| 发明名称 | Systems and methods for detecting and preventing flooding attacks in a network environment | ||
| 摘要 | A method for processing network traffic data includes receiving a packet, and determining whether the packet or a session of the packet is associated with a flooding attack. Some embodiments are implemented on network switching devices. | ||
| 申请公布号 | US9065847(B2) | 申请公布日期 | 2015.06.23 |
| 申请号 | US201414282876 | 申请日期 | 2014.05.20 |
| 申请人 | Fortinet, Inc. | 发明人 | Wei Shaohong;Duan Gang;Chen Zhong Qiang;Xie Bing |
| 分类号 | G06F12/14;H04L29/06;H04L12/24;H04L1/18;H04L12/26 | 主分类号 | G06F12/14 |
| 代理机构 | Schwegman Lundberg & Woessner, P.A. | 代理人 | Schwegman Lundberg & Woessner, P.A. |
| 主权项 | 1. A method for processing network traffic content performed on a network switching device, comprising: receiving, via a network interface of the network switching device, a packet associated with a new network traffic session; identifying, on the network switching device, one or more Internet Protocol (IP) addresses associated with the new network traffic session; determining, on the network switching device, a number of concurrent sessions associated with at least one of the one or more IP address associated with the new network traffic session; and when the determined number of concurrent sessions is greater than a concurrent IP address session threshold, performing flooding attack mitigation processing at least in part on the network switching device, wherein the concurrent IP address session threshold is learned based on processing of stored packet history log data that determines the concurrent IP address session threshold. | ||
| 地址 | Sunnyvale CA US | ||