| 发明名称 |
DISTRIBUTED DISABILITY-OF-SERVICE ATTACK PREVENTING METHOD, GATE DEVICE, COMMUNICATION DEVICE, AND PROGRAM |
| 摘要 |
<p><P>PROBLEM TO BE SOLVED: To limit the transmission band of offensive traffic of a distributed disability- of-service (DDoS) attack while securing the communication traffic of regular users. <P>SOLUTION: When the suspicious offensive packet of the DDoS attack is detected, a gate device 2001 reports the transmission band limit value of the suspicious offensive packet to upstream communication devices 2002 and 2003. While limiting the transmission band of the suspicious offensive packet to the received transmission band limit value, the upstream communication devices 2002 and 2003 repeatedly report the transmission band limit value to further upstream communication devices up to the upper- most stream, and each communication device limits the transmission band of the suspicious offensive packet. After the lapse of a fixed time, each upstream communication device reports the input transmission band value of the suspicious offensive packet to downstream communication devices in the recursive manner. The gate device 2001 calculates a transmission band limit adjusted value from the ratio of total input transmission bands and each communication device reports the transmission band limit adjusted value to the lower-most stream communication device in the recursive manner and adjusts the transmission band limit. <P>COPYRIGHT: (C)2004,JPO</p> |
| 申请公布号 |
JP2003283572(A) |
申请公布日期 |
2003.10.03 |
| 申请号 |
JP20020081906 |
申请日期 |
2002.03.22 |
| 申请人 |
NIPPON TELEGR & TELEPH CORP <NTT> |
发明人 |
FUJI HITOSHI;KASHIWA MASARU;ERIC CHEN |
| 分类号 |
G06F13/00;H04L12/46;H04L12/66;H04L12/801;H04L12/813;H04L12/827;H04L12/911;(IPC1-7):H04L12/66 |
主分类号 |
G06F13/00 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
