Distributed solution for regulating network traffic
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-011/00
G06F-015/16
G06F-015/173
출원번호
US-0631898
(2000-08-04)
발명자
/ 주소
Wetherall,David J.
Anderson,Thomas E.
Savage,Stefan R.
출원인 / 주소
Arbor Networks, Inc.
대리인 / 주소
Houston Eliseeva LLP
인용정보
피인용 횟수 :
30인용 특허 :
9
초록▼
A number of sensors are distributively deployed in a network, either integrally disposed in a number of routing devices of the network or externally disposed and coupled to the routing devices, to monitor and report on network traffic routed through the routing devices. A director is provided to re
A number of sensors are distributively deployed in a network, either integrally disposed in a number of routing devices of the network or externally disposed and coupled to the routing devices, to monitor and report on network traffic routed through the routing devices. A director is provided to receive network traffic reports from the sensors for the routing devices, and to determine whether moderating actions are to be taken to moderate an amount of network traffic, based at least in part on some of the network traffic reports received from the sensors. In one embodiment, upon determining moderating actions are to be taken, the director further determines what kind of moderating actions are to be taken, including where the moderating actions are to be taken. In one embodiment, the director further instructs appropriate ones of the sensors to cause the desired moderating actions to be applied on the network traffic going through some of the routing devices. In one embodiment, the director, in cooperation with the sensors, also determines when and where moderating actions are to be relaxed, and causes such relaxation to be effectuated. In yet another embodiment, the director, in cooperation with the sensors, also determines when and where regulating actions filtering out certain types of network traffic destined for a network node are to be applied, and causes such filtering to be performed.
대표청구항▼
What is claimed is: 1. A network comprising: a plurality of network nodes; a plurality of routing devices to route network traffics between selected ones of said network nodes; a plurality of sensors, either integrally disposed in a subset of said routing devices or externally disposed and coupled
What is claimed is: 1. A network comprising: a plurality of network nodes; a plurality of routing devices to route network traffics between selected ones of said network nodes; a plurality of sensors, either integrally disposed in a subset of said routing devices or externally disposed and coupled to the subset of routing devices, to monitor and report on network traffic routed through the subset of routing devices in different network domains; and one or more director devices corresponding to the network domains to facilitate receipt of information on network traffic from the sensors for said subset of routing devices, and to determine in response whether moderating actions, to respond to a denial of service attack on the network, are to be taken to moderate an amount of network traffic destined for at least one of said network nodes, to nullify the denial of service attack based at least in part on some of said network traffic information received from said sensors. 2. The network of claim 1, wherein the sensors are equipped to periodically gather data denoting at least amount of network traffic routed through said subset of routing devices, said data including destinations of said network traffic. 3. The network of claim 1, wherein the sensors are equipped to periodically report to said director devices data denoting at least amount of network traffic routed through said subset of routing devices, said data including destinations of said network traffic. 4. The network of claim 1, wherein the sensors are equipped to facilitate application of desired moderation on network traffic through selected ones of said subset of routing devices. 5. The network of claim 1, wherein the director devices are further employed to determine in response moderating actions to be taken, including where the moderating actions are to be taken, if the director devices determine that moderating actions are to be taken to moderate the amount of network traffic. 6. The network of claim 1, wherein the director devices are further employed to determine in response whether moderating actions are to be relaxed for the at least one of the network nodes, based at least in part on some of said network traffic reports received from said sensors. 7. The network of claim 6, wherein the director devices are further employed to determine in response moderation relaxation actions to be taken, including where the moderation relaxation actions are to be taken, if the director devices determine that moderation relaxation actions are to be taken to relax moderation on the amount of network traffic. 8. The network of claim 1, wherein the director devices are further employed to determine in response whether filtering actions are to be taken for the at least one of the network nodes, based at least in part on some of said network traffic reports received from said sensors. 9. The network of claim 8, wherein the director devices are further employed to determine in response where the filtering actions are to be taken, if the director devices determine that filtering actions are to be taken to filter out network traffic. 10. The network of claim 8, wherein the sensors are equipped to facilitate application of desired filtering on network traffic through selected ones of said subset of routing devices. 