专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08443076B2 Prefix hijacking detection device and methods thereof 有权
标题翻译：前缀劫持检测装置及其方法
公开(公告)号：US08443076B2
公开(公告)日：2013-05-14
申请号：US12640663
申请日：2009-12-17
申请人： Lusheng Ji , Dan Pei , Tonqing Qiu , Jia Wang
发明人： Lusheng Ji , Dan Pei , Tonqing Qiu , Jia Wang
IPC分类号： G06F15/173 , G06F15/177
CPC分类号： H04L63/1416 , H04L41/12
摘要： A method of placing prefix hijacking detection modules in a communications network includes selecting a set of candidate locations. For each candidate location, a detection coverage ratio with respect to a target Autonomous System is calculated. Based on the relative size of the coverage ratios, proposed locations for the prefix hijacking detection modules are determined.
摘要翻译：在通信网络中放置前缀劫持检测模块的方法包括选择一组候选位置。对于每个候选位置，计算相对于目标自治系统的检测覆盖率。基于覆盖率的相对大小，确定前缀劫持检测模块的建议位置。

2. 发明申请

US20110153801A1 Prefix Hijacking Detection Device and Methods Thereof 有权
标题翻译：前缀劫持检测装置及其方法
公开(公告)号：US20110153801A1
公开(公告)日：2011-06-23
申请号：US12640663
申请日：2009-12-17
申请人： Lusheng Ji , Dan Pei , Tonqing Qiu , Jia Wang
发明人： Lusheng Ji , Dan Pei , Tonqing Qiu , Jia Wang
IPC分类号： G06F15/173
CPC分类号： H04L63/1416 , H04L41/12
摘要： A method of placing prefix hijacking detection modules in a communications network includes selecting a set of candidate locations. For each candidate location, a detection coverage ratio with respect to a target Autonomous System is calculated. Based on the relative size of the coverage ratios, proposed locations for the prefix hijacking detection modules are determined.
摘要翻译：在通信网络中放置前缀劫持检测模块的方法包括选择一组候选位置。对于每个候选位置，计算相对于目标自治系统的检测覆盖率。基于覆盖率的相对大小，确定前缀劫持检测模块的建议位置。

3. 发明授权

US08042183B2 Method and apparatus for detecting computer-related attacks 有权
标题翻译：用于检测计算机相关攻击的方法和装置
公开(公告)号：US08042183B2
公开(公告)日：2011-10-18
申请号：US11879529
申请日：2007-07-18
申请人： Lusheng Ji , Dan Pei , Jia Wang
发明人： Lusheng Ji , Dan Pei , Jia Wang
IPC分类号： G06F21/00 , H04L29/06
CPC分类号： H04L63/1416 , H04L63/1466
摘要： Disclosed is a method and apparatus for detecting prefix hijacking attacks. A source node is separated from a destination network at a first time via an original path. The destination network is associated with a prefix. At a second time, a packet is transmitted from the source node to the destination network to determine a current path between the source node and the destination network. A packet is also transmitted from the source node to a reference node to determine a reference node path. The reference node is located along the original path and is associated with a prefix different than the prefix associated with the destination network. The current path and the reference node path are then compared, and a prefix hijacking attack is detected when the reference node path is not a sub-path of the current path.
摘要翻译：公开了一种用于检测前缀劫持攻击的方法和装置。源节点通过原始路径首次从目的地网络分离。目标网络与前缀相关联。第二次，从源节点向目的网络发送分组，以确定源节点和目的网络之间的当前路径。分组也从源节点发送到参考节点以确定参考节点路径。参考节点沿着原始路径定位，并且与不同于与目的地网络相关联的前缀的前缀相关联。然后比较当前路径和参考节点路径，并且当参考节点路径不是当前路径的子路径时，检测到前缀劫持攻击。

