Invention Grant
US09282115B1 Systems and methods for detecting cache-poisoning attacks in networks using service discovery protocols
有权
使用服务发现协议检测网络中缓存中毒攻击的系统和方法
- Patent Title: Systems and methods for detecting cache-poisoning attacks in networks using service discovery protocols
- Patent Title (中): 使用服务发现协议检测网络中缓存中毒攻击的系统和方法
-
Application No.: US14146884Application Date: 2014-01-03
-
Publication No.: US09282115B1Publication Date: 2016-03-08
- Inventor: Anil Kaushik , Vineet Verma , Stephen Grau , Sreenivas Voruganti , Abhishek Kumar
- Applicant: Juniper Networks, Inc.
- Applicant Address: US CA Sunnyvale
- Assignee: Juniper Networks, Inc.
- Current Assignee: Juniper Networks, Inc.
- Current Assignee Address: US CA Sunnyvale
- Agency: ALG Intellectual Property, LLC
- Main IPC: G06F11/07
- IPC: G06F11/07 ; G06F12/02 ; G06F21/00 ; H04L29/06
Abstract:
A computer-implemented method for detecting cache-poisoning attacks in networks using SDPs may include maintaining a cache of service information that identifies services provided by client devices connected to a network using an SDP. The method may also include detecting a cache-poisoning attack by (1) receiving, from a client device connected to the network, an SDP message related to a service allegedly provided via the network, (2) identifying, within the SDP message, an attribute of the service allegedly provided via the network, and then (3) determining that the client device is attempting to corrupt the cache of service information by determining that the identified attribute of the service suggests that the service is illegitimate. Finally, the method may include performing a security action to mitigate the cache-poisoning attack in response to detecting the cache-poisoning attack. Various other methods, systems, and computer-readable media are also disclosed.
Information query
