| 发明名称 | Systems and methods for detecting and preventing flooding attacks in a network environment | ||
| 摘要 | A method for processing network traffic data includes receiving a packet, and determining whether the packet is a previously dropped packet that is being retransmitted. A method for processing network traffic content includes receiving a plurality of headers, the plurality of headers having respective first field values, and determining whether the first field values of the respective headers form a first prescribed pattern. A method for processing network traffic content includes receiving a plurality of packets, and determining an existence of a flooding attack without tracking each of the plurality of packets with a SYN bit. | ||
| 申请公布号 | US9049220(B2) | 申请公布日期 | 2015.06.02 |
| 申请号 | US201314067575 | 申请日期 | 2013.10.30 |
| 申请人 | Fortinet, Inc. | 发明人 | Wei Shaohong;Duan Gang;Chen Zhong Qiang;Xie Bing |
| 分类号 | G06F12/14;H04L29/06;H04L12/24;H04L1/18;H04L12/26 | 主分类号 | G06F12/14 |
| 代理机构 | Schwegman Lundberg & Woessner, P.A. | 代理人 | Schwegman Lundberg & Woessner, P.A. |
| 主权项 | 1. A method for processing network traffic data comprising: receiving a packet to initiate a new session from an Internet Protocol (IP) address; determining a concurrent session counter N for active concurrent sessions associated with the IP address; comparing the concurrent session counter N for active concurrent sessions associated with the IP address with a prescribed concurrent session threshold T; allowing the packet to pass when the concurrent session counter N for active concurrent sessions associated with the IP address is less than the prescribed concurrent session threshold T (N<T); and classifying the packet as possibly associated with a flooding attack when the concurrent session counter N for active concurrent sessions associated with the IP address is greater than or equal to the prescribed concurrent session threshold T (N>=T). | ||
| 地址 | Sunnyvale CA US | ||