首页>
外国专利>
Method and apparatus for defending against denial on service attacks which employ IP source spoofing
Method and apparatus for defending against denial on service attacks which employ IP source spoofing
展开▼
机译:利用ip源欺骗防御拒绝服务攻击的方法和装置
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method and apparatus for defending against denial of service (DoS) attacks which employ IP (Internet Protocol) address spoofing. In accordance with an illustrative embodiment of the invention, a carrier offers a “premium” service which comprises marking IP data packets based on whether it has in fact been able to verify the accuracy of the specified IP source address. This marking flag may be implemented with use of a zero/non-zero Type-of-Service (TOS) field value in the IP header, and verification of the source address may be performed with use of a Reverse Path Forwarding (RPF) or other similar such test. The “premium” service is referred to herein as “IP CallerID.”
展开▼
机译:一种用于防御采用IP(Internet协议)地址欺骗的拒绝服务(DoS)攻击的方法和装置。根据本发明的说明性实施例,运营商提供“高级”服务,该服务包括基于其实际上是否能够验证指定的IP源地址的准确性来标记IP数据分组。可以使用IP标头中的零/非零服务类型(TOS)字段值来实现此标记标志,并且可以使用反向路径转发(RPF)或其他类似的测试。 “高级”服务在本文中称为“ IP CallerID”。
展开▼