Protecting against distributed denial of service attacks
First Claim
Patent Images
1. A method for authenticating packet communication traffic, comprising:
- receiving a data packet sent over a network from a source address to a destination address;
reading from the packet a value of a field that is indicative of a number of hops traversed by the packet since having been sent from the source address; and
assessing authenticity of the source address responsive to the value.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for authenticating packet communication traffic includes receiving a data packet sent over a network from a source address to a destination address and reading from the packet a value of a field that is indicative of a number of hops traversed by the packet since having been sent from the source address. The authenticity of the source address is assessed responsive to the value.
114 Citations
60 Claims
-
1. A method for authenticating packet communication traffic, comprising:
-
receiving a data packet sent over a network from a source address to a destination address;
reading from the packet a value of a field that is indicative of a number of hops traversed by the packet since having been sent from the source address; and
assessing authenticity of the source address responsive to the value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
- 21. Apparatus for authenticating packet communication traffic, comprising a guard device, which is adapted to receive a data packet sent over a network from a source address to a destination address, to read from the packet a value of a field that is indicative of a number of hops traversed by the packet since having been sent from the source address, and to assess authenticity of the source address responsive to the value.
- 41. A computer software product for authenticating packet communication traffic, the product comprising a computer-readable medium in which program instructions are stored, which instructions, when read by a computer, cause the computer to receive a data packet sent over a network from a source address to a destination address, to read from the packet a value of a field that is indicative of a number of hops traversed by the packet since having been sent from the source address, and to assess authenticity of the source address responsive to the value.
Specification