WO2008049908A3 - Device for controlling packets, for a router of a communication network with a view to the routing of suspect packets to dedicated analysis equipment - Google Patents

Device for controlling packets, for a router of a communication network with a view to the routing of suspect packets to dedicated analysis equipment Download PDF

Info

Publication number
WO2008049908A3
WO2008049908A3 PCT/EP2007/061506 EP2007061506W WO2008049908A3 WO 2008049908 A3 WO2008049908 A3 WO 2008049908A3 EP 2007061506 W EP2007061506 W EP 2007061506W WO 2008049908 A3 WO2008049908 A3 WO 2008049908A3
Authority
WO
WIPO (PCT)
Prior art keywords
router
packets
destination address
routing
communication network
Prior art date
Application number
PCT/EP2007/061506
Other languages
French (fr)
Other versions
WO2008049908B1 (en
WO2008049908A2 (en
Inventor
Olivier Marce
Francois Taburet
Original Assignee
Alcatel Lucent
Olivier Marce
Francois Taburet
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alcatel Lucent, Olivier Marce, Francois Taburet filed Critical Alcatel Lucent
Priority to EP07821869A priority Critical patent/EP2087688A2/en
Publication of WO2008049908A2 publication Critical patent/WO2008049908A2/en
Publication of WO2008049908A3 publication Critical patent/WO2008049908A3/en
Publication of WO2008049908B1 publication Critical patent/WO2008049908B1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/60Router architectures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment

Abstract

A control device (D) is intended to form part of a router (R1) of a communication network. This router (R1) comprises analysis means (MA) responsible for determining in the header of a data packet, received and to be routed, the destination address that it contains, with a view to the routing of this packet received to this destination address. The device (D) comprises i) control means (MC) responsible, should the analysis means (MA) determine a header comprising a nonallocated or inaccessible destination address, for extracting the packet containing this header, and ii) processing means (MT) responsible for associating with a packet extracted by the control means (MC) a chosen replacement destination address, allocated to an item of packet analysis equipment (EA1), so that the router (R1) routes to this associated replacement destination address.
PCT/EP2007/061506 2006-10-27 2007-10-26 Device for controlling packets, for a router of a communication network with a view to the routing of suspect packets to dedicated analysis equipment WO2008049908A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP07821869A EP2087688A2 (en) 2006-10-27 2007-10-26 Device for controlling packets, for a router of a communication network with a view to the routing of suspect packets to dedicated analysis equipment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0654592 2006-10-27
FR0654592A FR2907998B1 (en) 2006-10-27 2006-10-27 PACKET CONTROL DEVICE FOR A ROUTER OF A COMMUNICATION NETWORK FOR SUSPECTED PACKET ROUTING TO DEDICATED ANALYTICAL EQUIPMENT

Publications (3)

Publication Number Publication Date
WO2008049908A2 WO2008049908A2 (en) 2008-05-02
WO2008049908A3 true WO2008049908A3 (en) 2008-06-12
WO2008049908B1 WO2008049908B1 (en) 2008-07-24

Family

ID=38325505

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2007/061506 WO2008049908A2 (en) 2006-10-27 2007-10-26 Device for controlling packets, for a router of a communication network with a view to the routing of suspect packets to dedicated analysis equipment

Country Status (3)

Country Link
EP (1) EP2087688A2 (en)
FR (1) FR2907998B1 (en)
WO (1) WO2008049908A2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106961414B (en) * 2016-01-12 2020-12-25 阿里巴巴集团控股有限公司 Honeypot-based data processing method, device and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002098100A1 (en) * 2001-05-31 2002-12-05 Preventon Technologies Limited Access control systems
US20040078592A1 (en) * 2002-10-16 2004-04-22 At & T Corp. System and method for deploying honeypot systems in a network
US6775657B1 (en) * 1999-12-22 2004-08-10 Cisco Technology, Inc. Multilayered intrusion detection system and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6775657B1 (en) * 1999-12-22 2004-08-10 Cisco Technology, Inc. Multilayered intrusion detection system and method
WO2002098100A1 (en) * 2001-05-31 2002-12-05 Preventon Technologies Limited Access control systems
US20040078592A1 (en) * 2002-10-16 2004-04-22 At & T Corp. System and method for deploying honeypot systems in a network

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
JIANG ET AL: "Collapsar: A VM-based honeyfarm and reverse honeyfarm architecture for network attack capture and detention", JOURNAL OF PARALLEL AND DISTRIBUTED COMPUTING, ELSEVIER, AMSTERDAM, NL, vol. 66, no. 9, September 2006 (2006-09-01), pages 1165 - 1180, XP005597366, ISSN: 0743-7315 *
YELDI S ET AL: "Enhancing network intrusion detection system with honeypot", IEEE TENCON 2003. CONFERENCE ON CONVERGENT TECHNOLOGIES FOR THE ASIA-PACIFIC REGION. BANGALORE, INDIA, OCT. 15 - 17, 2003, IEEE REGION 10 ANNUAL CONFERENCE, NEW YORK, NY : IEEE, US, vol. VOL. 4 OF 4. CONF. 18, 15 October 2003 (2003-10-15), pages 1521 - 1526, XP010686929, ISBN: 0-7803-8162-9 *

Also Published As

Publication number Publication date
FR2907998B1 (en) 2009-04-10
WO2008049908B1 (en) 2008-07-24
EP2087688A2 (en) 2009-08-12
FR2907998A1 (en) 2008-05-02
WO2008049908A2 (en) 2008-05-02

Similar Documents

Publication Publication Date Title
HK1157890A1 (en) Network controller based pass-through communication mechanism between local host and management controller
EP3240250A3 (en) Virtual router terminating an overlay tunnel in a storage area network
TW200713922A (en) Routing data packets from a multihomed host
WO2007134023A3 (en) Portable firewall
GB2514323A (en) Multiple virtual machines sharing a single IP address
WO2008020430A3 (en) Voice over ip forwarding
WO2009067443A3 (en) Geographic trunk groups
WO2012122366A3 (en) Addressing scheme for hybrid communication networks
WO2011106588A3 (en) An add-on module and methods thereof
WO2006028674A3 (en) A system and method for sharing an ip address
WO2013052898A3 (en) Systems and methods for data packet processing of ip fragments using network address translation functionality
EP1786152A3 (en) Pathway selection by sending test packets and analysis of diverging sub-pathways
WO2007030742A3 (en) Parallelizing peer-to-peer overlays using multi-destination routing
ATE493816T1 (en) PACKET LEVELING PRIORITIZATION IN CONNECTION NETWORKS
EP1624644A3 (en) Privileged network routing
WO2007143717A3 (en) Methods, computer readable medium and apparatus for using short addresses in a communication system
WO2007131003A3 (en) Location-specific content communication system
TW200715765A (en) Policy based routing using a fast filter processor
WO2008079278A3 (en) Methods, systems, and computer program products for source-aware ip routing at a media gateway
WO2008005180A3 (en) Method and apparatus for routing data packets in a global ip network
WO2007084884A3 (en) System and method for multihop packet forwarding
ATE446634T1 (en) PROCESSING OF PACKETS FORWARDED IN COMMUNICATION NETWORKS
WO2008085375A3 (en) Method and apparatus for multicast routing
WO2007075527A3 (en) Media stream management
WO2007109398A3 (en) Methods and apparatus for data packet transmission on a network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07821869

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 2007821869

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE