Method and apparatus for recognizing and reacting to denial of service attacks on a computerized network
First Claim
1. A method for recognizing and refusing DoS and DDoS attacks on server systems of network providers and operators by means of an electronic intermediary device implemented in a computer network, wherein the electronic intermediary device contains a computer program for carrying out defense against the DoS and DDoS attacks, for each one of an IP connection request, performing the following steps:
- registering the IP connection request;
checking the validity of the registered IP connection request, and while the registered data packet is being checked for validity;
sending a periodic acknowledgement signal to preserve the network connection, and after receiving confirmation of the validity of the IP connection request;
forwarding a data packet associated with the IP connection request to a target system which was the subject of the IP connection request.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention refers to a procedure for recognizing and refusing attacks on server systems of network service providers and operators by means of an electronic intermediary device (4) installed on a computer network. This electronic intermediary device operates a computer program as well as a data carrier to realize the advantaged of the present invention. In addition, the present invention applies to any computer system connected to a network such as Internet (6), an intranet, a virtual private network and the like, regardless whether such network contains just one computer or many computers configured as a server computer (2) or as a client computer and also applies to a computer program product containing computer codes for recognizing and refusing attacks on server systems, and provides:
defense against DoS and DDoS attacks (flood attacks)
link level security,
examination of valid IP headers,
examination of the IP packet,
TCP/IP fingerprint protection,
blocking of each UDP network packet,
length restrictions of ICMP packets,
exclusion of specific external IP addresses,
packet-level firewall function, and
protection of reachable services of the target system.
The present invention thus guarantees a high degree of security and protection against DoS and DDoS attacks.
284 Citations
1 Claim
-
1. A method for recognizing and refusing DoS and DDoS attacks on server systems of network providers and operators by means of an electronic intermediary device implemented in a computer network, wherein the electronic intermediary device contains a computer program for carrying out defense against the DoS and DDoS attacks, for each one of an IP connection request, performing the following steps:
-
registering the IP connection request;
checking the validity of the registered IP connection request, and while the registered data packet is being checked for validity;
sending a periodic acknowledgement signal to preserve the network connection, and after receiving confirmation of the validity of the IP connection request;
forwarding a data packet associated with the IP connection request to a target system which was the subject of the IP connection request.
-
Specification
-
- Resources
-
Current AssigneeChristoph Geis, Eberhard Pausch, Thomas Soysal
-
Original AssigneeChristoph Geis, Eberhard Pausch, Thomas Soysal
-
InventorsGeis, Christoph, Soysal, Thomas, Pausch, Eberhard
-
Application NumberUS09/966,019Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current713/201CPC Class CodesH04L 63/1408 by monitoring network traff...H04L 63/1458 Denial of Service
