CA2671451A1 - Filtrage et regulation pour la protection contre les attaques entrainant un refus de service sur un reseau - Google Patents

Filtrage et regulation pour la protection contre les attaques entrainant un refus de service sur un reseau Download PDF

Info

Publication number
CA2671451A1
CA2671451A1 CA002671451A CA2671451A CA2671451A1 CA 2671451 A1 CA2671451 A1 CA 2671451A1 CA 002671451 A CA002671451 A CA 002671451A CA 2671451 A CA2671451 A CA 2671451A CA 2671451 A1 CA2671451 A1 CA 2671451A1
Authority
CA
Canada
Prior art keywords
module
data packets
bin
access list
entry
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
CA002671451A
Other languages
English (en)
Inventor
Shaun Jaikarran Bharrat
Mark Duffy
Ronald V. Grippo
Shiping Li
John A. Perreault
Jian Yang
Gary Robert Mccarthy
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sonus Networks Inc
Original Assignee
Sonus Networks, Inc.
Shaun Jaikarran Bharrat
Mark Duffy
Ronald V. Grippo
Shiping Li
John A. Perreault
Jian Yang
Gary Robert Mccarthy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/565,944 external-priority patent/US7940657B2/en
Priority claimed from US11/565,942 external-priority patent/US7804774B2/en
Priority claimed from US11/565,940 external-priority patent/US7672336B2/en
Application filed by Sonus Networks, Inc., Shaun Jaikarran Bharrat, Mark Duffy, Ronald V. Grippo, Shiping Li, John A. Perreault, Jian Yang, Gary Robert Mccarthy filed Critical Sonus Networks, Inc.
Publication of CA2671451A1 publication Critical patent/CA2671451A1/fr
Abandoned legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/141Denial of service attacks against endpoints in a network
CA002671451A 2006-12-01 2007-11-30 Filtrage et regulation pour la protection contre les attaques entrainant un refus de service sur un reseau Abandoned CA2671451A1 (fr)

Applications Claiming Priority (7)

Application Number Priority Date Filing Date Title
US11/565,944 US7940657B2 (en) 2006-12-01 2006-12-01 Identifying attackers on a network
US11/565,942 US7804774B2 (en) 2006-12-01 2006-12-01 Scalable filtering and policing mechanism for protecting user traffic in a network
US11/565,942 2006-12-01
US11/565,944 2006-12-01
US11/565,940 2006-12-01
US11/565,940 US7672336B2 (en) 2006-12-01 2006-12-01 Filtering and policing for defending against denial of service attacks on a network
PCT/US2007/086065 WO2008070549A2 (fr) 2006-12-01 2007-11-30 Filtrage et régulation pour la protection contre les attaques entraînant un refus de service sur un réseau

Publications (1)

Publication Number Publication Date
CA2671451A1 true CA2671451A1 (fr) 2008-06-12

Family

ID=39493669

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002671451A Abandoned CA2671451A1 (fr) 2006-12-01 2007-11-30 Filtrage et regulation pour la protection contre les attaques entrainant un refus de service sur un reseau

Country Status (4)

Country Link
EP (1) EP2090061A2 (fr)
JP (1) JP2011503912A (fr)
CA (1) CA2671451A1 (fr)
WO (1) WO2008070549A2 (fr)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8339959B1 (en) 2008-05-20 2012-12-25 Juniper Networks, Inc. Streamlined packet forwarding using dynamic filters for routing and security in a shared forwarding plane
US8955107B2 (en) 2008-09-12 2015-02-10 Juniper Networks, Inc. Hierarchical application of security services within a computer network
US8040808B1 (en) 2008-10-20 2011-10-18 Juniper Networks, Inc. Service aware path selection with a network acceleration device
FR2949934B1 (fr) * 2009-09-09 2011-10-28 Qosmos Surveillance d'une session de communication comportant plusieurs flux sur un reseau de donnees
US9251535B1 (en) 2012-01-05 2016-02-02 Juniper Networks, Inc. Offload of data transfer statistics from a mobile access gateway

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5473607A (en) * 1993-08-09 1995-12-05 Grand Junction Networks, Inc. Packet filtering for data networks
US6158010A (en) * 1998-10-28 2000-12-05 Crosslogix, Inc. System and method for maintaining security in a distributed computer network
CN1293502C (zh) * 1999-06-30 2007-01-03 倾向探测公司 用于监控网络流量的方法和设备
US6826698B1 (en) * 2000-09-15 2004-11-30 Networks Associates Technology, Inc. System, method and computer program product for rule based network security policies
US7284269B2 (en) * 2002-05-29 2007-10-16 Alcatel Canada Inc. High-speed adaptive structure of elementary firewall modules
US20040054925A1 (en) * 2002-09-13 2004-03-18 Cyber Operations, Llc System and method for detecting and countering a network attack
US20050240993A1 (en) * 2004-04-22 2005-10-27 Treadwell William S Methodology, system and computer readable medium for streams-based packet filtering
US7490235B2 (en) * 2004-10-08 2009-02-10 International Business Machines Corporation Offline analysis of packets

Also Published As

Publication number Publication date
WO2008070549A2 (fr) 2008-06-12
EP2090061A2 (fr) 2009-08-19
JP2011503912A (ja) 2011-01-27
WO2008070549A3 (fr) 2009-02-12

Similar Documents

Publication Publication Date Title
US7672336B2 (en) Filtering and policing for defending against denial of service attacks on a network
US7940657B2 (en) Identifying attackers on a network
US7804774B2 (en) Scalable filtering and policing mechanism for protecting user traffic in a network
US10735379B2 (en) Hybrid hardware-software distributed threat analysis
US8358592B2 (en) Network controller and control method with flow analysis and control function
US8448234B2 (en) Method and apparatus for deep packet inspection for network intrusion detection
CN113285882B (zh) 报文处理的方法、装置及相关设备
US20080281716A1 (en) Communication Control Device
US7669241B2 (en) Streaming algorithms for robust, real-time detection of DDoS attacks
US20060080444A1 (en) System and method for controlling access to a network resource
US20060191008A1 (en) Apparatus and method for accelerating intrusion detection and prevention systems using pre-filtering
US20060129810A1 (en) Method and apparatus for evaluating security of subscriber network
KR100997182B1 (ko) 플로우 정보 제한장치 및 방법
US20090037592A1 (en) Network overload detection and mitigation system and method
US7773507B1 (en) Automatic tiered services based on network conditions
US8272056B2 (en) Efficient intrusion detection
CA2671451A1 (fr) Filtrage et regulation pour la protection contre les attaques entrainant un refus de service sur un reseau
US10291632B2 (en) Filtering of metadata signatures
WO2022183794A1 (fr) Procédé de traitement de trafic et système de protection
Noh et al. Protection against flow table overflow attack in software defined networks
US11770405B2 (en) Automated selection of DDoS countermeasures using statistical analysis
US8964748B2 (en) Methods, systems, and computer readable media for performing flow compilation packet processing
Shomura et al. Analyzing the number of varieties in frequently found flows
CN113992421A (zh) 一种报文处理方法、装置及电子设备
CN113765858A (zh) 一种实现高性能状态防火墙的方法及装置

Legal Events

Date Code Title Description
FZDE Discontinued

Effective date: 20131202