WO2003050644A3 - Protecting against malicious traffic - Google Patents

Protecting against malicious traffic

Info

Publication number
WO2003050644A3
WO2003050644A3 PCT/IL2002/000996 IL0200996W WO2003050644A3 WO 2003050644 A3 WO2003050644 A3 WO 2003050644A3 IL 0200996 W IL0200996 W IL 0200996W WO 2003050644 A3 WO2003050644 A3 WO 2003050644A3
Authority
WO
Grant status
Application
Patent type
Prior art keywords
protecting against
malicious traffic
against malicious
data packet
determination
Prior art date
Application number
PCT/IL2002/000996
Other languages
French (fr)
Other versions
WO2003050644A2 (en )
Inventor
Yehuda Afek
Bar Anat Bremler
Dan Touitou
Rafi Zadikario
Original Assignee
Yehuda Afek
Bar Anat Bremler
Riverhead Networks Inc
Dan Touitou
Rafi Zadikario
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment

Abstract

A method for screening packet-based communication traffic. At least a first data parcket, sent over a network (40) from a source address to a destination address, is received. A determination is made, by analyzing the first data packet, that the first data packet was generated by a worm. In response to the determination, a second data packet sent over the network from the source address is blocked.
PCT/IL2002/000996 2000-10-17 2002-12-10 Protecting against malicious traffic WO2003050644A3 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US09929877 US7707305B2 (en) 2000-10-17 2001-08-14 Methods and apparatus for protecting against overload conditions on nodes of a distributed network
US33990001 true 2001-12-10 2001-12-10
US60/339,900 2001-12-10

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
EP20020795406 EP1461704B1 (en) 2001-12-10 2002-12-10 Protecting against malicious traffic
CA 2469885 CA2469885C (en) 2001-12-10 2002-12-10 Protecting against malicious traffic
US10774169 US8438241B2 (en) 2001-08-14 2004-02-05 Detecting and protecting against worm traffic on a network
US11045001 US7225270B2 (en) 2000-10-17 2005-01-26 Selective diversion and injection of communication traffic
US11183091 US20060212572A1 (en) 2000-10-17 2005-07-14 Protecting against malicious traffic

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US09929877 Continuation-In-Part US7707305B2 (en) 2000-10-17 2001-08-14 Methods and apparatus for protecting against overload conditions on nodes of a distributed network

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US10774169 Continuation-In-Part US8438241B2 (en) 2000-10-17 2004-02-05 Detecting and protecting against worm traffic on a network

Publications (2)

Publication Number Publication Date
WO2003050644A2 true WO2003050644A2 (en) 2003-06-19
WO2003050644A3 true true WO2003050644A3 (en) 2003-11-27

Family

ID=29553090

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2002/000996 WO2003050644A3 (en) 2000-10-17 2002-12-10 Protecting against malicious traffic

Country Status (1)

Country Link
WO (1) WO2003050644A3 (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1595193B1 (en) * 2001-08-14 2012-11-21 Cisco Technology, Inc. Detecting and protecting against worm traffic on a network
US8438241B2 (en) 2001-08-14 2013-05-07 Cisco Technology, Inc. Detecting and protecting against worm traffic on a network
EP2977910A1 (en) * 2003-04-09 2016-01-27 Cisco Technology, Inc. Selective diversion and injection of communication traffic
CN1771708A (en) * 2003-05-30 2006-05-10 国际商业机器公司 Network attack signature generation
CA2548336A1 (en) 2004-01-26 2005-08-04 Cisco Technology, Inc. Upper-level protocol authentication
EP1754348B1 (en) * 2004-05-19 2012-08-01 Computer Associates Think, Inc. Using address ranges to detect malicious activity
US7540025B2 (en) * 2004-11-18 2009-05-26 Cisco Technology, Inc. Mitigating network attacks using automatic signature generation
US7607170B2 (en) 2004-12-22 2009-10-20 Radware Ltd. Stateful attack protection
WO2006082507A1 (en) * 2005-02-04 2006-08-10 Nokia Corporation Apparatus, method and computer program product to reduce tcp flooding attacks while conserving wireless network bandwidth
FI20050561A0 (en) * 2005-05-26 2005-05-26 Nokia Corp The packet data processing in a communication system
US20070077931A1 (en) * 2005-10-03 2007-04-05 Glinka Michael F Method and apparatus for wireless network protection against malicious transmissions
US8156557B2 (en) 2007-01-04 2012-04-10 Cisco Technology, Inc. Protection against reflection distributed denial of service attacks
US20160080413A1 (en) * 2014-09-12 2016-03-17 Level 3 Communications, Llc Blocking forgiveness for ddos

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6397335B1 (en) * 1998-02-12 2002-05-28 Ameritech Corporation Computer virus screening methods and systems
US6513122B1 (en) * 2001-06-29 2003-01-28 Networks Associates Technology, Inc. Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6397335B1 (en) * 1998-02-12 2002-05-28 Ameritech Corporation Computer virus screening methods and systems
US6513122B1 (en) * 2001-06-29 2003-01-28 Networks Associates Technology, Inc. Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP1461704A4 *

Also Published As

Publication number Publication date Type
WO2003050644A2 (en) 2003-06-19 application

Similar Documents

Publication Publication Date Title
WO2005017708A3 (en) Method and apparatus for detecting predefined signatures in packet payload using bloom filters
EP0858189A3 (en) Networking method
WO2003041437A1 (en) Wireless communication method and mobile terminal used therefor
EP1443732A3 (en) Method and system for adaptively applying performance enhancing functions
WO2001048725A1 (en) Method for determining traffic information, control centre and terminal
US20020159438A1 (en) Ethernet based TDM switch
WO2003049461A3 (en) Telecommunications services apparatus for processing telephone communications
WO2006130807A3 (en) Selecting data interfaces in a multi-homing, multi-mode communication device
WO2005048106A3 (en) Virtual private network with pseudo server
WO2002078199A3 (en) A method and system for remotely authenticating identification devices
US8402538B2 (en) Method and system for detecting and responding to harmful traffic
CN1977548A (en) Interface method for long-distance radio frequency unit and centralized base station
RU2003117017A (en) The system for planning the transmission of data traffic at the packet based on the uplink in a wireless communication system
US7983277B1 (en) System and method for creating a secure connection over an MPLS network
WO2002071775A1 (en) Mobile ip packet communication system
WO2002099571A3 (en) System and method for topology constrained routing policy provisioning
CA2419675A1 (en) Automatic router configuration based on traffic and service level agreements
WO2003043276A1 (en) Provider connection system, packet exchange apparatus thereof, dns server, packet exchange method, and computer program thereof
CA2325652A1 (en) A method for intercepting network packets in a computing device
EP1159819B1 (en) Encoding user subscription in ip address
WO2006063002B1 (en) Performing security functions on a message payload in a network element
EP1653692B1 (en) Intelligent selective flow-based datapath architecture
KR20090006632A (en) Virtual firewall system and the control method for using based on commonness security policy

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2469885

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 20028247000

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2002360197

Country of ref document: AU

WWE Wipo information: entry into national phase

Ref document number: 2002795406

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2002795406

Country of ref document: EP

NENP Non-entry into the national phase in:

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP