Device to protect victim sites during denial of service attacks
First Claim
1. A gateway device disposed between a data center and a network for thwarting denial of service attacks on the data center, the gateway device comprises:
- a computing device comprising;
a monitoring process that monitors network traffic through the gateway;
a communication process that can communicate statistics collected in the gateway from the monitoring process with a control center and that can receive queries or instructions from the control center; and
a filtering process to allow filters to be inserted to filter out packets that the gateway deems to be part of an attack.
21 Assignments
0 Petitions
Accused Products
Abstract
A system architecture for thwarting denial of service attacks on a victim data center is described. The system includes a first plurality of monitors that monitor network traffic flow through the network. The first plurality of monitors is disposed at a second plurality of points in the network. The system includes a central controller that receives data from the plurality of monitors, over a hardened, redundant network. The central controller analyzes network traffic statistics to identify malicious network traffic. In some embodiments of the system, a gateway device is disposed to pass network packets between the network and the victim site. The gateway is disposed to protect the victim site, and is coupled to the control center by the redundant hardened network.
97 Citations
39 Claims
-
1. A gateway device disposed between a data center and a network for thwarting denial of service attacks on the data center, the gateway device comprises:
a computing device comprising;
a monitoring process that monitors network traffic through the gateway;
a communication process that can communicate statistics collected in the gateway from the monitoring process with a control center and that can receive queries or instructions from the control center; and
a filtering process to allow filters to be inserted to filter out packets that the gateway deems to be part of an attack. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
16. A method of protecting a victim site during a denial of service attack, comprises:
-
disposing a gateway device between the victim site and a network;
monitoring network traffic through the gateway and measuring heuristics of the network traffic;
communicating statistics collected in the gateway to a control center; and
filtering out packets that the gateway or control center deems to be part of an attack.
-
-
29. A computer program product residing on a computer readable medium for protecting a victim site during a denial of service attack, comprises instructions for causing a computer device coupled at an entry to the site to:
-
monitor network traffic sent to the victim site and measuring heuristics of the network traffic;
communicate statistics collected in the computer device to a control center; and
filter out packets that the device or control center deems to be part of an attack.
-
Specification