Invention Grant
US08689326B2 Device for analyzing and diagnosing network traffic, a system for analyzing and diagnosing network traffic, and a system for tracing network traffic
有权
用于分析和诊断网络流量的设备,用于分析和诊断网络流量的系统,以及用于跟踪网络流量的系统
- Patent Title: Device for analyzing and diagnosing network traffic, a system for analyzing and diagnosing network traffic, and a system for tracing network traffic
- Patent Title (中): 用于分析和诊断网络流量的设备,用于分析和诊断网络流量的系统,以及用于跟踪网络流量的系统
-
Application No.: US12161139Application Date: 2007-01-16
-
Publication No.: US08689326B2Publication Date: 2014-04-01
- Inventor: Glenn Mansfield Keeni
- Applicant: Glenn Mansfield Keeni
- Applicant Address: JP Miyagi
- Assignee: Cyber Solutions Inc.
- Current Assignee: Cyber Solutions Inc.
- Current Assignee Address: JP Miyagi
- Agency: Young & Thompson
- Priority: JP2006-007349 20060116
- International Application: PCT/JP2007/050512 WO 20070116
- International Announcement: WO2007/081023 WO 20070719
- Main IPC: H04L29/06
- IPC: H04L29/06
Abstract:
A system detects the presence of illegal access attacks. The device for analyzing and diagnosing network traffic divides packets into k (k>0) types based on protocol type and port number, etc., a component observing the number of distinct values of one or more pre-specified fields in packet header for each packet type, for all packets that have transited the observation points in a network, an element observing the number of distinct values of one or more pre-specified fields in the packet payload for each packet type, for all packets that have transited the observation points in a network, and a diagnosis element determining whether the network is abnormal when the number of distinct values observed in fields of each packet type crosses a specified ratio-threshold within a predetermined interval. This enables detection of small-scale DoS attacks with little change in addresses number, improving illegal access detection accuracy.
Public/Granted literature
Information query
