MX2011011296A - Regimen jerarquico que limita los paquetes de control. - Google Patents

Regimen jerarquico que limita los paquetes de control.

Info

Publication number
MX2011011296A
MX2011011296A MX2011011296A MX2011011296A MX2011011296A MX 2011011296 A MX2011011296 A MX 2011011296A MX 2011011296 A MX2011011296 A MX 2011011296A MX 2011011296 A MX2011011296 A MX 2011011296A MX 2011011296 A MX2011011296 A MX 2011011296A
Authority
MX
Mexico
Prior art keywords
packets
rate limiting
level
those
control packets
Prior art date
Application number
MX2011011296A
Other languages
English (en)
Inventor
Anubhav Gupta
Arunkumar M Desigan
Arun Sharma
Mukund Srinivasan
Original Assignee
Ericsson Telefon Ab L M
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ericsson Telefon Ab L M filed Critical Ericsson Telefon Ab L M
Publication of MX2011011296A publication Critical patent/MX2011011296A/es

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/32Flow control; Congestion control by discarding or delaying data units, e.g. packets or frames
    • H04L47/323Discarding or blocking control packets, e.g. ACK packets
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/25Flow control; Congestion control with rate being modified by the source upon detecting a change of network conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0254Stateful filtering

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Communication Control (AREA)

Abstract

Los paquetes de control que reciben tarjetas de línea y llevan a cabo el límite de velocidad jerárquica en los paquetes de control. Un grupo de claves de identificador se extraen de los paquetes de control y el protocolo de los paquetes de control se determinan. En un primer nivel, los paquetes de control tienen velocidad limitada por el único grupo de claves de identificador por protocolo. Los paquetes que no limitan la velocidad del primer nivel se suprimen. Los paquetes que pasan el primer nivel de límite de velocidad son limitados en velocidad a un segundo nivel por tipo de protocolo. Los paquetes que no limitan la velocidad del segundo nivel se suprimen mientras que los paquetes que pasan al limitador de velocidad del segundo nivel se envían a la tarjeta de control para proceso adicional.
MX2011011296A 2009-04-29 2010-04-29 Regimen jerarquico que limita los paquetes de control. MX2011011296A (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US12/432,383 US8249088B2 (en) 2009-04-29 2009-04-29 Hierarchical rate limiting of control packets
PCT/IB2010/000975 WO2010125447A1 (en) 2009-04-29 2010-04-29 Hierarchical rate limiting of control packets

Publications (1)

Publication Number Publication Date
MX2011011296A true MX2011011296A (es) 2011-11-18

Family

ID=42357315

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2011011296A MX2011011296A (es) 2009-04-29 2010-04-29 Regimen jerarquico que limita los paquetes de control.

Country Status (7)

Country Link
US (2) US8249088B2 (es)
EP (1) EP2425593A1 (es)
CN (1) CN102415062B (es)
MX (1) MX2011011296A (es)
SG (1) SG175020A1 (es)
TW (1) TWI495301B (es)
WO (1) WO2010125447A1 (es)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8249088B2 (en) 2009-04-29 2012-08-21 Telefonaktiebolaget L M Ericsson (Publ) Hierarchical rate limiting of control packets
SE535014C2 (sv) 2009-12-03 2012-03-13 Stora Enso Oyj En pappers eller kartongprodukt och en process för tillverkning av en pappers eller kartongprodukt
US20130163417A1 (en) * 2011-12-27 2013-06-27 Mitel Networks Corporation Application level admission overload control
US9485118B1 (en) * 2012-09-28 2016-11-01 Juniper Networks, Inc. Penalty-box policers for network device control plane protection
US10097474B1 (en) 2013-03-15 2018-10-09 Google Llc Shared rate limiting
US10581728B1 (en) * 2013-09-20 2020-03-03 Amazon Technologies, Inc. Rate limiting of network traffic
US9971526B1 (en) * 2015-06-29 2018-05-15 Amazon Technologies, Inc. Volume-based key-value store
US10999398B1 (en) * 2015-09-01 2021-05-04 Vmware, Inc. Scan protection with rate limiting
US10069859B2 (en) * 2015-12-16 2018-09-04 Verizon Digital Media Services Inc. Distributed rate limiting
US10044751B2 (en) * 2015-12-28 2018-08-07 Arbor Networks, Inc. Using recurrent neural networks to defeat DNS denial of service attacks
US10419930B2 (en) * 2016-05-27 2019-09-17 Afero, Inc. System and method for establishing secure communication channels with internet of things (IoT) devices
US10581875B2 (en) 2016-05-27 2020-03-03 Afero, Inc. System and method for preventing security breaches in an internet of things (IOT) system
US10313117B1 (en) 2016-06-30 2019-06-04 Amazon Technologies, Inc. Cryptographic key management to prevent data exfiltration
US10404567B2 (en) * 2016-12-29 2019-09-03 Oath Inc. UDPing-continuous one-way monitoring of multiple network links
US10454965B1 (en) * 2017-04-17 2019-10-22 Symantec Corporation Detecting network packet injection
JP2019050453A (ja) * 2017-09-07 2019-03-28 株式会社東芝 通信装置、通信方法、プログラムおよび通信システム
TWI642285B (zh) * 2018-02-02 2018-11-21 思銳科技股份有限公司 網路交換機的主機狀態偵測方法與系統
US12019613B2 (en) * 2019-07-18 2024-06-25 EMC IP Holding Company LLC Data integrity and consensuses with blockchain
TWI774355B (zh) * 2021-05-05 2022-08-11 瑞昱半導體股份有限公司 網路交換器以及異常檢測方法

