Mitigating denial-of-service attacks using frequency domain techniques

US 20040037326A1
Filed: 08/21/2002
Published: 02/26/2004
Est. Priority Date: 08/21/2002
Status: Active Grant

First Claim

Patent Images

1. A method of mitigating a packet flooding attack on a system in a communications network, the method comprising the steps of:

a) producing, responsive to packets of a packet flooding attack arriving at the system at a detectable frequency, a pulsed signal of that frequency;

b) aligning the phase of the pulsed signal with the arrival of the packets of the packet flooding attack; and

c) dropping, from the system, packets that arrive during pulses of the pulsed signal.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus for mitigating denial of service attacks in a communications network are described. Frequency domain techniques such as Fourier Transform are used to detect packet flooding in which a frequency spectrum reveals a periodic pattern to the attack packets. A pulse generator is used to create pulses having the frequency and phase of the periodic pattern. New packets arriving simultaneously with the created pulses are dropped from the system and packets which are not synchronized with the pulse generator are passed through the system normally.

Citations

12 Claims

1. A method of mitigating a packet flooding attack on a system in a communications network, the method comprising the steps of:
- a) producing, responsive to packets of a packet flooding attack arriving at the system at a detectable frequency, a pulsed signal of that frequency;
  
  b) aligning the phase of the pulsed signal with the arrival of the packets of the packet flooding attack; and
  
  c) dropping, from the system, packets that arrive during pulses of the pulsed signal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11, 12)
- - 2. The method as defined in claim 1 wherein the step c) of dropping comprises dropping all packets that arrive during pulses of the pulsed signal.
  - 3. The method as defined in claim 1 wherein the step c) of dropping comprises dropping only packets belonging to a predetermined group of packet types and that arrive during pulses of the pulsed signal.
  - 4. The method as defined in claim 1 wherein the packets include repeated single packets with a recognizable signature.
  - 5. The method as defined in claim 1 wherein the group of packet types includes Internet Protocol SYN and ICMP packet types.
  - 6. The method as defined in claim 1 wherein the step b) of aligning comprises phase locking the pulsed signal to the arrival of packets of the packet flooding attack.
  - 7. The method as defined in claim 2 wherein the step b) of aligning comprises phase locking the pulsed signal to the arrival of packets of the packet flooding attack.
  - 8. The method as defined in claim 3 wherein the step b) of aligning comprises phase locking the pulsed signal to the arrival of packets of the packet flooding attack.
  - 9. The method as defined in claim 4 wherein the step b) of aligning comprises phase locking the pulsed signal to the arrival of packets of the packet flooding attack.
  - 11. The apparatus as defined in claim 9 wherein the means to produce a pulsed signal is a pulse generator.
  - 12. The apparatus as defined in claim 9 wherein a phase lock loop is used to control dropping of the packets.

10. An apparatus for mitigating a packet flooding attack on a system in a communications network, the apparatus comprising:
- means to produce, responsive to packets of a packet flooding attack arriving at the system at a detectable frequency, a pulsed signal of that frequency;
  
  means to align the phase of the pulsed signal with the arrival of the packets of the packet flooding attack; and
  
  means to drop, from the system, packets that arrive during pulses of the pulsed signal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Piece Future Pte., Ltd.
Original Assignee
Alcatel-Lucent Canada Incorporated (Nokia Corporation)
Inventors
DʼSouza, Scott, Kierstead, Paul

Granted Patent

US 7,190,671 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/516
CPC Class Codes

H04L 63/1458 Denial of Service

Mitigating denial-of-service attacks using frequency domain techniques

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Mitigating denial-of-service attacks using frequency domain techniques

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links