11. A method comprising: routing network traffic to and from a plurality of network nodes of a network; monitoring and reporting on a portion of said network traffic routed through a plurality of routing devices distributively disposed in the network using one or more director devices corresponding to different network domains to facilitate receipt of information on network traffic from sensors; and determining whether moderating actions are to be taken to moderate an amount of network traffic destined for at least one of said network nodes to nullify a denial of service attack, based at least in part on some of said network traffic reports received for said routing devices from said sensors indicating undesirable network traffic from the denial of service attack. 12. The method of claim 11, wherein said monitoring comprises periodically gathering data denoting network traffic routed through said routing devices, said data including destinations of said portion of network traffic. 13. The method of claim 11, wherein said reporting comprises periodically reporting on data denoting said portion of network traffic routed through said routing devices, said data including destinations of said portion of network traffic. 14. The method of claim 11, wherein said method further comprises facilitating application of desired moderation on network traffic passing through selecting ones of said routing devices. 15. The method of claim 11, wherein said method further comprises determining moderating actions to be taken, including where the moderating actions are to be taken, if it is determined that moderating actions are to be taken to moderate the amount of network traffic destined for a network node. 16. The method of claim 11, wherein the method further comprises determining in response whether moderating actions are to be relaxed for the at least one of the network nodes, based at least in part on some of said network traffic reports received from said sensors in the different network domains. 17. The method of claim 16, wherein the method further comprises determining in response moderation relaxation actions to be taken, including where the moderation relaxation actions are to be taken, if it is determined that moderation relaxation actions are to be taken to relax moderation on the amount of network traffic destined for a network node. 18. The method of claim 11, wherein the method further comprises determining in response whether filtering actions are to be taken for the at least one of the network nodes, based at least in part on some of said network traffic reports received from said sensors. 19. The method of claim 18, wherein the method further comprises determining in response where the filtering actions are to be taken, if it is determined that filtering actions are to be taken to filter out network traffic destined for a network node. 20. The method of claim 18, wherein the method further comprises facilitating application of desired filtering on network traffic through selected ones of said subset of routing devices. 21. The method of claim 11, wherein said sensing is performed using a collection of hierarchically organized devices. 22. The method of claim 11, wherein said determining is performed using the director devices, which are hierarchically organized devices. 23. An apparatus comprising: (a) a storage medium having stored therein a plurality of programming instructions designed to implement (a.1) a requestor to request a routing device of a network for data denoting network traffic routed through said routing device, and to request alteration of routing operations of said routing device to moderate an amount of network traffic going through said routing device to respond to a denial of service attack on the network, (a.2) a reporter to report said data denoting network traffic routed through said routing device, and (a.3) a regulator to control submission of said network traffic moderation routing operation alteration requests to said routing device, responsive to moderation instructions provided to nullify the denial of service attack; and (b) a processor coupled the storage medium to execute the programming instructions; and a communication interface for coupling to at least one of a plurality of hierarchically organized director devices that are coupled to each other to facilitate data collection, analysis and traffic regulation. 24. The apparatus of claim 23, wherein the communication interface couples the apparatus to said routing device to facilitate submission of said network traffic moderation routing operation alteration requests to said routing device. 25. The apparatus of claim 23, wherein the director devices determine whether moderation actions are to be taken to moderate an amount of network traffic, based on said data reported, to facilitate reporting of said data to said director devices. 26. The apparatus of claim 23, wherein the requestor is further used to request alteration of routing operations of said routing device to moderate an amount of network traffic going through said routing device. 27. The apparatus of claim 23, wherein the requester is further used to request filtering operations of said routing device to filter out network traffic going through said routing device. 