[go: up one dir, main page]

WO2003050644A3 - Protecting against malicious traffic - Google Patents

Protecting against malicious traffic Download PDF

Info

Publication number
WO2003050644A3
WO2003050644A3 PCT/IL2002/000996 IL0200996W WO03050644A3 WO 2003050644 A3 WO2003050644 A3 WO 2003050644A3 IL 0200996 W IL0200996 W IL 0200996W WO 03050644 A3 WO03050644 A3 WO 03050644A3
Authority
WO
WIPO (PCT)
Prior art keywords
protecting against
malicious traffic
against malicious
data packet
determination
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/IL2002/000996
Other languages
French (fr)
Other versions
WO2003050644A2 (en
Inventor
Yehuda Afek
Rafi Zadikario
Dan Touitou
Bar Anat Bremler
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Riverhead Networks Inc
Original Assignee
Riverhead Networks Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/929,877 external-priority patent/US7707305B2/en
Application filed by Riverhead Networks Inc filed Critical Riverhead Networks Inc
Priority to CA2469885A priority Critical patent/CA2469885C/en
Priority to AU2002360197A priority patent/AU2002360197B2/en
Priority to EP02795406.4A priority patent/EP1461704B1/en
Publication of WO2003050644A2 publication Critical patent/WO2003050644A2/en
Publication of WO2003050644A3 publication Critical patent/WO2003050644A3/en
Priority to US10/774,169 priority patent/US8438241B2/en
Anticipated expiration legal-status Critical
Priority to US11/045,001 priority patent/US7225270B2/en
Priority to US11/183,091 priority patent/US20060212572A1/en
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A method for screening packet-based communication traffic. At least a first data parcket, sent over a network (40) from a source address to a destination address, is received. A determination is made, by analyzing the first data packet, that the first data packet was generated by a worm. In response to the determination, a second data packet sent over the network from the source address is blocked.
PCT/IL2002/000996 2000-10-17 2002-12-10 Protecting against malicious traffic Ceased WO2003050644A2 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
CA2469885A CA2469885C (en) 2001-12-10 2002-12-10 Protecting against malicious traffic
AU2002360197A AU2002360197B2 (en) 2001-12-10 2002-12-10 Protecting against malicious traffic
EP02795406.4A EP1461704B1 (en) 2001-12-10 2002-12-10 Protecting against malicious traffic
US10/774,169 US8438241B2 (en) 2001-08-14 2004-02-05 Detecting and protecting against worm traffic on a network
US11/045,001 US7225270B2 (en) 2000-10-17 2005-01-26 Selective diversion and injection of communication traffic
US11/183,091 US20060212572A1 (en) 2000-10-17 2005-07-14 Protecting against malicious traffic

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US09/929,877 US7707305B2 (en) 2000-10-17 2001-08-14 Methods and apparatus for protecting against overload conditions on nodes of a distributed network
US33990001P 2001-12-10 2001-12-10
US60/339,900 2001-12-10

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US09/929,877 Continuation-In-Part US7707305B2 (en) 2000-10-17 2001-08-14 Methods and apparatus for protecting against overload conditions on nodes of a distributed network

Related Child Applications (4)

Application Number Title Priority Date Filing Date
US10498463 A-371-Of-International 2002-12-10
US10/774,169 Continuation-In-Part US8438241B2 (en) 2001-08-14 2004-02-05 Detecting and protecting against worm traffic on a network
US82180404A Continuation-In-Part 2000-10-17 2004-04-08
US11/183,091 Continuation US20060212572A1 (en) 2000-10-17 2005-07-14 Protecting against malicious traffic

Publications (2)

Publication Number Publication Date
WO2003050644A2 WO2003050644A2 (en) 2003-06-19
WO2003050644A3 true WO2003050644A3 (en) 2003-11-27

Family

ID=29553090

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2002/000996 Ceased WO2003050644A2 (en) 2000-10-17 2002-12-10 Protecting against malicious traffic

Country Status (1)

