专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09882921B1 Systems and methods for detecting cache-poisoning attacks in networks using service discovery protocols 有权
公开(公告)号：US09882921B1
公开(公告)日：2018-01-30
申请号：US15011495
申请日：2016-01-30
申请人： Juniper Networks, Inc.
发明人： Anil Kaushik , Vineet Verma , Stephen Grau , Sreenivas Voruganti , Abhishek Kumar
IPC分类号： G06F11/07 , G06F12/02 , G06F12/08 , G06F21/00 , G06F21/50 , G06F21/55 , G06F21/56 , H04L29/06
CPC分类号： H04L63/1416 , H04L63/1408 , H04L63/1441 , H04L63/1466 , H04L67/42 , H04L2463/145
摘要： A computer-implemented method for detecting cache-poisoning attacks in networks using SDPs may include maintaining a cache of service information that identifies services provided by client devices connected to a network using an SDP. The method may also include detecting a cache-poisoning attack by (1) receiving, from a client device connected to the network, an SDP message related to a service allegedly provided via the network, (2) identifying, within the SDP message, an attribute of the service allegedly provided via the network, and then (3) determining that the client device is attempting to corrupt the cache of service information by determining that the identified attribute of the service suggests that the service is illegitimate. Finally, the method may include performing a security action to mitigate the cache-poisoning attack in response to detecting the cache-poisoning attack. Various other methods, systems, and computer-readable media are also disclosed.

2. 发明申请

US20130291101A1 DETECTING AND BLOCKING DOMAIN NAME SYSTEM CACHE POISONING ATTACKS 有权
标题翻译：检测和阻塞域名系统缓存攻击攻击
公开(公告)号：US20130291101A1
公开(公告)日：2013-10-31
申请号：US13460110
申请日：2012-04-30
申请人： Anestis Karasaridis
发明人： Anestis Karasaridis
IPC分类号： G06F21/00
CPC分类号： G06F21/00 , G06F21/577 , H04L63/1425 , H04L63/1466 , H04L2463/145
摘要： Concepts and technologies for detecting and blocking Domain Name System (“DNS”) cache poisoning attacks are provided. An inline detector and blocker apparatus implements a detection algorithm to monitor DNS response packets and detects a DNS cache poisoning attack utilizing the detection algorithm. The inline detector and blocker apparatus detects the DNS cache poisoning attack by receiving a DNS response packet and determining that the response packet includes poison data. The poison data may be included within an additional section of the response packet and/or an answer section of the response packet. As appropriate, the inline detector and blocker apparatus removes the additional section and/or the answer section of the response packet to effectively block the poison data from being cached by a DNS caching resolver.
摘要翻译：提供了检测和阻止域名系统（“DNS”）缓存中毒攻击的概念和技术。在线检测器和阻断装置实现检测算法来监视DNS响应包，并利用检测算法检测DNS缓存中毒攻击。在线检测器和阻断装置通过接收DNS响应包并确定响应包包含毒物数据来检测DNS缓存中毒攻击。毒物数据可以包括在响应分组的附加部分和/或响应分组的应答部分中。适当地，在线检测器和阻塞装置去除响应包的附加部分和/或应答部分，以有效地阻止毒物数据被DNS缓存解析器缓存。

3. 发明申请

US20130182721A1 METHOD AND APPARATUS FOR MANAGING MAC ADDRESS TABLE 有权
标题翻译： MAC地址表管理方法和装置
公开(公告)号：US20130182721A1
公开(公告)日：2013-07-18
申请号：US13683142
申请日：2012-11-21
申请人： Huawei Technologies Co., Ltd.
发明人： Shifa ZHANG , Xuefei TAN
IPC分类号： H04L12/56
CPC分类号： H04L45/02 , H04L45/742 , H04L49/3009 , H04L49/351 , H04L63/1458 , H04L63/1466 , H04L63/162 , H04L2463/145
摘要： Embodiments of the present invention disclose a method and an apparatus for managing a MAC address table. The method includes: receiving a packet and obtaining MAC address information carried in the packet; matching the MAC address information with a MAC address table; and if the matching succeeds, prolonging an aging time of the MAC address information in the MAC address table.
摘要翻译：本发明的实施例公开了一种用于管理MAC地址表的方法和装置。该方法包括：接收分组并获得分组携带的MAC地址信息; MAC地址信息与MAC地址表匹配; 如果匹配成功，则延长MAC地址表中MAC地址信息的老化时间。

4. 发明申请

US20120297478A1 METHOD AND SYSTEM FOR PREVENTING DNS CACHE POISONING 审中-公开
标题翻译：防止DNS缓存解毒的方法和系统
公开(公告)号：US20120297478A1
公开(公告)日：2012-11-22
申请号：US13519606
申请日：2011-01-18
申请人： Antony Martin , Serge Papillon
发明人： Antony Martin , Serge Papillon
IPC分类号： G06F21/00
CPC分类号： H04L29/12066 , H04L29/12811 , H04L61/1511 , H04L61/6009 , H04L63/1483 , H04L2463/145
摘要： A method for preventing the poisoning of at least one DNS cache (5—i) within a computer network (B) including several DNS caches (5—1, 5—i, 5—n), this method comprising a step of comparing at least two DNS responses to a DNS query, returned by two different DNS caches.
摘要翻译：一种用于防止在包括多个DNS高速缓存（5-1,5-i，5-n）的计算机网络（B）内的至少一个DNS缓存（5-i）中毒的方法，该方法包括以下步骤：至少两个对DNS查询的DNS响应，由两个不同的DNS缓存返回。

