| 发明名称 |
TCP connection resource diversity using tunable geometric series |
| 摘要 |
Disclosed is a computer implemented method and apparatus for handling transport control protocol connections. The local host receives a transport control protocol socket connection request from a host. By subtracting a current port connection from maximum port connections to form a difference, the local host calculates the threshold based the difference divided by the tunable divisor, the tunable divisor not equal to one. The local host then determines whether the current port connections exceed the threshold. By responding to a determination that the current port connections exceed the threshold, the local host blocks the transport control protocol socket request based on the TCP socket connection request. |
| 申请公布号 |
US9369485(B2) |
申请公布日期 |
2016.06.14 |
| 申请号 |
US201514966600 |
申请日期 |
2015.12.11 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Cabrera Escandell Marco A.;McLane Tommy L. |
| 分类号 |
H04L12/56;H04L29/06;H04L12/931;H04L12/803 |
主分类号 |
H04L12/56 |
| 代理机构 |
|
代理人 |
Josephs Damion;Rolnik Robert C. |
| 主权项 |
1. A computer implemented method for handling transport control protocol connections, the method comprising:
receiving a first transport control protocol (TCP) socket connection request from a host; subtracting a first current port connections from a maximum port connections to form a first difference; calculating a threshold based on the first difference divided by a tunable divisor; determining whether the first current port connections exceeds the threshold; blocking the first transport control protocol socket connection request; counting a blocked TCP socket connection; determining whether a count of logged blocked TCP socket connections exceed an attacker threshold during a ramp-up period; responsive to a determination that the count of number of logged blocked TCP socket connections exceed an attacker threshold during a ramp-up period, incrementing the divisor; counting an absence of a blocked TCP socket connection during a cool-off period; decrementing the divisor; recalculating the threshold based on a second current port connections subtracted from the maximum port connections, to form a second difference, dividing the second difference by the divisor; and determining that the second current port connections do not exceed the threshold, and in response, allowing a second TCP socket connection request to form a connection to the host, wherein the threshold is larger than the threshold prior to recalculating. |
| 地址 |
Armonk NY US |
