会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 36. 发明申请
    • Method and apparatus for large-scale automated distributed denial of service attack detection
    • 用于大规模自动分布式拒绝服务攻击检测的方法和装置
    • US20070283436A1
    • 2007-12-06
    • US11452623
    • 2006-06-14
    • Nicholas DuffieldJacobus Van Der MerweVyas SekarOliver Spatscheck
    • Nicholas DuffieldJacobus Van Der MerweVyas SekarOliver Spatscheck
    • G06F12/14
    • H04L63/1425H04L63/1458
    • A multi-staged framework for detecting and diagnosing Denial of Service attacks is disclosed in which a low-cost anomaly detection mechanism is first used to collect coarse data, such as may be obtained from Simple Network Management Protocol (SNMP) data flows. Such data is analyzed to detect volume anomalies that could possibly be indicative of a DDoS attack. If such an anomaly is suspected, incident reports are then generated and used to trigger the collection and analysis of fine grained data, such as that available in Netflow data flows. Both types of collection and analysis are illustratively conducted at edge routers within the service provider network that interface customers and customer networks to the service provider. Once records of the more detailed information have been retrieved, they are examined to determine whether the anomaly represents a distributed denial of service attack, at which point an alarm is generated.
    • 公开了一种用于检测和诊断拒绝服务攻击的多阶段框架,其中首先使用低成本异常检测机制来收集粗略数据,例如可以从简单网络管理协议(SNMP)数据流中获得。 分析这些数据以检测可能表示DDoS攻击的体积异常。 如果怀疑出现这种异常,则会生成事件报告,并用于触发对Netflow数据流中可用的细粒度数据的收集和分析。 这两种类型的收集和分析在服务提供商网络中的边缘路由器上进行说明性地进行,其将客户和客户网络接入服务提供商。 一旦检索到更详细信息的记录,就检查它们以确定异常是否表示分布式拒绝服务攻击,此时产生警报。