Zero hop algorithm for network threat identification and mitigation
US7596808B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 30, 2004 |
| Grant date | Sep 29, 2009 |
| Priority date | — |
| Expiry date | Feb 12, 2027 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/145
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method, system, apparatus, and computer-readable medium to enable a set of security device interfaces within a broadcast domain to identify and mitigate attacks. For each address of a device communicating within the broadcast domain, a responsible interface is determined by a zero hop ownership determination algorithm. The algorithm operates by counting a respective number of replies observed by each of multiple interfaces. Each reply is made in response to a respective request for one address. A responsible interface is assigned to the one address using the respective number of replies observed by each respective interface. The algorithm approximates the security device interface physically closest to the address in question without querying the switches themselves and without requiring the security device interface to be in-line on the network.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.