Invention Application
US20140304810A1 SYSTEMS AND METHODS FOR PROTECTING CLUSTER SYSTEMS FROM TCP SYN ATTACK
有权
从TCP SYN攻击中保护集群系统的系统和方法
- Patent Title: SYSTEMS AND METHODS FOR PROTECTING CLUSTER SYSTEMS FROM TCP SYN ATTACK
- Patent Title (中): 从TCP SYN攻击中保护集群系统的系统和方法
-
Application No.: US14245533Application Date: 2014-04-04
-
Publication No.: US20140304810A1Publication Date: 2014-10-09
- Inventor: Krishna Khanal , Saravana Annamalaisami , Mahesh Mylarappa
- Applicant: Citrix Systems, Inc.
- Applicant Address: US FL Fort Lauderdale
- Assignee: Citrix Systems, Inc.
- Current Assignee: Citrix Systems, Inc.
- Current Assignee Address: US FL Fort Lauderdale
- Main IPC: H04L29/06
- IPC: H04L29/06
Abstract:
The present solution is directed to systems and methods for synchronizing a random seed value among a plurality of multi-core nodes in a cluster of nodes for generating a cookie signature. The cookie signature may be used for protection from SYN flood attacks. A cluster of nodes comprises one master node and one or more other nodes. Each node comprises one master core and one or more other cores. A random number is generated at the master core of the master node. The random number is synchronized across every other core. The random number is used to generated a secret key value that is attached in the encoded initial sequence number of a SYN-ACK packet. If the responding ACK packet does not contain the secret key value, then the ACK packet is dropped.
Public/Granted literature
- US09246940B2 Systems and methods for protecting cluster systems from TCP SYN attack Public/Granted day:2016-01-26
Information query
