×

Detecting denial of service attacks on communication networks

  • US 10,027,694 B1
  • Filed: 03/28/2016
  • Issued: 07/17/2018
  • Est. Priority Date: 03/28/2016
  • Status: Active Grant
First Claim
Patent Images

1. A system for detecting malicious traffic on a communication network, the system comprising:

  • a data store including historical traffic data for a communication node of the communication network, wherein the historical traffic data includes statistical information regarding data packets received at the communication node during a first period of time, the statistical information including at least an average entropy value and a standard deviation of entropy;

    a computing device configured with computer-executable instructions that, when executed, cause the computing device to;

    obtain traffic information regarding a set of data packets received at the communication node over a second period of time;

    calculate an entropy value for the traffic information;

    determine that the entropy value for the traffic information differs from the average entropy value by at least a threshold number of standard deviations;

    detect that a network attack is occurring at the communication node based at least in part on the entropy value for the traffic information differing from the average entropy value by at least the threshold number of standard deviations; and

    transmit a notification indicating that a network attack has been observed at the communication node.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×