发明名称 |
Detection of grid participation in a DDoS attack |
摘要 |
A method of, system for, and product for managing a denial of service attack in a multiprocessor environment comprising. The first step is establishing normal traffic usage baselines in the multiprocessor environment. Once the baseline is established the next step is monitoring outgoing traffic to detect a high proportion of packets being sent to a specific destination address, and a high number of outbound packets compared to said baseline. Next is monitoring ports and protocols to detect a high proportion of packets sent to a specific port, and a consistent use of a protocol for all packets for that port. If there is such consistent use of a protocol for all packets for that port as to evidence a denial of service attack, blocking measures are started to mitigate the apparent denial of service attack.
|
申请公布号 |
US8423645(B2) |
申请公布日期 |
2013.04.16 |
申请号 |
US20040940558 |
申请日期 |
2004.09.14 |
申请人 |
JEFFRIES CLARK DEBS;DANFORD ROBERT WILLIAM;ESCAMILLA TERRY DWAIN;HIMBERGER KEVIN DAVID;INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
JEFFRIES CLARK DEBS;DANFORD ROBERT WILLIAM;ESCAMILLA TERRY DWAIN;HIMBERGER KEVIN DAVID |
分类号 |
G06F15/173;G06F11/00;G06F12/16;G06F15/16;H04L29/06 |
主分类号 |
G06F15/173 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|