Packet data communications

US 20030172289A1
Filed: 12/11/2002
Published: 09/11/2003
Est. Priority Date: 06/30/2000
Status: Active Grant

First Claim

Patent Images

1. A method of managing data traffic received at a network node and destined therefor from a packet data communications network, said method comprising, at the network node, the steps of:

a) monitoring tracing data allowing the identity of at least one remote packet forwarding node in the network which is responsible for forwarding at least some of the received data traffic to the network node to be found; and

b) transmitting a request from the network node for the remote packet forwarding node to alter its handling of data traffic destined for the network node.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of managing a Denial of Service attack received at a network node from a packet data communications network, by tracing the path of predominantly malicious data packets arriving at the network node. The attack may be mitigated by selecting a router along the detected path and requesting the router to alter its handling of the data traffic. In one embodiment, the selected router installs a filter for data directed at the network node. In a different embodiment, the router alters a Quality of Service setting for the data directed at the network node. The network node may also request the router to mark all data being forwarded to it, to allow the network to characterise the data and determine to what exten it consists of malicious data.

Citations

21 Claims

1. A method of managing data traffic received at a network node and destined therefor from a packet data communications network, said method comprising, at the network node, the steps of:
- a) monitoring tracing data allowing the identity of at least one remote packet forwarding node in the network which is responsible for forwarding at least some of the received data traffic to the network node to be found; and
  
  b) transmitting a request from the network node for the remote packet forwarding node to alter its handling of data traffic destined for the network node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method according to claim 1, wherein the request is for the remote packet forwarding node to selectively alter the handling of data traffic directed at the network node.
  - 3. A method according to claim 1 or 2, wherein the request is to mark data traffic being forwarded with a characteristic allowing the data traffic being forwarded to be distinguished from data traffic being forwarded via a different path.
  - 4. A method according to claim 3, wherein the marking is carried out in a header field of data packets forming the data traffic, said header field containing data which is decremented by a packet forwarding node forwarding the packets.
  - 5. A method according to claim 1 or 2, wherein the request is to cause the remote packet forwarding node to reduce the amount of data traffic received at the network node.
  - 6. A method according to claim 5, wherein the request is for the remote packet forwarding node to filter out at least a proportion of the data traffic.
  - 7. A method according to claim 5, wherein the request is for the remote packet forwarding node to mark the data traffic such that the data traffic experiences a reduced Quality of Service in the communications network.
  - 8. A method according to any preceding claim, wherein the request is transmitted from the network node to an administrative entity for the domain in which the network node receives service from the communications network.
  - 9. A method according to claim 8, further comprising transmitting the request from the said administrative entity to a further administrative entity for the domain in which the remote packet forwarding node is located.

10. A method of managing data traffic received at a packet forwarding node in a packet data communications network, said method comprising, at the packet forwarding node, the steps of:
- a) forwarding data traffic destined for a network node towards that node;
  
  b) receiving a request from the network node for the remote packet forwarding node to alter its handling of data traffic destined for the network node; and
  
  c) altering the handling of traffic data at the remote packet forwarding node in accordance with the request.

11. A method of detecting a path of data traffic transmitted through a packet data communications network, said method comprising;
- (a) receiving data at a network node in the format of tracing data generated at packet forwarding nodes in the data communications network;
  
  (b) collating the said received data to detect potential paths of the received data traffic;
  
  (c) weighting the received data in dependence on an apparent distance of the packet forwarding node generating the tracing data from the said network node.
- View Dependent Claims (12, 13)
- - 12. A method in accordance with claim 11, wherein tracing data is in the form of tracing data packets and the apparent distance is indicated in a header field of the packets containing data which is decremented by a packet forwarding node forwarding the packets.
  - 13. A method in accordance with claim 11 or 12, comprising weighting the received data to favour tracing data generated at an apparently relatively close packet forwarding node.

14. A method of reducing congestion problems experienced by a network node by altering the handling of data traffic at a packet forwarding node in a packet data communications network, said method comprising, at the packet forwarding node, the steps of:
- (a) receiving said traffic data at said packet forwarding node; and
  
  (b) reducing a Quality of Service setting for the received traffic data, such that the traffic data is more likely to be dropped by the subsequent packet forwarding nodes in the communications network to which the traffic data is forwarded.
- View Dependent Claims (15, 16, 17, 18)
- - 15. A method according to claim 14, comprising detecting data traffic directed towards said network node, and selectively reducing a Quality of Service setting for the said detected data traffic.
  - 16. A method in accordance with claim 14 or 15, comprising performing said reducing step selectively in response to the receipt of a request from a network entity.
  - 17. A method in accordance with claim 16, wherein said request is originated at said network node.
  - 18. A method according to claim 16 or 17, wherein the received request is received in accordance with a secure mechanism characteristic of a network entity trusted by the packet forwarding node.

19. A method of transmitting traceback data from a packet forwarding node in a packet data communications network, said method comprising transmitting said traceback data periodically in accordance with a selected probability, wherein said selected probability is variable.
- View Dependent Claims (20, 21)
- - 20. A method according to claim 19, wherein said selected probability is variable in accordance with a request received from a network node attempting to perform a traceback analysis of said traceback data.
  - 21. A method according to claim 20, wherein said selected probability is increased in response to unusual traffic patterns detected at said network node.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
British Telecommunications PLC (BT Group PLC)
Original Assignee
British Telecommunications PLC (BT Group PLC)
Inventors
Soppera, Andrea

Granted Patent

US 7,367,054 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/200
CPC Class Codes

H04L 2463/146   Tracing the source of attacks

H04L 63/0823   using certificates cryptogr...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1458   Denial of Service

Packet data communications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Packet data communications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links