FIELD: telecommunications.
SUBSTANCE: invention relates to communication and can be used in data networks for filtration and routing of Internet protocol fragmented datagrams. Said technical result is achieved by using time-varying filtration criterion, which is at least one of following parameters: IP-address of source, IP-address of recipient, subnet mask, source port, recipient port, range of source ports, range of recipient ports, protocol number, type of service for IP of version 4 (IPv4), class of traffic for IP of version 6 (IPv6), mark flow for IPv6, IPSec security parameter index (SPI), total length of IP datagrams or their combination.
EFFECT: technical result consists in improvement of efficiency of protection against DDoS attacks.
1 cl, 5 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| FILTRATION AND ROUTING OF FRAGMENTED DATAGRAMS IN DATA TRANSFER NETWORK | 2005 |
|
RU2363108C2 |
| METHOD FOR PROCESSING NETWORK TRAFFIC DATAGRAMS TO HIDE CORRESPONDING PAIRS OF SUBSCRIBERS OF INFORMATION AND TELECOMMUNICATION SYSTEMS | 2020 |
|
RU2763261C1 |
| METHOD FOR PROTECTING INFORMATION-COMPUTER NETWORKS AGAINST CYBER ATTACKS | 2016 |
|
RU2622788C1 |
| SYSTEM AND METHOD OF REDUCING FALSE RESPONSES WHEN DETECTING NETWORK ATTACK | 2011 |
|
RU2480937C2 |
| METHOD FOR COMMUNICATION NETWORK STRUCTURE MASKING | 2022 |
|
RU2793104C1 |
| DYNAMIC SECURE COMMUNICATION NETWORK AND PROTOCOL | 2016 |
|
RU2707715C2 |
| METHOD OF DETECTING NETWORK ATTACKS BASED ON ANALYSIS OF TRAFFIC TIME STRUCTURE | 2017 |
|
RU2680756C1 |
| DYNAMIC SECURE COMMUNICATION NETWORK AND PROTOCOL | 2016 |
|
RU2769216C2 |
| SYSTEM AND METHOD OF TRAFFIC FILTRATION AT DDoS-ATTACK DETECTION | 2017 |
|
RU2649290C1 |
| METHOD OF PROTECTING COMPUTER NETWORKS FROM UNAUTHORISED SCANNING AND BLOCKING OF NETWORK SERVICES (VERSIONS) | 2011 |
|
RU2469390C1 |
