| 发明名称 |
DENIAL OF SERVICE (DOS) ATTACK DETECTION SYSTEMS AND METHODS |
| 摘要 |
Methods, systems, and apparatus that enable identification of network attacks such as denial of service attacks are disclosed. A network attack may be identified by monitoring packets received for delivery to devices on a network, and developing a historic packet profile by examining the monitored packets received during a number of time periods preceding an instant time period. An instant packet profile is developed by examining the monitored packets during the instant time period. The instant packet profile is compared to the historic packet profile to determine whether a deviation exceeding a predetermined statistical threshold deviation between the instant packet profile and the historic packet profile is present. The existence of a network attack is identified in response to determining that the deviation exceeds the predetermined statistical threshold deviation. |
| 申请公布号 |
US2015007314(A1) |
申请公布日期 |
2015.01.01 |
| 申请号 |
US201313929020 |
申请日期 |
2013.06.27 |
| 申请人 |
Cellco Partnership d/b/a Verizon Wireless |
发明人 |
Vaughan John F. |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method comprising:
monitoring packets received for delivery to devices on a network; developing a historic packet profile by examining the monitored packets received during a plurality of time periods preceding an instant time period; developing an instant packet profile by examining the monitored packets during the instant time period; comparing, by a processor, the instant packet profile to the historic packet profile to determine whether a deviation exceeding a predetermined statistical threshold deviation between the instant packet profile and the historic packet profile is present; and identifying, by the processor, existence of a network attack in response to determining that the deviation exceeds the predetermined statistical threshold deviation. |
| 地址 |
Basking Ridge NJ US |
