The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 12, 2012
Filed:
Sep. 03, 2002
Mooi Choo Chuah, Marlboro, NJ (US);
Wing Cheong Lau, Middletown, NJ (US);
On-ching Yue, Middletown, NJ (US);
Mooi Choo Chuah, Marlboro, NJ (US);
Wing Cheong Lau, Middletown, NJ (US);
On-Ching Yue, Middletown, NJ (US);
Alcatel Lucent, Paris, FR;
Abstract
The present invention provides systems and methods for providing distributed, adaptive IP filtering techniques used in detecting and blocking IP packets involved in DDOS attacks through the use of Bloom Filters and leaky-bucket concepts to identify 'attack' flows. In an exemplary embodiment of the present invention, a device tracks certain criteria of all IP packets traveling from IP sources outside a security perimeter to network devices within the security perimeter. The present invention examines the criteria and places them in different classifications in a uniformly random manner, estimates the amount of criteria normally received and then determines when a group of stored classifications is too excessive to be considered normal for a given period of time. After the device determines the criteria that excessive IP packets have in common, the device then determines rules to identify the packets that meet such criteria and filters or blocks so identified packets.