Patent · US Active

Detection of grid participation in a DDoS attack

US8423645B2 · kind B2 · utility

9Cited by

5References

12Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Clark Debs Jeffries · Durham, US
Robert Danford · Raleigh, US
Terry Dwain Escamilla · Boulder, US
Kevin D. Himberger · Durham, US

Key dates

Filing date	Sep 14, 2004
Grant date	Apr 16, 2013
Priority date	—
Expiry date	Mar 3, 2032

Classification

Technology area (CPC Y)Emerging Cross-Sectional Technologies
CPC primaryY02D10/00
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method of, system for, and product for managing a denial of service attack in a multiprocessor environment comprising. The first step is establishing normal traffic usage baselines in the multiprocessor environment. Once the baseline is established the next step is monitoring outgoing traffic to detect a high proportion of packets being sent to a specific destination address, and a high number of outbound packets compared to said baseline. Next is monitoring ports and protocols to detect a high proportion of packets sent to a specific port, and a consistent use of a protocol for all packets for that port. If there is such consistent use of a protocol for all packets for that port as to evidence a denial of service attack, blocking measures are started to mitigate the apparent denial of service attack.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.