| 发明名称 |
DISTRIBUTED DENIAL OF SERVICE ATTACK PREVENTING METHOD, GATE DEVICE, COMMUNICATION DEVICE, AND PROGRAM |
| 摘要 |
<p><P>PROBLEM TO BE SOLVED: To limit the transmission band of offensive traffic for a distributed denial of service (DDoS) attack while securing communication traffic for regular users. <P>SOLUTION: When the suspicious offensive packet of the DDoS attack is detected, a gate device 2001 transmits the suspicious signature and the regular condition of the suspicious offensive packet to upstream communication devices 2002 and 2003. Each of the communication devices 2002 and 2003 cancels the transmission band limitation of the packet identified from the regular condition and a regular signature created based upon the suspicious signature while limiting the transmission band of the packet identified from the suspicious signature. Further, each of the communication devices 2003 and 2003 transmits the suspicious signature and the regular condition to further upstream communication devices to report the suspicious signature and the regular condition to the upper- most stream communication device in the recursive manner and each communication device further limits the band by detecting the offensive packet from the suspicious offensive packets while implementing the band limitation of the suspicious offensive packet. <P>COPYRIGHT: (C)2004,JPO</p> |
| 申请公布号 |
JP2003283554(A) |
申请公布日期 |
2003.10.03 |
| 申请号 |
JP20020081904 |
申请日期 |
2002.03.22 |
| 申请人 |
NIPPON TELEGR & TELEPH CORP <NTT> |
发明人 |
KASHIWA MASARU;ERIC CHEN;FUJI HITOSHI |
| 分类号 |
H04L12/911;H04L12/46;H04L12/66;H04L12/741;H04L12/801;H04L12/851;H04L12/923;(IPC1-7):H04L12/56 |
主分类号 |
H04L12/911 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
