Monitoring network traffic denial of service attacks
First Claim
1. A data collector comprises:
- a device to sample packet traffic, accumulate, and collect statistical information about network flow; and
a port to link the data collectors over a redundant network to a central control center.
21 Assignments
0 Petitions
Accused Products
Abstract
A system architecture for thwarting denial of service attacks on a victim data center is described. The system includes a first plurality of monitors that monitor network traffic flow through the network. The first plurality of monitors is disposed at a second plurality of points in the network. The system includes a central controller that receives data from the plurality of monitors, over a hardened, redundant network. The central controller analyzes network traffic statistics to identify malicious network traffic. In some embodiments of the system, a gateway device is disposed to pass network packets between the network and the victim site. The gateway is disposed to protect the victim site, and is coupled to the control center by the redundant hardened network.
162 Citations
21 Claims
-
1. A data collector comprises:
-
a device to sample packet traffic, accumulate, and collect statistical information about network flow; and
a port to link the data collectors over a redundant network to a central control center. - View Dependent Claims (10)
-
-
2. A data collector to sample packet traffic, accumulate, and collect statistical information about network flows comprises:
-
a computing device that executes a computer program product stored on a computer readable medium comprising instructions to cause the computing device to;
perform sampling and statistic collection of data pertaining to network packets; and
parse the information in the sampled packets and maintain the information in a log; and
a port to link the data collectors over a redundant network to a central control center. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9)
-
-
11. A method of collecting data from sampled network traffic, pertaining to network traffic flows comprises:
-
sampling the network traffic and generating statistics pertaining to the sampled network packets; and
communicating the generated statistics over a redundant network to a central control center. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer program product residing on a computer readable medium for controlling a data collector to sample packet traffic, accumulate, and collect statistical information about network flows comprises instructions for causing the data collector to:
-
perform sampling and statistic collection of data pertaining to network packets;
parse the information in the sampled packets and maintain the information in a log; and
communicate statistics generated by the data collector to a central control center over a redundant network.
-
Specification