Patent · US Expired

Apparatus and method for using a network processor to guard against a “denial-of-service” attack on a server or server cluster

US7047303B2 · kind B2 · utility

39Cited by

36References

28Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

C. Steven Lingafelt · Durham, US
Daniel McConnell · Raleigh, US
Francis Noel · Durham, US
Charles Joseph Sannipoli · Raleigh, US

Key dates

Filing date	Jul 26, 2001
Grant date	May 16, 2006
Priority date	—
Expiry date	Aug 2, 2023

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/1001
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A system comprising a network resource server or a server farm formed by a plurality of computer systems and a network processor which transfers data exchanged with an external network supported by the server farm at a data rate substantially the same as the data flow rate of the network and related method. The network processor protects the network resource server against attacks such as a denial of service attack by monitoring data flow, computing a derivative of the data flow over time to determine the rate of change of data flow, and modifying instructions for the discarding of packets in response to rates of change which are outside predetermined boundaries.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.