Country Link
WO (1) WO2003050644A2 (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8438241B2 (en) 2001-08-14 2013-05-07 Cisco Technology, Inc. Detecting and protecting against worm traffic on a network
EP1595193B1 (en) * 2001-08-14 2012-11-21 Cisco Technology, Inc. Detecting and protecting against worm traffic on a network
CN100414532C (en) * 2003-04-09 2008-08-27 思科技术公司 Method and apparatus for selective diversion and injection of communication traffic
CN1771708A (en) * 2003-05-30 2006-05-10 国际商业机器公司 Network attack signature generation
WO2005069732A2 (en) 2004-01-26 2005-08-04 Cisco Technology Inc. Upper-level protocol authentication
US20050259657A1 (en) * 2004-05-19 2005-11-24 Paul Gassoway Using address ranges to detect malicious activity
US7540025B2 (en) 2004-11-18 2009-05-26 Cisco Technology, Inc. Mitigating network attacks using automatic signature generation
US7607170B2 (en) 2004-12-22 2009-10-20 Radware Ltd. Stateful attack protection
EP1847093A1 (en) * 2005-02-04 2007-10-24 Nokia Corporation Apparatus, method and computer program product to reduce tcp flooding attacks while conserving wireless network bandwidth
FI20050561A0 (en) * 2005-05-26 2005-05-26 Nokia Corp Processing of packet data in a communication system
US20070077931A1 (en) * 2005-10-03 2007-04-05 Glinka Michael F Method and apparatus for wireless network protection against malicious transmissions
US20070258437A1 (en) * 2006-05-05 2007-11-08 Broadcom Corporation, A California Corporation Switching network employing server quarantine functionality
US8156557B2 (en) 2007-01-04 2012-04-10 Cisco Technology, Inc. Protection against reflection distributed denial of service attacks
US20160080413A1 (en) 2014-09-12 2016-03-17 Level 3 Communications, Llc Blocking forgiveness for ddos
EP3215955B1 (en) 2014-11-03 2019-07-24 Level 3 Communications, LLC Identifying a potential ddos attack using statistical analysis

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6397335B1 (en) * 1998-02-12 2002-05-28 Ameritech Corporation Computer virus screening methods and systems
US6513122B1 (en) * 2001-06-29 2003-01-28 Networks Associates Technology, Inc. Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6397335B1 (en) * 1998-02-12 2002-05-28 Ameritech Corporation Computer virus screening methods and systems
US6513122B1 (en) * 2001-06-29 2003-01-28 Networks Associates Technology, Inc. Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP1461704A4 *

Also Published As

Publication number Publication date
WO2003050644A2 (en) 2003-06-19

Similar Documents

Publication Publication Date Title
WO2003050644A3 (en) Protecting against malicious traffic
WO2002003653A3 (en) Packet data communications
EP1363428A3 (en) In-band flow control methods for communications systems
WO2003067383A3 (en) Services processor having a packet editing unit
WO2002062033A3 (en) Processing internet protocol security traffic
WO2005109366A3 (en) Method and apparatus for controlling traffic in a computer network
GB2424145A (en) Adaptive source routing and packet processing
WO2000052896A3 (en) Method and apparatus for managing a network flow in a high performance network interface
AU2002252188A1 (en) Method for establishing channel-based internet access network
AU2003222452A1 (en) Mobile node, router, server and method for mobile communications under ip version 6 (ipv6) protocol
WO2004045159A3 (en) Filtering data packets at a network gateway working as a service-based policy (sblp) enforcement point
AU2002358361A1 (en) Method, apparatus and software for network traffic management
BR9910416B1 (en) method, device and protocol for determining the optimal size of the transmitting and retransmitting data block at varying communication speeds.
GB2405773B (en) A method of controlling provision of audio communication on a network
AU1098101A (en) Method for establishing an mpls data network protection pathway
EP1320226A3 (en) Router, terminal apparatus, communication system and routing method
AU2002342524A1 (en) Method for sending postal packets
AU2002356440A1 (en) Router, network system, and network setup method
CA2359594A1 (en) End-to-end prioritized data delivery on networks using ip over frame relay
WO2000056013A3 (en) Method for avoiding out-of-ordering of frames in a network switch
WO2002079927A3 (en) Simulating data flow through a network
WO2002100038A3 (en) Security in area networks
EP1283630A3 (en) Network routing using an untrusted router
AU2000279463A1 (en) Method and device for routing or compressing packets destination address containing classless address
AU2002252450A1 (en) Method, system and program for enabling communication between network elements using different address formats

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2469885

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 20028247000

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2002360197

Country of ref document: AU

WWE Wipo information: entry into national phase

Ref document number: 2002795406

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2002795406

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP