Invention Grant
US09055006B2 Techniques for traffic diversion in software defined networks for mitigating denial of service attacks
有权
软件定义网络中的流量转移技术,用于减轻拒绝服务攻击
- Patent Title: Techniques for traffic diversion in software defined networks for mitigating denial of service attacks
- Patent Title (中): 软件定义网络中的流量转移技术,用于减轻拒绝服务攻击
-
Application No.: US13913916Application Date: 2013-06-10
-
Publication No.: US09055006B2Publication Date: 2015-06-09
- Inventor: Avi Chesla , Ehud Doron
- Applicant: Radware, Ltd.
- Applicant Address: IL Tel Aviv
- Assignee: Radware, Ltd.
- Current Assignee: Radware, Ltd.
- Current Assignee Address: IL Tel Aviv
- Agency: M&B IP Analysts, LLC
- Main IPC: H04L29/00
- IPC: H04L29/00 ; H04L12/741 ; H04L29/06 ; H04L29/08
Abstract:
A method for mitigating of denial of service (DoS) attacks in a software defined network (SDN). The method comprises receiving a DoS attack indication performed against at least one destination server; programming each network element in the SDN to forward a packet based on a diversion value designated in a packet diversion field, upon reception of the DoS attack indication; instructing at least one peer network element in the SDN to mark a diversion field in each packet in the incoming traffic addressed to the destination server to allow diversion of the packet to a security server; and instructing edge network elements in the SDN to unmark the diversion field of each packet output by the security server, wherein each network element in the SDN is programmed to forward the unmarked packets processed by the security server to the at least one destination server.
Public/Granted literature
- US20130333029A1 TECHNIQUES FOR TRAFFIC DIVERSION IN SOFTWARE DEFINED NETWORKS FOR MITIGATING DENIAL OF SERVICE ATTACKS Public/Granted day:2013-12-12
Information query
