CA2671451A1 - Filtrage et regulation pour la protection contre les attaques entrainant un refus de service sur un reseau - Google Patents
Filtrage et regulation pour la protection contre les attaques entrainant un refus de service sur un reseau Download PDFInfo
- Publication number
- CA2671451A1 CA2671451A1 CA002671451A CA2671451A CA2671451A1 CA 2671451 A1 CA2671451 A1 CA 2671451A1 CA 002671451 A CA002671451 A CA 002671451A CA 2671451 A CA2671451 A CA 2671451A CA 2671451 A1 CA2671451 A1 CA 2671451A1
- Authority
- CA
- Canada
- Prior art keywords
- module
- data packets
- bin
- access list
- entry
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/141—Denial of service attacks against endpoints in a network
Applications Claiming Priority (7)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/565,944 US7940657B2 (en) | 2006-12-01 | 2006-12-01 | Identifying attackers on a network |
US11/565,942 US7804774B2 (en) | 2006-12-01 | 2006-12-01 | Scalable filtering and policing mechanism for protecting user traffic in a network |
US11/565,942 | 2006-12-01 | ||
US11/565,944 | 2006-12-01 | ||
US11/565,940 | 2006-12-01 | ||
US11/565,940 US7672336B2 (en) | 2006-12-01 | 2006-12-01 | Filtering and policing for defending against denial of service attacks on a network |
PCT/US2007/086065 WO2008070549A2 (fr) | 2006-12-01 | 2007-11-30 | Filtrage et régulation pour la protection contre les attaques entraînant un refus de service sur un réseau |
Publications (1)
Publication Number | Publication Date |
---|---|
CA2671451A1 true CA2671451A1 (fr) | 2008-06-12 |
Family
ID=39493669
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002671451A Abandoned CA2671451A1 (fr) | 2006-12-01 | 2007-11-30 | Filtrage et regulation pour la protection contre les attaques entrainant un refus de service sur un reseau |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP2090061A2 (fr) |
JP (1) | JP2011503912A (fr) |
CA (1) | CA2671451A1 (fr) |
WO (1) | WO2008070549A2 (fr) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8339959B1 (en) | 2008-05-20 | 2012-12-25 | Juniper Networks, Inc. | Streamlined packet forwarding using dynamic filters for routing and security in a shared forwarding plane |
US8955107B2 (en) | 2008-09-12 | 2015-02-10 | Juniper Networks, Inc. | Hierarchical application of security services within a computer network |
US8040808B1 (en) | 2008-10-20 | 2011-10-18 | Juniper Networks, Inc. | Service aware path selection with a network acceleration device |
FR2949934B1 (fr) * | 2009-09-09 | 2011-10-28 | Qosmos | Surveillance d'une session de communication comportant plusieurs flux sur un reseau de donnees |
US9251535B1 (en) | 2012-01-05 | 2016-02-02 | Juniper Networks, Inc. | Offload of data transfer statistics from a mobile access gateway |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5473607A (en) * | 1993-08-09 | 1995-12-05 | Grand Junction Networks, Inc. | Packet filtering for data networks |
US6158010A (en) * | 1998-10-28 | 2000-12-05 | Crosslogix, Inc. | System and method for maintaining security in a distributed computer network |
CN1293502C (zh) * | 1999-06-30 | 2007-01-03 | 倾向探测公司 | 用于监控网络流量的方法和设备 |
US6826698B1 (en) * | 2000-09-15 | 2004-11-30 | Networks Associates Technology, Inc. | System, method and computer program product for rule based network security policies |
US7284269B2 (en) * | 2002-05-29 | 2007-10-16 | Alcatel Canada Inc. | High-speed adaptive structure of elementary firewall modules |
US20040054925A1 (en) * | 2002-09-13 | 2004-03-18 | Cyber Operations, Llc | System and method for detecting and countering a network attack |
US20050240993A1 (en) * | 2004-04-22 | 2005-10-27 | Treadwell William S | Methodology, system and computer readable medium for streams-based packet filtering |
US7490235B2 (en) * | 2004-10-08 | 2009-02-10 | International Business Machines Corporation | Offline analysis of packets |
-
2007
- 2007-11-30 EP EP07864977A patent/EP2090061A2/fr not_active Withdrawn
- 2007-11-30 CA CA002671451A patent/CA2671451A1/fr not_active Abandoned
- 2007-11-30 JP JP2009539507A patent/JP2011503912A/ja active Pending
- 2007-11-30 WO PCT/US2007/086065 patent/WO2008070549A2/fr active Application Filing
Also Published As
Publication number | Publication date |
---|---|
WO2008070549A2 (fr) | 2008-06-12 |
EP2090061A2 (fr) | 2009-08-19 |
JP2011503912A (ja) | 2011-01-27 |
WO2008070549A3 (fr) | 2009-02-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7672336B2 (en) | Filtering and policing for defending against denial of service attacks on a network | |
US7940657B2 (en) | Identifying attackers on a network | |
US7804774B2 (en) | Scalable filtering and policing mechanism for protecting user traffic in a network | |
US10735379B2 (en) | Hybrid hardware-software distributed threat analysis | |
US8358592B2 (en) | Network controller and control method with flow analysis and control function | |
US8448234B2 (en) | Method and apparatus for deep packet inspection for network intrusion detection | |
CN113285882B (zh) | 报文处理的方法、装置及相关设备 | |
US20080281716A1 (en) | Communication Control Device | |
US7669241B2 (en) | Streaming algorithms for robust, real-time detection of DDoS attacks | |
US20060080444A1 (en) | System and method for controlling access to a network resource | |
US20060191008A1 (en) | Apparatus and method for accelerating intrusion detection and prevention systems using pre-filtering | |
US20060129810A1 (en) | Method and apparatus for evaluating security of subscriber network | |
KR100997182B1 (ko) | 플로우 정보 제한장치 및 방법 | |
US20090037592A1 (en) | Network overload detection and mitigation system and method | |
US7773507B1 (en) | Automatic tiered services based on network conditions | |
US8272056B2 (en) | Efficient intrusion detection | |
CA2671451A1 (fr) | Filtrage et regulation pour la protection contre les attaques entrainant un refus de service sur un reseau | |
US10291632B2 (en) | Filtering of metadata signatures | |
WO2022183794A1 (fr) | Procédé de traitement de trafic et système de protection | |
Noh et al. | Protection against flow table overflow attack in software defined networks | |
US11770405B2 (en) | Automated selection of DDoS countermeasures using statistical analysis | |
US8964748B2 (en) | Methods, systems, and computer readable media for performing flow compilation packet processing | |
Shomura et al. | Analyzing the number of varieties in frequently found flows | |
CN113992421A (zh) | 一种报文处理方法、装置及电子设备 | |
CN113765858A (zh) | 一种实现高性能状态防火墙的方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FZDE | Discontinued |
Effective date: 20131202 |