Patent · US Active

Systems and methods for monitoring and mitigating network attacks

US10341364B2 · kind B2 · utility

0Cited by

5References

42Claims

0Family size

Assignee

Corero Networks Security, Inc. · US

Inventors

Thomas J. Teixeira · Harvard, US
Thomas C. Porcher · Stow, US

Key dates

Filing date	Feb 29, 2016
Grant date	Jul 2, 2019
Priority date	—
Expiry date	Jun 2, 2037

Classification

Technology area (CPC H)Electricity
CPC primaryH04L69/22
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

In a system for detecting and optionally blocking packets from an attacker, an improved multi-hash process, in which rate information for one or more packet signatures is computed by individual modules, where each module corresponds to a different hash function, and is shared across the modules to determine maximum observed rates for the signatures within a specified observation window. A moving average of the maximum rates can be computed across several observation windows, to optimize false negative and false positive detections. The modules may designate certain packets as potentially harmful and/or may block such packets, according to a corresponding maximum rate and specified threshold.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.