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6724721B1 (en) 1999-05-07 2004-04-20 Cisco Technology, Inc. Approximated per-flow rate limiting
US6385209B1 (en) * 2000-06-14 2002-05-07 Pluris, Inc. Method and apparatus for mapping data packets between lines of differing capacity at a router interface
US7917647B2 (en) * 2000-06-16 2011-03-29 Mcafee, Inc. Method and apparatus for rate limiting
US7389537B1 (en) 2001-10-09 2008-06-17 Juniper Networks, Inc. Rate limiting data traffic in a network
US7224668B1 (en) 2002-11-27 2007-05-29 Cisco Technology, Inc. Control plane security and traffic flow management
US7681235B2 (en) 2003-05-19 2010-03-16 Radware Ltd. Dynamic network protection
US7516487B1 (en) * 2003-05-21 2009-04-07 Foundry Networks, Inc. System and method for source IP anti-spoofing security
US7355969B2 (en) * 2003-10-07 2008-04-08 Alcatel Line card port protection rate limiter circuitry
US7436770B2 (en) 2004-01-21 2008-10-14 Alcatel Lucent Metering packet flows for limiting effects of denial of service attacks
US20060106919A1 (en) * 2004-11-12 2006-05-18 David Watkinson Communication traffic control rule generation methods and systems
US7801045B2 (en) 2007-06-19 2010-09-21 Alcatel Lucent Hierarchical rate limiting with proportional limiting
US8249088B2 (en) 2009-04-29 2012-08-21 Telefonaktiebolaget L M Ericsson (Publ) Hierarchical rate limiting of control packets

Also Published As

Publication number Publication date
SG175020A1 (en) 2011-11-28
TWI495301B (zh) 2015-08-01
EP2425593A1 (en) 2012-03-07
TW201132057A (en) 2011-09-16
US20100278191A1 (en) 2010-11-04
WO2010125447A1 (en) 2010-11-04
US8249088B2 (en) 2012-08-21
US20120195323A1 (en) 2012-08-02
CN102415062A (zh) 2012-04-11
US8576866B2 (en) 2013-11-05
CN102415062B (zh) 2015-04-22

Similar Documents

Publication Publication Date Title
MX2011011296A (es) Regimen jerarquico que limita los paquetes de control.
EP2348447A3 (en) A computer implemented method for generating a set of identifiers from a private key, computer implemented method and computing device
MX2017004837A (es) Comunicacion entre dispositivos de una red con conocimiento de vecinos.
WO2014198903A3 (de) Vorrichtung und verfahren zum steuern eines leuchtmittels
MX2015004493A (es) Validacion automatica de transacciones entre usuarios.
BR112014012930A2 (pt) método para um primeiro dispositivo para comunicar-se com um segundo dispositivo em uma rede sem fio, produto de programa de computador, dispositivo para a comunicação com outro dispositivo em uma rede sem fio, e sistema para comunicações sem fio
SG139580A1 (en) Method for generating cryptographic key from biometric data
WO2010018374A3 (en) Switching table in an ethernet bridge
WO2012086981A3 (ko) 다중 셀 협력 무선 통신 시스템에서 채널 상태 정보를 보고하는 방법 및 이를 위한 장치
EP2080286A4 (en) METHOD FOR TRANSMITTING DATA IN A WIRELESS COMMUNICATION SYSTEM
GEP20135973B (en) Method and system controlling item production
WO2012097247A3 (en) Proxy device operation in command and control network
MX2010006989A (es) Equipos y metodos para sincronizacion cronometrada de enlace ascendente.
MX2018003483A (es) Recepcion de datos de sistemas de alarma publica.
EP2667549A3 (en) Control Method for Image Processing Apparatus
GB201101471D0 (en) A method, module and host
MX2010007394A (es) Aislamiento de contenido a traves de procesamientos en una aplicacion.
WO2010032158A3 (en) A method for communicating in a network, a communication device and a system therefor
EP2423918A3 (en) Information processing device, information processing method, and program
GB2459815A (en) System and method for secure automated data collection
WO2013037828A3 (fr) Procede d'echanges securises de donnees, dispositif et systeme de communication le mettant en oeuvre
MX2020011942A (es) Aparato y método para transmitir y recibir señal en sistema multimedia.
IN2012DN02881A (es)
WO2011084647A3 (en) Toxin-immunity system
MX2012002883A (es) Metodo y sistema para el acceso a servicios de un usuario en una entidad de funcion de control de portal de acceso.

Legal Events

Date Code Title Description
FG Grant or registration