RATE LIMITING DATA TRAFFIC IN A NETWORK
0 Assignments
0 Petitions
Accused Products
Abstract
A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits may further be used to guarantee bandwidth for certain categories of data.
-
Citations
62 Claims
-
1-42. -42. (canceled)
-
43. A method comprising:
-
identifying, by a network device, a transmission associated with a denial of service attack in a network; determining, by the network device, a source of the transmission based on one or more characteristics of data associated with the transmission and based on a topology of the network; determining, based on the topology of the network, a location in the network between the network device and the source; and forwarding, by the network device, instructions to rate limit, at the location, additional data received from the source. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50)
-
-
51. A device comprising:
-
a memory to store instructions; and a processor to; receive a transmission passing through a network associated with the device; determine a source of the transmission based on one or more characteristics of data associated with the transmission and based on a topology of the network; determine, based on the topology of the network, a location in the network between the device and the source; and rate limit, at the location, additional data received from the source. - View Dependent Claims (52, 53, 54, 55, 56, 57, 58)
-
-
59. A non-transitory computer-readable medium storing instructions executable by a computer device, the instructions comprising:
-
one or more instructions to receive transmissions via a network associated with the computer device, where the transmissions are associated with a denial of service attack; one or more instructions to identify on one or more characteristics of data included in the transmissions; one or more instructions to determine sources associated with the transmissions based on the one or more characteristics of data associated with the transmissions and based on a topology of the network; one or more instructions to determine, based on the topology of the network, a location in the network between the computer device and the sources; and one or more instructions to rate limit, at the location, additional data received from the sources, where the additional data is transmitted after receiving the transmissions. - View Dependent Claims (60, 61, 62)
-
Specification