Method and system for detecting denial-of-service attack
1 Assignment
0 Petitions
Accused Products
Abstract
A monitoring device monitors a packet transmitted to a communication device that is a target of the denial-of-service attack, and detects traffic abnormality information indicating an abnormality of traffic due to the packet with respect to the communication device. A performance measuring device measures performance of the communication device, and detects performance abnormality information indicating an abnormality of throughput of the communication device. An attack determining device determines whether the communication device received the denial-of-service attack, based on the traffic abnormality information and the performance abnormality information.
61 Citations
30 Claims
-
1-15. -15. (canceled)
-
16. A denial-of-service attack detecting system for detecting a denial-of-service attack on a communication device, the denial-of-service attack detecting system comprising:
-
a monitoring device that monitors a packet transmitted to a communication device that is a target of the denial-of-service attack;
a performance measuring device that measures performance of the communication device; and
an attack determining device that performs communication with the monitoring device and the performance measuring device, wherein the monitoring device includes a traffic abnormality detecting unit that detects traffic abnormality information indicating an abnormality of traffic due to the packet with respect to the communication device, the performance measuring device includes a performance abnormality detecting unit that detects performance abnormality information indicating an abnormality of throughput of the communication device, and the attack determining device includes an effects determining unit that determines whether the communication device received the denial-of-service attack, based on the traffic abnormality information and the performance abnormality information. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A method of detecting a denial-of-service attack on a communication device by using a monitoring device that monitors a packet transmitted to a communication device that is a target of the denial-of-service attack, a performance measuring device that measures performance of the communication device, and an attack determining device that performs communication with the monitoring device and the performance measuring device, the method comprising:
-
traffic abnormality detecting including the monitoring device detecting traffic abnormality information indicating an abnormality of traffic due to the packet with respect to the communication device;
performance abnormality information detecting including the performance measuring device detecting performance abnormality information indicating an abnormality of throughput of the communication device; and
effects determining including the attack determining device determining whether the communication device received the denial-of-service attack, based on the traffic abnormality information and the performance abnormality information. - View Dependent Claims (29, 30)
-
Specification