4. 发明申请

US20110138466A1 METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS FOR PROTECTING AGAINST IP PREFIX HIJACKING 有权
标题翻译：防止IP前缀重叠的方法，系统和计算机程序产品
公开(公告)号：US20110138466A1
公开(公告)日：2011-06-09
申请号：US12632201
申请日：2009-12-07
申请人： Lusheng Ji , Dan Pei , Jia Wang
发明人： Lusheng Ji , Dan Pei , Jia Wang
IPC分类号： G06F21/20
CPC分类号： H04L63/14 , H04L63/00 , H04L63/1466
摘要： A communication network is operated by identifying at least one potential hijack autonomous system (AS) that can be used to generate a corrupt routing path from a source AS to a destination AS. For each of the at least one potential hijack AS the following operations are performed: identifying at least one regional AS that is configured to adopt the corrupt routing path from the source AS to the destination AS and determining a reflector AS set such that, for each reflector AS in the set, a source AS to reflector AS routing path and a reflector AS to destination AS routing path do not comprise any of the at least one regional AS. A reflector AS is then identified that is common among the at least one reflector AS set responsive to performing the identifying and determining operations for each of the at least one potential hijack AS.
摘要翻译：通过识别至少一个潜在的劫持自治系统（AS）来操作通信网络，该系统可用于生成从源AS到目的地AS的损坏的路由路径。对于至少一个潜在劫机AS中的每一个，执行以下操作：识别被配置为采用从源AS到目的地AS的破坏路由路径的至少一个区域AS，并且确定反射器AS被设置为使得对于每个反射器AS在组中，源AS到反射器AS路由路径和反射器AS到目的地AS路由路径不包括至少一个区域AS中的任何一个。然后识别在响应于对至少一个潜在劫持AS中的每一个执行识别和确定操作的至少一个反射器AS中公共的反射器AS。

5. 发明授权

US08136160B2 System and method to select monitors that detect prefix hijacking events 失效
标题翻译：选择监控前缀劫持事件的监视器的系统和方法
公开(公告)号：US08136160B2
公开(公告)日：2012-03-13
申请号：US12277855
申请日：2008-11-25
申请人： Lusheng Ji , Dan Pei , Tongqing Qiu , Jia Wang
发明人： Lusheng Ji , Dan Pei , Tongqing Qiu , Jia Wang
IPC分类号： G06F21/00
CPC分类号： H04L63/1408
摘要： Method, system and computer-readable medium to select monitors that increase the likelihood of detecting prefix hijacking events of a destination prefix are disclosed. The method includes assigning each of the candidate prefix hijack monitors to a respective cluster of a plurality of clusters. Each of the candidate prefix hijack monitors is associated with an autonomous system (AS) that indicates an AS path of autonomous systems (ASes) from the AS to a destination prefix associated with a destination AS. The method further includes iteratively merging a pair of clusters with a highest similarity score amongst cluster pairs of the plurality of clusters into a single cluster until a processed number of clusters is less than or equal to a predetermined number of clusters. The method also includes ranking each candidate prefix hijack monitor of each of the processed number of clusters according to a route type from an AS associated with the candidate prefix hijack monitor and an AS distance from the AS associated with the candidate prefix hijack monitor to the destination AS. Yet further, the method includes determining a highest ranked candidate prefix hijack monitor of each of the processed number of clusters.
摘要翻译：公开了用于选择增加检测目的地前缀的前缀劫持事件的可能性的监视器的方法，系统和计算机可读介质。该方法包括将候选前缀劫持监视器中的每一个分配给多个集群的相应集群。候选前缀劫持监视器中的每一个与指示从AS到与目的地AS相关联的目的地前缀的自治系统（AS）的AS路径的自治系统（AS）相关联。所述方法还包括将具有所述多个聚类的群集对中具有最高相似度得分的一对群集迭代地合并为单个群集，直到所述群集的处理数量小于或等于预定数量的群集。该方法还包括根据来自与候选前缀劫持监视器相关联的AS的路由类型和与候选前缀劫持监视器相关联的AS到目的地的AS距离来对每个处理数量的群集的每个候选前缀劫持监视器进行排序如。此外，该方法包括确定处理数量的簇中的每一个的最高排名的候选前缀劫持监视器。

6. 发明授权

US08353034B2 System and method to locate a prefix hijacker within a one-hop neighborhood 有权
标题翻译：在一跳邻居中定位前缀劫持者的系统和方法
公开(公告)号：US08353034B2
公开(公告)日：2013-01-08
申请号：US12277782
申请日：2008-11-25
申请人： Lusheng Ji , Dan Pei , Tongqing Qiu , Jia Wang
发明人： Lusheng Ji , Dan Pei , Tongqing Qiu , Jia Wang
IPC分类号： G06F17/30
CPC分类号： G06F21/554 , H04L63/1416
摘要： Method, system and computer-readable medium to locate a prefix hijacker of a destination prefix within a one-hop neighborhood on a network. The method includes generating one-hop neighborhoods from autonomous system (AS)-level paths of plural monitors to a destination prefix. The method also includes determining a suspect set of AS identifiers resulting from a union of the one-hop neighborhoods. The method further includes calculating a count and a distance associated with each AS identifier of the suspect set. The count indicates how often the AS identifier appeared in the one-hop neighborhoods. The distance indicates a total distance from the AS identifier to AS identifiers associated with the plural monitors. Yet further, the method includes generating a one-hop suspect set of AS identifiers from the suspect set that have highest counts and highest distances.
摘要翻译：方法，系统和计算机可读介质，用于在网络上的一跳邻域内定位目的地前缀的前缀劫持者。该方法包括从多个监视器的自治系统（AS）级路径到目的地前缀生成一跳邻域。该方法还包括确定由一跳邻域的并集产生的可疑的一组AS标识符。该方法还包括计算与可疑组的每个AS标识符相关联的计数和距离。计数表示AS标识符出现在一跳邻域中的频率。距离表示从AS标识符到与多个监视器相关联的AS标识符的总距离。此外，该方法包括从具有最高计数和最高距离的可疑集合生成一跳可疑组的AS标识符。

7. 发明授权

US08296838B2 Methods, systems, and computer program products for protecting against IP prefix hijacking 有权
标题翻译：用于防止IP前缀劫持的方法，系统和计算机程序产品
公开(公告)号：US08296838B2
公开(公告)日：2012-10-23
申请号：US12632201
申请日：2009-12-07
申请人： Lusheng Ji , Dan Pei , Jia Wang
发明人： Lusheng Ji , Dan Pei , Jia Wang
IPC分类号： H04L29/06 , G06F9/00 , G06F15/16 , G06F17/00
CPC分类号： H04L63/14 , H04L63/00 , H04L63/1466
摘要： A communication network is operated by identifying at least one potential hijack autonomous system (AS) that can be used to generate a corrupt routing path from a source AS to a destination AS. For each of the at least one potential hijack AS the following operations are performed: identifying at least one regional AS that is configured to adopt the corrupt routing path from the source AS to the destination AS and determining a reflector AS set such that, for each reflector AS in the set, a source AS to reflector AS routing path and a reflector AS to destination AS routing path do not comprise any of the at least one regional AS. A reflector AS is then identified that is common among the at least one reflector AS set responsive to performing the identifying and determining operations for each of the at least one potential hijack AS.
摘要翻译：通过识别至少一个潜在的劫持自治系统（AS）来操作通信网络，该系统可用于生成从源AS到目的地AS的损坏的路由路径。对于至少一个潜在的劫机AS中的每一个，执行以下操作：识别被配置为采用从源AS到目的地AS的损坏路由路径的至少一个区域AS，并且确定反射器AS集合，使得对于每个反射器AS在组中，源AS到反射器AS路由路径和反射器AS到目的地AS路由路径不包括至少一个区域AS中的任何一个。然后识别在响应于对至少一个潜在劫持AS中的每一个执行识别和确定操作的至少一个反射器AS中公共的反射器AS。

8. 发明申请

US20100132039A1 SYSTEM AND METHOD TO SELECT MONITORS THAT DETECT PREFIX HIJACKING EVENTS 失效
标题翻译：选择检测前缀重叠事件的监视器的系统和方法
公开(公告)号：US20100132039A1
公开(公告)日：2010-05-27
申请号：US12277855
申请日：2008-11-25
申请人： Lusheng Ji , Dan Pei , Tongqing Qui , Jia Wang
发明人： Lusheng Ji , Dan Pei , Tongqing Qui , Jia Wang
IPC分类号： G06F21/00
CPC分类号： H04L63/1408
摘要： Method, system and computer-readable medium to select monitors that increase the likelihood of detecting prefix hijacking events of a destination prefix are disclosed. The method includes assigning each of the candidate prefix hijack monitors to a respective cluster of a plurality of clusters. Each of the candidate prefix hijack monitors is associated with an autonomous system (AS) that indicates an AS path of autonomous systems (ASes) from the AS to a destination prefix associated with a destination AS. The method further includes iteratively merging a pair of clusters with a highest similarity score amongst cluster pairs of the plurality of clusters into a single cluster until a processed number of clusters is less than or equal to a predetermined number of clusters. The method also includes ranking each candidate prefix hijack monitor of each of the processed number of clusters according to a route type from an AS associated with the candidate prefix hijack monitor and an AS distance from the AS associated with the candidate prefix hijack monitor to the destination AS. Yet further, the method includes determining a highest ranked candidate prefix hijack monitor of each of the processed number of clusters.
摘要翻译：公开了用于选择增加检测目的地前缀的前缀劫持事件的可能性的监视器的方法，系统和计算机可读介质。该方法包括将候选前缀劫持监视器中的每一个分配给多个集群的相应集群。候选前缀劫持监视器中的每一个与指示从AS到与目的地AS相关联的目的地前缀的自治系统（AS）的AS路径的自治系统（AS）相关联。所述方法还包括将具有所述多个聚类的群集对中具有最高相似度得分的一对群集迭代地合并为单个群集，直到所述群集的处理数量小于或等于预定数量的群集。该方法还包括根据来自与候选前缀劫持监视器相关联的AS的路由类型和与候选前缀劫持监视器相关联的AS到目的地的AS距离来对每个处理数量的群集的每个候选前缀劫持监视器进行排序如。此外，该方法包括确定处理数量的簇中的每一个的最高排名的候选前缀劫持监视器。

