be implemented at a device configured to be connected to a customer premises equipment of a first type network, corresponding device.
WO2013048199A3 (en) Mobile communication system and method of information processing for improving user experience in the mobile communication system
MY157387A (en) A method and apparatus for pcc enhancement for flow based mobility
GB201112360D0 (en) Distributing information
WO2013191681A3 (en) Automatic content forwarding to communication networks
EP3474527A3 (en) Charging session management method and apparatus
GB2540329A (en) Methods and systems for forwarding data
GB2494350A (en) A method and system of bandwidth control
WO2012054218A3 (en) Routing traffic in an online service with high availability
EP2547049A4 (en) Method, system and corresponding apparatus for implementing policy and charging control