SYSTEM UND VERFAHREN ZUR VERTEIDIGUNG GEGEN DENIAL-OF-SERVICE ANGRIFFE AUF DIE NETZWERKKNOTEN

SYSTEM UND VERFAHREN ZUR VERTEIDIGUNG GEGEN DENIAL-OF-SERVICE ANGRIFFE AUF DIE NETZWERKKNOTEN

The present invention is a network switch that maintains a relatively lightly loaded state, and at the same time protects the network servers from DOS and DDOS attacks. The switch maintains a very large table of IP addresses where it stores information such as the number of incompleted and completed...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: NARAYANASWAMY, KRISHNA, WRIGHT, CHRISTOPHER L, SPINNEY, BARRY A, ROSS, THEODORE L, PAQUETTE, MICHAEL D
Format: Patent
Sprache:ger
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The present invention is a network switch that maintains a relatively lightly loaded state, and at the same time protects the network servers from DOS and DDOS attacks. The switch maintains a very large table of IP addresses where it stores information such as the number of incompleted and completed connections from each address. Using this information, the switch classifies each address into a threat level: unknown, trusted, suspicious, and malicious. Each threat level is treated differently allowing the switch to provide efficient access to the server while maintaining security. Connection to the server is denied to clients classified as malicious while trusted clients are passed through to the server. Suspicious connections are proxied while unknown connection treatment may be set by the user.