×

TECHNIQUES FOR TRAFFIC DIVERSION IN SOFTWARE DEFINED NETWORKS FOR MITIGATING DENIAL OF SERVICE ATTACKS

  • US 20130333029A1
  • Filed: 06/10/2013
  • Published: 12/12/2013
  • Est. Priority Date: 06/11/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method for mitigating of denial of service (DoS) attacks in a software defined network (SDN), comprising:

  • receiving a DoS attack indication performed against at least one destination server;

    programming each network element in the SDN to forward a packet based on a diversion value designated in a packet diversion field, upon reception of the DoS attack indication;

    instructing at least one peer network element in the SDN to mark a diversion field in each packet in the incoming traffic addressed to the destination server, wherein each network element in the SDN receiving the packet with the marked diversion field is programmed to divert the packet to a security server; and

    instructing edge network elements in the SDN to unmark the diversion field of each packet output by the security server, wherein each network element in the SDN is programmed to forward the unmarked packets processed by the security server to the at least one destination server.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×