28. A networking apparatus comprising: a first functional unit to route network traffic; a second functional unit coupled to the first functional unit to gather data denoting network traffic routed through a routing device indicating undesirable network traffic from a denial of service attack, and to apply moderating actions to said first functional unit to moderate network traffic going through said networking apparatus; a third functional unit coupled to the second functional unit to report said data; a fourth functional unit coupled to the second functional unit to control application of said moderating actions to said first functional unit to effectuate a desired moderation of network traffic going through said networking apparatus, responsive to moderation instructions provided to nullify the denial of service attack; and a plurality of hierarchically organized director devices that are coupled to each other to facilitate data collection, analysis and traffic regulation, and issue the moderation instructions, being coupled to the third functional unit and the fourth function unit. 29. The networking apparatus of claim 28, wherein the networking apparatus further comprises a communication interface coupled to the fourth functional unit, to couple said networking apparatus to said director devices that determine whether moderate actions are to be taken to moderate an amount of network traffic, based on said data reported, to facilitate reporting of said gathered data to said director. 30. The networking apparatus of claim 28, wherein the second functional unit is further used to relax moderating actions applied to the first functional unit to relax moderating an amount of network traffic going through said routing device. 31. The networking apparatus of claim 28, wherein the second functional unit is further used to cause the first functional unit to filter out network traffic going through said networking apparatus. 32. An apparatus comprising: (a) a storage medium having stored therein a plurality of programming instructions designed to implement director devices in different network domains to receive reporting of data denoting network traffic routed through a plurality of routing devices of a network indicating undesirable network traffic from denial of service attack, and to determine in response whether moderating actions are to be taken to moderate an amount of network traffic destined for at least one of a plurality of network nodes of said network, based at least in part on some of said reported data to nullify the denial of service attack; and (b) a processor coupled the storage medium to execute the programming instructions. 33. The apparatus of claim 32, wherein said programming instructions are designed to determine whether a moderation threshold has been reached for a network node, based at least in part on some of said reported data. 34. The apparatus of claim 33, wherein said programming instructions are further designed to determine moderating actions to be taken, including where the moderating actions are to be taken, if it is determined that moderating actions are to be taken to moderate an amount of network traffic. 35. The apparatus of claim 32, wherein the apparatus further comprises a communication interface coupled to the processor, to couple the apparatus to a plurality of sensors to receive said data reporting. 36. The apparatus of claim 32, wherein the director further determines whether moderating actions being applied are to be relaxed, based at least in part on some of said reported data. 37. The apparatus of claim 32, wherein the director further determines whether filtering actions are to be taken to filter out network traffic, based at least in part on some of said reported data.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (9)
Pashtan, Ariel; Liss, Raymond M., Communication network method and apparatus.
Yow-Jian Lin ; Arun Narayan Netravali ; Krishan Kumar Sabnani, Network management system based on passive monitoring and proactive management for formulation behavior state transition models.
Natarajan, Shankar; Harvey, Andrew G.; Lee, Hsuan-Chung; Rawat, Vipin; Pereira, Leo, Technique for providing dynamic modification of application specific policies in a feedback-based, adaptive data network.
Sol, Alisson Augusto Souza; Boia, Dragos D.; Markey, Barry; Fish, Robert D.; Ankney, Donald J.; Ramdatmisier, Viresh, Behavior change detection system for services.
Krzanowski, Roman Maria; Bjorkman, William Arthur; Chamas, Haidar Ahmed; Alesi, Vincent Anthony, Dynamic service-aware flow control in packet networks.
Wood, Matthew S.; Levy, Joseph H.; Marston, McKay, Hardware accelerated application-based pattern matching for real time classification and recording of network traffic.
Wood, Matthew Scott; Tveit, Paal; Edginton, Brian; Shillingford, Steve; Brown, James, Method and apparatus of network artifact indentification and extraction.
Wood, Matthew Scott; Tveit, Paal; Edginton, Brian; Shillingford, Steve; Brown, James; Levy, Joseph H; Arnold, Daniel M, Presentation of an extracted artifact based on an indexing technique.
Levy, Joseph H.; Wood, Matthew Scott; Arnold, Daniel; Foisy, Kenny; Tubbs, Dave, System and method for hypertext transfer protocol layered reconstruction.
Gahm, Joshua B.; Sharma, Kapil; Iturralde, Carol Etta; Pickens, John Robert; Ver Steeg, William C., Systems and methods of adaptive playout of delayed media streams.
Gahm, Joshua B.; Sharma, Kapil; Iturralde, Carol Etta; Pickens, John Robert; Ver Steeg, William C., Systems and methods of reducing media stream delay.
Boia, Dragos D.; Ankney, Donald J.; Markey, Barry; Qiu, Jiong; Sol, Alisson A. S.; Ramdatmisier, Viresh; Bobukh, Eugene V., Testing frequency control using a volatility score.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.