Rate limiting data traffic in a network
First Claim
Patent Images
1. A network device, comprising:
- a receiver configured to receive data from a network; and
logic configured to;
detect an attack based on the received data, andtransmit first control information to at least one other network device in the network after detecting the attack, the first control information identifying a plurality of categories of data and rate limits associated with forwarding data for each of the plurality of categories.
1 Assignment
0 Petitions
Accused Products
Abstract
A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits may further be used to guarantee bandwidth for certain categories of data.
248 Citations
16 Claims
-
1. A network device, comprising:
-
a receiver configured to receive data from a network; and logic configured to; detect an attack based on the received data, and transmit first control information to at least one other network device in the network after detecting the attack, the first control information identifying a plurality of categories of data and rate limits associated with forwarding data for each of the plurality of categories. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A network device, comprising:
-
a receiver configured to; receive and forward data in a network, and receive first control information from at least one other network device, the first control information indicating that an attack has been detected; and logic configured to; classify data in one of a plurality of categories based on at least one parameter associated with the data, set different rate limits for at least two of the plurality of categories, and limit an amount of data that is forwarded based on the classifying. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system for responding to a network attack, comprising:
-
means for receiving first control information indicating that an attack has been detected; means for receiving data after the first control information has been received; means for classifying the received data in one of a plurality of categories based on at least one parameter associated with the received data; and means for filtering the classified data based on a rate limit associated with the corresponding category, wherein at least two of the plurality of categories have different rate limits. - View Dependent Claims (14)
-
-
15. A network device, comprising:
-
a receiver configured to; receive and forward data in a network, and receive first control information from at least one other network device, the first control information indicating that an attack has been detected; and logic configured to; identify a first category of data based on at least one parameter associated with the received data, and guarantee that at least a first amount of the identified data corresponding to the first category of data will be forwarded after the attack has been detected. - View Dependent Claims (16)
-
Specification