5. 发明申请

US20100199122A1 Cache Validating SCIT DNS Server 有权
标题翻译：缓存验证SCIT DNS服务器
公开(公告)号：US20100199122A1
公开(公告)日：2010-08-05
申请号：US12695686
申请日：2010-01-28
申请人： Arun Sood
发明人： Arun Sood
IPC分类号： G06F15/173 , G06F17/30 , G06F12/08 , G06F11/07 , G06F21/00
CPC分类号： H04L61/1511 , H04L29/12066 , H04L67/2852 , H04L2463/145
摘要： A cache validating SCIT-DNS Server including a server cluster, a cache copy, a controller and a validation module. Each of the servers in the server cluster uses a DNS mapping cache which maps DNS name(s) to record entry(ies). The cache copy maintains an image of DNS mapping cache(s). The controller manages the state of servers. States include a live spare state; an exposed state; a quiescent state; and a self-cleansing state. The validation module validates DNS entry(s) using a retriever module and a comparisons module. Retriever module retrieves an independent record entry associated with a selected DNS name from an external DNS resolver. The comparison module compares the independent record entry retrieved by the retriever module with the record entry associated with the selected DNS name residing in the cache copy. The validation module may cause server(s) to take an affirmative action in response to detected validation error(s).
摘要翻译：验证SCIT-DNS服务器的缓存，包括服务器集群，缓存副本，控制器和验证模块。服务器集群中的每个服务器都使用DNS映射缓存，它将DNS名称映射到记录条目。缓存副本维护DNS映射缓存的映像。控制器管理服务器的状态。国家包括现场备用状态; 曝光状态; 静止状态; 和自我清洁的状态。验证模块使用检索模块和比较模块验证DNS条目。检索模块从外部DNS解析器检索与所选DNS名称相关联的独立记录条目。比较模块将检索模块检索到的独立记录条目与驻留在缓存副本中的所选DNS名称相关联的记录条目进行比较。验证模块可能导致服务器响应于检测到的验证错误采取肯定行动。

6. 发明申请

US20040165551A1 Method of reducing denial-of-service attacks and a system as well as an access router therefor 失效
标题翻译：减少拒绝服务攻击的方法以及系统以及接入路由器
公开(公告)号：US20040165551A1
公开(公告)日：2004-08-26
申请号：US10785407
申请日：2004-02-25
发明人： Govindarajan Krishnamurthi , Robert Chalmers
IPC分类号： H04Q007/00
CPC分类号： H04L63/1408 , H04L45/741 , H04L63/1458 , H04L2463/145 , H04W12/06 , H04W12/12 , H04W40/36 , H04W80/00 , H04W80/04 , H04W88/14
摘要： A method and system reduces denial-of-service attacks malicious mobile nodes in a mobile IP environment. The method and system includes maintaining, by each of a plurality of access routers within the mobile IP environment, a cache of neighboring access routers as candidates and their associated access points. The caches are populated in response to actions initiated by mobile nodes. Each cache entry is tagged with the identity of the action initiating mobile node. The identity is based on information that is verifiable by the access routers and which cannot be modified arbitrarily by the mobile node. The total number of entries that can be tagged and thus introduced into a cache by any given node is limited.
摘要翻译：一种方法和系统减少移动IP环境中的恶意移动节点的拒绝服务攻击。所述方法和系统包括将移动IP环境内的多个接入路由器中的每一个维护为相邻接入路由器的高速缓存作为候选及其相关联的接入点。响应于移动节点发起的动作来填充高速缓存。每个缓存条目都标有动作发起移动节点的标识。身份基于可由接入路由器验证并且不能由移动节点任意修改的信息。可以被任何给定节点标记并因此被引入缓存的条目的总数是有限的。

7. 发明申请

US20180027012A1 TECHNOLOGIES FOR PREVENTING MAN-IN-THE-MIDDLE ATTACKS IN SOFTWARE DEFINED NETWORKS 审中-公开
公开(公告)号：US20180027012A1
公开(公告)日：2018-01-25
申请号：US15215290
申请日：2016-07-20
申请人： Cisco Technology, Inc.
发明人： Venkatesh Srinivasan , Ambrish Niranjan Mehta , Anand Kumar Singh , Anulekha Chodey , Natarajan Manthiramoorthy , Swaminathan Narayanan
IPC分类号： H04L29/06 , H04L12/931 , H04L12/46 , H04L29/12
CPC分类号： H04L63/1466 , H04L12/4641 , H04L49/70 , H04L61/103 , H04L61/2015 , H04L61/6022 , H04L63/101 , H04L63/1416 , H04L63/1483 , H04L2463/145
摘要： Systems, methods, and computer-readable media for preventing man-in-the-middle attacks within network, without the need to maintain trusted/un-trusted port listings on each network device. The solutions disclosed herein leverage a host database which can be present on controllers, thereby providing a centralized database instead of a per-node DHCP binding database. Systems configured according to this disclosure (1) use a flood list only for ARP packets received from the controller 116; and (2) unicast ARP packets to the controller before communicating the packets to other VTEPs.

