Overlay network for tracking denial-of-service floods in unreliable datagram delivery networks
US8234707B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 13, 2006 |
| Grant date | Jul 31, 2012 |
| Priority date | — |
| Expiry date | Mar 17, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/146
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An approach for tracking denial-of-service (DoS) flood attacks using an overlay IP (Internet Protocol) network is disclosed. One or more tracking routers form an overlay tracking network over the network of an Internet Service Provider (ISP). The ISP network includes numerous transit routers and edge routers. The tracking routers communicate directly with all the edge routers using IP tunnels. The edge routers within the ISP network perform security diagnostic functions, in part, to identify a DoS flood attack that has been launched by one or more attackers. To track down an attacker, an egress edge router identifies the DoS flood attack datagrams, rerouting these datagrams to the overlay tracking network. The tracking routers perform hop-by-hop input debugging to identify the ingress edge router associated with the source of the DoS flood attack.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.