Detecting and preventing flooding attacks in a network environment
First Claim
Patent Images
1. A computer-implemented method for processing network traffic data in a gateway device for a computer network, the method comprising the steps of:
- receiving a packet;
identifying whether the packet complies with a protocol having a retransmission protocol;
responsive to the packet complying, determining whether the packet is a previously dropped packet that is being retransmitted according to the retransmission protocol; and
dropping the packet responsive to the packet not being a retransmission of a previously dropped packet.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for processing network traffic data includes receiving a packet, and determining whether the packet is a previously dropped packet that is being retransmitted. A method for processing network traffic content includes receiving a plurality of headers, the plurality of headers having respective first field values, and determining whether the first field values of the respective headers form a first prescribed pattern. A method for processing network traffic content includes receiving a plurality of packets, and determining an existence of a flooding attack without tracking each of the plurality of packets with a SYN bit.
45 Citations
10 Claims
-
1. A computer-implemented method for processing network traffic data in a gateway device for a computer network, the method comprising the steps of:
-
receiving a packet; identifying whether the packet complies with a protocol having a retransmission protocol; responsive to the packet complying, determining whether the packet is a previously dropped packet that is being retransmitted according to the retransmission protocol; and dropping the packet responsive to the packet not being a retransmission of a previously dropped packet. - View Dependent Claims (2, 3, 4, 5, 9)
-
-
6. A non-transitory device-readable storage medium including a set of instructions stored thereon which when executed by a processor of a device, performs a method for processing network traffic data in a gateway device for a computer network, the method comprising the steps of:
-
receiving a packet; identifying whether the packet complies with a protocol having a retransmission protocol; responsive to the packet complying, determining whether the packet is a previously dropped packet that is being retransmitted according to the retransmission protocol; and dropping the packet responsive to the packet not being a retransmission of a previously dropped packet. - View Dependent Claims (7, 8)
-
-
10. A gate way device having at least some hardware for processing network traffic data for a computer network, the method comprising the steps of:
-
a processor; a network interface; and a memory device, storing; a first module to receive a packet; a second module to identify whether the packet complies with a protocol having a retransmission protocol; a third module to, responsive to the packet complying, determine whether the packet is a previously dropped packet that is being retransmitted according to the retransmission protocol; and a fourth module to drop the packet responsive to the packet not being a retransmission of a previously dropped packet.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeFortinet Inc.
-
Original AssigneeFortinet Inc.
-
InventorsWei, Shaohong, Duan, Gang, Chen, Zhong Qiang, Xie, Bing
-
Primary Examiner(s)KAMARA, MOHAMED A
-
Application NumberUS15/055,995Publication NumberTime in Patent Office421 DaysField of Search370252-253, 370230, 370386-392, 370401, 370422, 370466-467, 370469, 726 22- 27US Class CurrentCPC Class CodesH04L 1/1835 Buffer managementH04L 2463/143 Denial of service attacks i...H04L 41/28 Restricting access to netwo...H04L 43/16 Threshold monitoringH04L 63/0236 Filtering by address, proto...H04L 63/14 for detecting or protecting...H04L 63/1408 by monitoring network traff...H04L 63/1416 Event detection, e.g. attac...H04L 63/1458 Denial of ServiceH04L 63/1466 Active attacks involving in...
