Embodiments are directed toward a method for Behavior based Tra? ic Differentiation (BTD)
that initially receives incoming packets and performs tra? ic classi? cation to deter mine the …

According to the present invention, method, apparatus, and computer readable medium for
preventing a DoS attack without notifying the DoS attacker are disclosed. In one …

An estimate of a portion of network traffic that is noncon forming to a communication
transmission control protocol is used to signal that a distributed denial of service attack may …

Effective control of communications traffic, even under fast-changing DDoS attacks, might be
performed by (a) determining parameters of a leaky bucket using nominal communications …

An active monitor detects and classifies messages transmit US PATENT DOCUMENTS ted
on a network. In one form, the monitor includes a routine 5,481,611 A 1/1996 Owens et …

Disclosed are a method and system for distributed denial of service (DDoS) attack detection
and traffic mitigation using flow statistics. The method for DDoS attack detection and traffic …

A SYN packet bandwidth Distributed Denial-of-Service (DDoS) attack is defended against by
intercepting and identifying SYN packets in a “DDoS gateway” advantageously positioned at …

(57) ABSTRACT A Distributed Denial-of-Service (DDoS) attack by a TCP stateless hog is
defeated with use of an enhancement to the keep-alive mechanism provided by RFC 1122 …

Assistant Examiner—Theodore Parsons (57) ABSTRACT There are provided a method and
apparatus for defending a Distributed Denial-of-Service (DDoS) attack through abnor mally …

In one embodiment, a device in a network receives an attack mitigation request regarding
traffic in the network. The device causes an assessment of the traffic, in response to the …