The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Sep. 04, 2007
Filed:
Aug. 14, 2003
Pritam Shah, Sunnyvale, CA (US);
Chengelpet Ramesh, San Jose, CA (US);
Vamsidhar Valluri, San Jose, CA (US);
Pritam Shah, Sunnyvale, CA (US);
Chengelpet Ramesh, San Jose, CA (US);
Vamsidhar Valluri, San Jose, CA (US);
Cisco Technology, Inc., San Jose, CA (US);
Abstract
A method for detecting a suspicious packet flow in a packet-switched network comprises the computer-implemented step of receiving a first packet in which the SYN bit but not the ACK or RST bit of the packet's TCP header is set. If a specified first time has elapsed, a packet counter associated with the destination address of the flow is incremented. A determination as to whether the packet counter is greater than a specified threshold values is made. If the packet counter is greater than the threshold value, a notification message is generated. In one embodiment, information identifying a packet flow is aggregated to an aggregation cache based on the destination address of the flow.