Protecting a network from unauthorized access
First Claim
Patent Images
1. A node for use in communications between a first network and an external network, comprising:
- a storage module to store a threshold value for a communications session, the threshold value representing an acceptable rate of incoming data units from the external network to the first network; and
a controller to deny further entry of data units from the external network to the first network in the communications session and to generate a report of an attack from the external network in response to the controller detecting that the rate of incoming data units exceeds the threshold value,the storage module to further store address information, wherein the controller is to compare a source address of a particular incoming data unit with the address information stored in the system and to deny further entry of the particular incoming data unit if the source address does not match the address information stored in the system.
12 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus of protecting a first network from unauthorized access includes storing profile information for each call session, and determining if an unauthorized access of the first network is occurring based on the profile information. The profile information includes a predetermined threshold indicating a maximum acceptable rate of incoming data units from an external network to the first network. If the incoming data unit rate exceeds the predetermined threshold, then a security action is taken, such as generating an alarm or preventing further transport of data units from the external network to the first network.
43 Citations
11 Claims
-
1. A node for use in communications between a first network and an external network, comprising:
-
a storage module to store a threshold value for a communications session, the threshold value representing an acceptable rate of incoming data units from the external network to the first network; and a controller to deny further entry of data units from the external network to the first network in the communications session and to generate a report of an attack from the external network in response to the controller detecting that the rate of incoming data units exceeds the threshold value, the storage module to further store address information, wherein the controller is to compare a source address of a particular incoming data unit with the address information stored in the system and to deny further entry of the particular incoming data unit if the source address does not match the address information stored in the system. - View Dependent Claims (2, 3, 4)
-
-
5. A method of protecting a first network, comprising
determining if a rate of incoming data units from an external network to the first network exceeds a predetermined threshold in a given call session; -
performing a security action if the determined rate of incoming data units exceeds the predetermined threshold, wherein performing the security action comprises generating a report that an attack is occurring; and storing plural thresholds for corresponding plural call sessions, wherein the predetermined threshold is one of the plural thresholds. - View Dependent Claims (6, 7)
-
-
8. An article comprising at least one non-transitory machine-readable storage medium containing instructions for protecting a first network, the instructions when executed causing a node to:
-
determine if a rate of incoming data units from an external network to the first network exceeds a predetermined threshold in a given call session; perform a security action if the determined rate of incoming data units exceeds the predetermined threshold; and calculate the predetermined threshold based at least in part on a frame size used in the call session. - View Dependent Claims (9, 10, 11)
-
Specification