Invention Grant
US07882556B2 Method and apparatus for protecting legitimate traffic from DoS and DDoS attacks
失效
保护合法流量免受DoS和DDoS攻击的方法和设备
- Patent Title: Method and apparatus for protecting legitimate traffic from DoS and DDoS attacks
- Patent Title (中): 保护合法流量免受DoS和DDoS攻击的方法和设备
-
Application No.: US10535455Application Date: 2003-03-28
-
Publication No.: US07882556B2Publication Date: 2011-02-01
- Inventor: Gaeil Ahn , Ki-Young Kim , Jong Soo Jang
- Applicant: Gaeil Ahn , Ki-Young Kim , Jong Soo Jang
- Applicant Address: KR Daejeon
- Assignee: Electronics and Telecommunications Research Institute
- Current Assignee: Electronics and Telecommunications Research Institute
- Current Assignee Address: KR Daejeon
- Agency: Lowe Hauptman Ham & Berner LLP
- Priority: KR10-2002-0071890 20021119
- International Application: PCT/KR03/00628 WO 20030328
- International Announcement: WO2004/047383 WO 20040603
- Main IPC: G06F9/00
- IPC: G06F9/00 ; G06F15/16 ; G06F17/00
Abstract:
An apparatus for protecting legitimate traffic from DoS and DDoS attacks has a high-priority (505) and a low-priority (506) queue. Besides, a queue information table (402) has STT (Source-based Traffic Trunk) service queue information of a specific packet. A queue coordinator (502) updates the queue information table (502) based on a load of a provided STT and a load of the high-priority queue (505). A packet classifier (504) receives a packet from the network access unit (508), investigates an STT service queue of the packet from the queue information table (502), selectively transfers the packet to the high-priority (505) or the low-priority (506) queue and provides information on the packet to the queue coordinator (503). A buffer (507) buffers outputs of the high-priority (505) and the low-priority (506) queue and provides outputs to the network (509) to be protected.
Public/Granted literature
- US20060041667A1 Method and apparatus for protecting legitimate traffic from dos and ddos attacks Public/Granted day:2006-02-23
Information query
