发明名称 |
BEHAVIOR-BASED TRAFFIC DIFFERENTIATION (BTD) FOR DEFENDING AGAINST DISTRIBUTED DENIAL OF SERVICE(DDoS) ATTACKS |
摘要 |
Embodiments are directed toward a method for Behavior-based Traffic Differentiation (BTD) that initially receives incoming packets and performs traffic classification to determine the protocol of the incoming packets. In addition, BTD performs bandwidth division/allocation to further support traffic classification amongst non-TCP traffic types such as UDP and ICMP. For TCP traffic, the method for BTD determines whether a TCP connection has been established and performs at least one of rate limiting, waiting time reduction for half-open connections, and incrementing backlog queue size, when the TCP connection has not been established. If the TCP connection has been established successfully, the method for BTD further includes proactive tests for traffic differentiation which identify normal traffic, which is admitted, and attack traffic, which is dropped. |
申请公布号 |
WO2007103864(A3) |
申请公布日期 |
2008.09.25 |
申请号 |
WO2007US63296 |
申请日期 |
2007.03.05 |
申请人 |
NEW JERSEY INSTITUTE OF TECHNOLOGY;GAO, ZHIQIANG;ANSARI, NIRWAN |
发明人 |
GAO, ZHIQIANG;ANSARI, NIRWAN |
分类号 |
G06F11/00;G06F11/14;G06F12/16;G06F15/18;G08B23/00 |
主分类号 |
G06F11/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|