Methods and systems for preventing socket flooding during denial of service attacks
US7069313B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 7, 2005 |
| Grant date | Jun 27, 2006 |
| Priority date | — |
| Expiry date | Mar 7, 2025 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/141
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A way of reducing the impact of denial of service attacks is presented. For each connection request received by a server, the server attempts to establish a connection to accommodate the corresponding request. For each connection request that the server cannot currently handle, the connection request is placed in a backlog queue for future handling. If one or more of the backlog queues have entries, connection sockets that have connections but no received request data are identified and disconnected. Such connection sockets would be highly suspect of being generated as a result of denial of service attacks. Upon disconnection, resources are freed for legitimate requests thereby improving server performance even during denial of service attacks.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.