8. 发明授权

US09036660B2 Method and apparatus for managing MAC address table 有权
标题翻译：用于管理MAC地址表的方法和装置
公开(公告)号：US09036660B2
公开(公告)日：2015-05-19
申请号：US13683142
申请日：2012-11-21
申请人： Huawei Technologies Co., Ltd.
发明人： Shifa Zhang , Xuefei Tan
IPC分类号： H04L12/751 , H04L12/747 , H04L29/06 , H04L12/931 , H04L12/935
CPC分类号： H04L45/02 , H04L45/742 , H04L49/3009 , H04L49/351 , H04L63/1458 , H04L63/1466 , H04L63/162 , H04L2463/145
摘要： Embodiments of the present invention disclose a method and an apparatus for managing a MAC address table. The method includes: receiving a packet and obtaining MAC address information carried in the packet; matching the MAC address information with a MAC address table; and if the matching succeeds, prolonging an aging time of the MAC address information in the MAC address table.
摘要翻译：本发明的实施例公开了一种用于管理MAC地址表的方法和装置。该方法包括：接收分组并获得分组携带的MAC地址信息; MAC地址信息与MAC地址表匹配; 如果匹配成功，则延长MAC地址表中MAC地址信息的老化时间。

9. 发明授权

US08881281B1 Application and network abuse detection with adaptive mitigation utilizing multi-modal intelligence data 有权
标题翻译：应用和网络滥用检测与自适应减轻利用多模态智能数据
公开(公告)号：US08881281B1
公开(公告)日：2014-11-04
申请号：US14290611
申请日：2014-05-29
申请人： Singularity Networks, LLC
发明人： David James Mitchell
IPC分类号： H04L29/06 , G06F21/55
CPC分类号： H04L63/1441 , G06F21/55 , G06F21/552 , G06F21/554 , G06F2221/034 , H04L63/14 , H04L63/1425 , H04L63/1458 , H04L63/1466 , H04L63/30 , H04L2463/145
摘要： In an embodiment, a computer-implemented method detects a network or application abuse to a service provider environment. In the method, data is collected describing incoming requests from plurality of different external source addresses to the service provider environment. The collected data is used to compare the incoming requests against a heuristic. When the incoming requests are determined to match the heuristic, the requests, having the plurality of different external source addresses, are from a common abuse entity. Finally, the collected data is evaluated to determine that the common abuse entity is a potential network abuser of the service provider environment.
摘要翻译：在一个实施例中，计算机实现的方法检测对服务提供商环境的网络或应用程序滥用。在该方法中，收集从多个不同的外部源地址到服务提供商环境的传入请求的数据。收集的数据用于比较传入的请求与启发式。当确定输入请求与启发式匹配时，具有多个不同外部源地址的请求来自公共滥用实体。最后，对收集的数据进行评估，以确定常见的滥用实体是服务提供商环境的潜在网络滥用者。

10. 发明授权

US08180874B2 Facilitating defense against MAC table overflow attacks 有权
标题翻译：方便防范MAC表溢出攻击
公开(公告)号：US08180874B2
公开(公告)日：2012-05-15
申请号：US12008535
申请日：2008-01-11
申请人： Yong Sun , Vinod K. Choyi
发明人： Yong Sun , Vinod K. Choyi
IPC分类号： G06F15/173
CPC分类号： H04L12/4625 , H04L49/251 , H04L49/351 , H04L63/1458 , H04L63/1466 , H04L2463/145
摘要： A method for defending against MAC table overflow attacks comprises a plurality of operations. An operation is performed for determining whether each one of a plurality of MAC addresses within a MAC table has one-way traffic or two-way traffic corresponding thereto. Thereafter, operations are performed for designating each MAC address having two-way traffic corresponding thereto as a first category of MAC address and for designating each MAC address having one-way traffic corresponding thereto as a second category of MAC address. In response to the number of the MAC addresses designated as the second category of MAC address exceeding a prescribed threshold value, an operation is performed for causing a timeout value of at least a portion of the MAC addresses designated as the second category of MAC address to be less than a timeout value of the MAC addresses designated as the first category of MAC address.
摘要翻译：防止MAC表溢出攻击的方法包括多个操作。执行用于确定MAC表中的多个MAC地址中的每一个是否具有与其对应的单向业务或双向业务的操作。此后，执行操作来指定具有对应于其的双向业务的每个MAC地址作为第一类MAC地址，并且用于指定具有与其对应的单向业务的每个MAC地址作为第二类MAC地址。响应于指定为超过规定阈值的MAC地址的第二类别的MAC地址的数量，执行用于使指定为第二类别MAC地址的MAC地址的至少一部分的超时值的操作小于指定为第一类MAC地址的MAC地址的超时值。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式