US Patent No. 9,282,115

SYSTEMS AND METHODS FOR DETECTING CACHE-POISONING ATTACKS IN NETWORKS USING SERVICE DISCOVERY PROTOCOLS


Patent No. 9,282,115
Issue Date March 08, 2016
Title Systems And Methods For Detecting Cache-poisoning Attacks In Networks Using Service Discovery Protocols
Inventorship Anil Kaushik, Bangalore (IN)
Vineet Verma, San Jose, CA (US)
Stephen Grau, Pleasanton, CA (US)
Sreenivas Voruganti, Bangalore (IN)
Abhishek Kumar, Bangalore (IN)
Assignee Juniper Networks, Inc., Sunnyvale, CA (US)

Claim of US Patent No. 9,282,115

16. A system for detecting cache-poisoning attacks in networks using SDPs, the system comprising:
a maintenance module, stored in memory, that maintains a cache of service information that identifies one or more services
provided by one or more client devices connected to a network using an SDP;

a detection module, stored in memory, that detects at least one cache-poisoning attack directed at the cache of service information
by:

receiving, from a client device connected to the network, at least one SDP message related to at least one service allegedly
provided via the network;

identifying, within the SDP message, at least one attribute of a type of the service allegedly provided via the network;
determining that the client device is attempting to corrupt the cache of service information by:
comparing the type of the service identified within the SDP message with the cache of service information;
determining, based at least in part on the comparison, that a client device allegedly providing the service is unable to provide
the type of service identified within the SDP message;

a security module, stored in memory, that performs at least one security action to mitigate the cache-poisoning attack, in
response to detecting the cache-poisoning attack;

at least one processor that executes the maintenance module, the detection module, and the security module.