×

Apparatus and method for using a network processor to guard against a "denial-of-service" attack on a server or server cluster

  • US 20030023733A1
  • Filed: 07/26/2001
  • Published: 01/30/2003
  • Est. Priority Date: 07/26/2001
  • Status: Active Grant
First Claim
Patent Images

1. Apparatus comprising:

  • a network resource server having at least one computer system comprising a central processing unit and server memory; and

    a network processor coupled to said network resource server comprising;

    a plurality of interface processors;

    instruction memory for storing instructions accessibly to said interface processors;

    data memory for storing data passing through said network processor to and from said network resource server accessibly to said interface processors; and

    a plurality of input/output ports;

    one of said input/output ports adapted for exchanging data passing through said network processor with an external network under the direction of said interface processors;

    at least one other of said input/output ports adapted for exchanging data passing through said network processor with said network resource server;

    said network processor and said network resource server cooperating in directing the exchange of data between said input/output ports and the flow of data through said data memory to and from said network resource server in response to execution by said interface processors of instructions loaded into said instruction memory;

    said network processor further comprising at least one rate monitor for monitoring the rate of data flow addressed to said network resource server, at least one of said interface processors comprising a component for computing a derivative of data flow rate over time to determine the rate of change of data flow, and at least one modifier for modifying the instructions loaded into said instruction memory in response to the determined rate of change.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×