发明授权
US07921285B2 Means of mitigating denial of service attacks on IP fragmentation in high performance IPsec gateways
有权
减少高性能IPsec网关IP分片拒绝服务攻击的方法
- 专利标题: Means of mitigating denial of service attacks on IP fragmentation in high performance IPsec gateways
- 专利标题(中): 减少高性能IPsec网关IP分片拒绝服务攻击的方法
-
申请号: US10714101申请日: 2003-11-14
-
公开(公告)号: US07921285B2公开(公告)日: 2011-04-05
- 发明人: Craig Partridge , Walter Clark Milliken , David Patrick Mankins
- 申请人: Craig Partridge , Walter Clark Milliken , David Patrick Mankins
- 申请人地址: US NJ Basking Ridge US MA Cambridge
- 专利权人: Verizon Corporate Services Group Inc.,Raytheon BBN Technologies Corp.
- 当前专利权人: Verizon Corporate Services Group Inc.,Raytheon BBN Technologies Corp.
- 当前专利权人地址: US NJ Basking Ridge US MA Cambridge
- 主分类号: H04L29/06
- IPC分类号: H04L29/06 ; H04L29/00
摘要:
Embodiments of the invention reduce the probability of success of a DOS attack on a node receiving packets by decreasing the probability of random collisions of packets sent by a malicious user with those sent by honest users. The probability of random collisions may be reduced in one class of embodiments of the invention by supplementing the identification field of the IP header of each transmitted packet with at least one bit from another field of the header. The probability of random collisions may be reduced in another class of embodiments of the invention by ensuring that packets sent from a transmitting IPsec node to a receiving IPsec node are not fragmented.
公开/授权文献
信息查询