9. 发明申请

US20100132037A1 SYSTEM AND METHOD TO LOCATE A PREFIX HIJACKER WITHIN A ONE-HOP NEIGHBORHOOD 有权
标题翻译：在一个HOP NEIGHBORHOOD中定位一个前缀HIJACKER的系统和方法
公开(公告)号：US20100132037A1
公开(公告)日：2010-05-27
申请号：US12277782
申请日：2008-11-25
申请人： Lusheng Ji , Dan Pei , Tongqing Qiu , Jia Wang
发明人： Lusheng Ji , Dan Pei , Tongqing Qiu , Jia Wang
IPC分类号： G06F21/00
CPC分类号： G06F21/554 , H04L63/1416
摘要： Method, system and computer-readable medium to locate a prefix hijacker of a destination prefix within a one-hop neighborhood on a network. The method includes generating one-hop neighborhoods from autonomous system (AS)-level paths of plural monitors to a destination prefix. The method also includes determining a suspect set of AS identifiers resulting from a union of the one-hop neighborhoods. The method further includes calculating a count and a distance associated with each AS identifier of the suspect set. The count indicates how often the AS identifier appeared in the one-hop neighborhoods. The distance indicates a total distance from the AS identifier to AS identifiers associated with the plural monitors. Yet further, the method includes generating a one-hop suspect set of AS identifiers from the suspect set that have highest counts and highest distances.
摘要翻译：方法，系统和计算机可读介质，用于在网络上的一跳邻域内定位目的地前缀的前缀劫持者。该方法包括从多个监视器的自治系统（AS）级路径到目的地前缀生成一跳邻域。该方法还包括确定由一跳邻域的并集产生的可疑的一组AS标识符。该方法还包括计算与可疑组的每个AS标识符相关联的计数和距离。计数表示AS标识符出现在一跳邻域中的频率。距离表示从AS标识符到与多个监视器相关联的AS标识符的总距离。此外，该方法包括从具有最高计数和最高距离的可疑集合生成一跳可疑组的AS标识符。

10. 发明申请

US20090025082A1 Method and apparatus for detecting computer-related attacks 有权
标题翻译：用于检测计算机相关攻击的方法和装置
公开(公告)号：US20090025082A1
公开(公告)日：2009-01-22
申请号：US11879529
申请日：2007-07-18
申请人： Lusheng Ji , Dan Pei , Jia Wang
发明人： Lusheng Ji , Dan Pei , Jia Wang
IPC分类号： G08B23/00
CPC分类号： H04L63/1416 , H04L63/1466
摘要： Disclosed is a method and apparatus for detecting prefix hijacking attacks. A source node is separated from a destination network at a first time via an original path. The destination network is associated with a prefix. At a second time, a packet is transmitted from the source node to the destination network to determine a current path between the source node and the destination network. A packet is also transmitted from the source node to a reference node to determine a reference node path. The reference node is located along the original path and is associated with a prefix different than the prefix associated with the destination network. The current path and the reference node path are then compared, and a prefix hijacking attack is detected when the reference node path is not a sub-path of the current path.
摘要翻译：公开了一种用于检测前缀劫持攻击的方法和装置。源节点通过原始路径首次从目的地网络分离。目标网络与前缀相关联。第二次，从源节点向目的网络发送分组，以确定源节点和目的网络之间的当前路径。分组也从源节点发送到参考节点以确定参考节点路径。参考节点沿着原始路径定位，并且与不同于与目的地网络相关联的前缀的前缀相关联。然后比较当前路径和参考节点路径，并且当参考节点路径不是当前路径的子路径时，检测到前缀劫持攻击。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式