Invention Grant
US07966401B2 Method and apparatus for containing a denial of service attack using hardware resources on a network interface card
有权
用于在网络接口卡上使用硬件资源来包含拒绝服务攻击的方法和装置
- Patent Title: Method and apparatus for containing a denial of service attack using hardware resources on a network interface card
- Patent Title (中): 用于在网络接口卡上使用硬件资源来包含拒绝服务攻击的方法和装置
-
Application No.: US11480100Application Date: 2006-06-30
-
Publication No.: US07966401B2Publication Date: 2011-06-21
- Inventor: Kais Belgaied , Sunay Tripathi , Nicolas G. Droux
- Applicant: Kais Belgaied , Sunay Tripathi , Nicolas G. Droux
- Applicant Address: US CA Redwood City
- Assignee: Oracle America, Inc.
- Current Assignee: Oracle America, Inc.
- Current Assignee Address: US CA Redwood City
- Agency: Osha • Liang LLP
- Main IPC: G06F15/173
- IPC: G06F15/173 ; G06F11/00
Abstract:
A method for processing packets, where the method includes programming a hardware classifier in a network interface card (NIC) to send packets associated with a first packet destination to a non-standby hardware receive ring (HRR), programming a software ring to obtain packets from the non-standby HRR, programming the software ring to send packets for the first destination to a first software receive ring (SRR), wherein the first packet destination is associated with the first SRR, obtaining identifying information about a packet associated with a denial of service (DoS) attack, programming the hardware classifier, using the identifying information, to send the packet associated with the DoS attack to a standby HRR, and for each packet received by the hardware classifier determining to which of the standby HRR and the non-standby HRR to send the packet using the programming of the hardware classifier.
Public/Granted literature
Information query
