Patent · US Active

Network attack detection devices and methods

US8341742B2 · kind B2 · utility

2Cited by

0References

8Claims

0Family size

Assignee

National Taiwan University of Science and Technology · TW

Inventors

Hahn-Ming Lee · New Taipei, TW
Si-Yu Huang · Taipei, TW
Jerome Yeh · Taipei, TW
Ching-Hao Mao · Taipei, TW

Key dates

Filing date	Jul 16, 2010
Grant date	Dec 25, 2012
Priority date	—
Expiry date	May 18, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L61/4511
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A network attack detection device is provided, including a spatial coordinate database for storing spatial coordinate data; a standard time zone database for storing standard time zone data; a domain name system packet collector for collecting a domain name system packet; a spatial snapshot feature extractor for extracting internet protocol address corresponding to the domain name system packet according to the domain name system packet, and generating spatial feature data corresponding to the internet protocol address according to the internet protocol address, the spatial coordinate data and the standard time zone data; and an attack detector for determining whether the domain name system packet is an attack according to the spatial feature data and a spatial snapshot detection model, and when determining that the domain name system packet is an attack, sending a warning to indicate the attack.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.