Patent · US Active

Means of mitigating denial of service attacks on IP fragmentation in high performance IPSEC gateways

US8688979B2 · kind B2 · utility

0Cited by

37References

16Claims

0Family size

Assignees

VERIZON CORPORATE SERVICES GROUP INC. · US
RAYTHEON BBN TECHNOLOGIES CORP. · US

Inventors

Craig Partridge · Corona, US
Walter Clark Milliken · Dover, US
David Patrick Mankins · Cambridge, US

Key dates

Filing date	Mar 4, 2011
Grant date	Apr 1, 2014
Priority date	—
Expiry date	Mar 4, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/164
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Embodiments of the invention reduce the probability of success of a DOS attack on a node receiving packets by decreasing the probability of random collisions of packets sent by a malicious user with those sent by honest users. The probability of random collisions may be reduced in one class of embodiments of the invention by supplementing the identification field of the IP header of each transmitted packet with at least one bit from another field of the header. The probability of random collisions may be reduced in another class of embodiments of the invention by ensuring that packets sent from a transmitting IPsec node to a receiving IPsec node are not fragmented.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.