Determination of message source in network communications
First Claim
1. A method comprising:
- generating information, at first and second points of a network, about unwanted communications that are adapted to substantially reduce the ability of a target device to respond to other communications; and
analyzing the information generated at the first and second points to identify which of the points first carried the unwanted communications.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for determining the source, on a network, of unwanted messages generated by a malicious agent, toward a target device such as a web server. The malicious agent directs one or more computers on a sub network to direct a flood of communications toward the server on a second sub network designed to substantially reduce the ability of the server to respond to other communications. Messages passing through points on a path between the malicious agent computers and the server are monitored for indicia of messages uncharacteristic of normal network communication. The first point along the path that the unwanted messages pass through is identified. A network device at that point is instructed to block portion of communications passing through that point.
88 Citations
34 Claims
-
1. A method comprising:
-
generating information, at first and second points of a network, about unwanted communications that are adapted to substantially reduce the ability of a target device to respond to other communications; and
analyzing the information generated at the first and second points to identify which of the points first carried the unwanted communications. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method comprising:
-
identifying a source sub-network of unwanted communications that are adapted to substantially reduce the ability of a target device on a network to respond to other communications, the source sub-network connected to the network through an interface device; and
blocking communications passing through the interface device. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A system comprising:
-
first and second interface devices for detecting and generating information about unwanted messages directed to a target device; and
a communications analyzer for analyzing the information generated at the first and second interface devices to identify which of the interface devices first carried the unwanted communications. - View Dependent Claims (21, 22, 23)
-
-
24. A system comprising:
-
a communications monitor for detecting and generating information about unwanted messages originating on a first network and directed to a target device on a second network; and
a gating module for blocking messages passing from the first network to the second network. - View Dependent Claims (25, 26, 27, 28, 29, 30)
-
-
31. A computer program embodied in a computer readable medium, the program capable of configuring a computer to:
-
generate information, at first and second points of a network, about unwanted communications that are adapted to substantially reduce the ability of a target device to respond to other communications; and
analyze the information generated at the first and second points to identify which of the points first carried the unwanted communications. - View Dependent Claims (32)
-
-
33. A computer program embodied in a carrier wave, the program capable of configuring a computer to:
-
generate information, at first and second points of a network, about unwanted communications that are adapted to substantially reduce the ability of a target device to respond to other communications; and
analyze the information generated at the first and second points to identify which of the points first carried the unwanted communications. - View Dependent Claims (34)
-
Specification