Method and apparatus for dynamically isolating affected services under denial of service attack
US7739736B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 22, 2005 |
| Grant date | Jun 15, 2010 |
| Priority date | — |
| Expiry date | Apr 15, 2029 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1458
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method for controlling consumption of resources by a packet destination involves receiving a plurality of packets from a network, identifying the packet destination consuming greater than a pre-determined amount of resources to process the plurality of packets, analyzing each of the plurality of packets by a classifier to determine to which of a plurality of temporary data structures each of the plurality of packet is forwarded, forwarding each of the plurality of packets to one of the plurality of temporary data structures as determined by the classifier, requesting a number of packets from the one of the plurality of temporary data structures associated with the packet destination by the virtual serialization queue, wherein the number of packets is limited by an attack control parameter associated with the virtual serialization queue, and forwarding the number of packets to the virtual serialization queue.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.