会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 7. 发明申请
    • Network and application attack protection based on application layer message inspection
    • 基于应用层消息检测的网络和应用攻击防护
    • US20060123479A1
    • 2006-06-08
    • US11007152
    • 2004-12-07
    • Sandeep KumarYi JinSunil PottiChristopher Wiborg
    • Sandeep KumarYi JinSunil PottiChristopher Wiborg
    • G06F12/14
    • H04L63/0245H04L63/123H04L63/1416H04L63/1458H04L2463/141
    • A method is disclosed for protecting a network against a denial-of-service attack by inspecting application layer messages at a network element. According to one aspect, when a network element intercepts data packets that contain an application layer message, the network element constructs the message from the payload portions of the packets. The network element determines whether the message satisfies specified criteria. The criteria may indicate characteristics of messages that are suspected to be involved in a denial-of-service attack, for example. If the message satisfies the specified criteria, then the network element prevents the data packets that contain the message from being received by the application for which the message was intended. The network element may accomplish this by dropping the packets, for example. As a result, the application's host does not waste processing resources on messages whose only purpose might be to deluge and overwhelm the application.
    • 公开了一种通过检查网络元件上的应用层消息来保护网络免受拒绝服务攻击的方法。 根据一个方面,当网络元件拦截包含应用层消息的数据分组时,网络单元从分组的有效载荷部分构造消息。 网络元素确定消息是否满足指定的条件。 标准可以指示例如涉嫌参与拒绝服务攻击的消息的特征。 如果消息满足指定的标准,则网络元素防止包含消息的数据包被消息所针对的应用程序接收。 例如,网元可以通过丢弃分组来实现。 因此,应用程序的主机不会浪费处理资源,因为消息的唯一目的可能是洪水和压倒应用程序。