Method of limiting offending messages communicated over a network, such as but not limited to messages associated with Spam and DoS attacks. The message limiting optionally including limiting bandwidth or other communication capabilities associated with an entity communicating or facilitating communication of the messages.

A communication control method which performs route control in a communication system comprising: a specific network constituting the Internet; a first network configured to accommodate a specific device connected to the specific network; a second network provided between the specific network and the first network; and a processing device configured to perform predetermined processing on the basis of a packet transmitted between the specific network and the first network, the communication control method comprising: causing a path setting device in the communication system to execute a communication route-setting process comprised of, in accordance with first routing information defining a path leading from the first network to the specific network to be branched in the second network, controlling a path so that a first path of the branched path is set as a path via the processing device, and a second path of the branched path is set as a path leading to the specific network.

An apparatus for mitigating a DDoS attack in a networked computing system includes at least one detector coupled with a corresponding router in the networked computing system. The detector is configured: to obtain network flow information from the router regarding current data traffic to at least one host; to compare the current data traffic to the host with stored traffic patterns associated with at least one prior DDoS attack; and to generate an output indicative of a match between the current data traffic and at least one of the stored traffic patterns. The apparatus further includes at least one mitigation unit coupled with the at least one detector. The mitigation unit is configured: to receive the output indicative of the match between the current data traffic and at least one of the stored traffic patterns; and to initiate a DDoS attack mitigation action in response to the received output.

The present invention includes methods, circuits, systems and functionally associated computer executable code for systems and functionally associated computer executable code for detecting and mitigating a denial of service attack on or through a radio access network. According to some embodiments, there may be provided a radio access network with one or more radio access points to wirelessly engage in communication with one or more wireless communication devices, a Malicious Packet Detector (MPD) communicatively coupled to one or more radio access points and configured to detect one or more malicious packets transmitted to the radio access network by the one or more wireless communication devices, and a controller functionally associated with the MPD and configured to alter network operation so as to mitigate malicious packet flow from the one or more malicious packet transmitting wireless communication devices.

Early-warning decision method, node and system are provided in the present disclosure. The method includes obtaining a flow analysis result of a portion of service requests that are targeted at a same server; calculating a flow of all the service requests that are targeted at the server based on a flow indicated by the flow analysis result and a weight of a current distributed node, the weight being a weight or proportion of all the service requests targeted at the server that accounts for the flow indicated by the flow analysis result that is obtained by the current distributed node; comparing a flow of all the service requests that are targeted at the server with an abnormal flow threshold; and determining whether to send an instruction for performing subsequent processing on the server based on a comparison result.

The systems and methods described herein can provide a protocol escalation path in response to a client system's request or in response to a triggering event. For example, the computing system can provide an indication to a client system that the client system can upgrade from a regular connection channel to an upgraded connection channel if the client system can solve a certain proof-of-work. The computing system may also receive a request from the client system to access an upgraded connection channel. The upgraded connection channel may provide more bandwidth, stability, higher priority, etc., alone or in combination, comparing to the regular connection channel.

This application discloses a distributed denial of service attack detection method. The method includes: obtaining a data stream sent to a protection object device in each detection period, obtaining total duration of each data stream; dividing each data stream into a long data stream or a short data stream based on the total duration of each data stream; adding, based on a detection period through which the long data stream goes, total data traffic of the long data stream to statistical traffic; adding data traffic of a short data stream in each detection period to the data traffic, of the long data stream, that is added to a corresponding detection period, to determine statistical traffic in each detection period; and if there is a detection period in which the statistical traffic exceeds a preset traffic threshold, determining that the protection object device undergoes a DDoS attack in the detection period.

An automated vehicle parking system uses a driver's authentication device, such as a mobile phone or portable tag, to identify the driver. Vehicle sensing terminals detect when and where a vehicle has parked and send wireless notifications to the vehicle owner's authentication device. The authentication device, the vehicle sensing terminal and a cloud server interact using secure wireless communications to validate the driver's qualifications and record the parking event. Vehicle sensing terminals detect when the vehicle leaves its parking space and the parking system automatically terminates the parking session. The authentication device handles the bulk of the communication with the cloud server to reduce consumption of the vehicle sensing terminal's power supply. The sensing and portable tag devices communicate using secure tokens that are encrypted with unique individual or group keys.

Methods, systems, and apparatus, including computer programs encoded on computer storage media, for identifying devices. One of the methods includes receiving one or more data packets at a network location from a client device, the one or more data packets being associated with a connection request from the client device seeking a connection with particular network resources; identifying transport layer information from the one or more data packets; extracting particular values of the transport layer information; generating a cryptographic hash value from the extracted values, wherein the hash value provides an identifier for the client device; using the identifier for the client device to monitor subsequent connection requests from the client device; and in response to the monitoring, determining whether to perform denial of service (DoS) mitigation with respect to the client device.

Systems and methods for providing security to an integrated circuit/processor and the processor cores in an endpoint device using a dynamic security architecture environment (DSAE) are disclosed. A security system is configured to provide security to a host endpoint device, the security system comprising: a processing unit including an Operational Processing Unit (OPU), an Input Processing Unit (IPU), and an Execution Processing Unit (EPU); logic modules in communication with the processing unit, the logic modules including an Input System, an Operational System, and an Execution System; and a host interface being configured to enable the Input System, the Operational System, and the Execution System to be coupled for data and control transmissions therebetween and coupled for data and control transmissions between the processing unit and a physical Processor Packing Unit (PPU) including at least one processor core, the PPU being configured to use different processor instruction sets, the Input System, the Operational System, and the Execution System being configured to present a different attack surface at different intervals within a period of time for the PPU, each different attack surface corresponding to the PPU executing a different processor instruction set, the processing unit, the logic modules, and the host interface being integrated together with the PPU on an integrated circuit of the host endpoint device.