Source throttling using CPU stamping
First Claim
1. A computer-readable media having computer-executable components for managing web requests being received by a server from a client, said web requests each including header data including message identification (message ID) data identifying unique message data included in the web request and client identification (client ID) data identifying a particular client sending the web request, said components comprising:
- a sending component for sending a reply message to the client for each received, web request having different message ID data, said reply message including transformation data and instructions to compute stamp data as a function of the transformation data;
a generating component for generating verification data as a function of the stamp data included in an additional web request received from the client;
a comparing component for comparing the generated verification data to the stamp data included in the additional web request received from the client; and
a processing component for processing the additional web request if the stamp data of the additional web request corresponds to the generated verification data.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for managing one or more web requests provided to a web application from a client computer. An application is responsive to a web request to generate verification data. The application sends a reply to the client to calculate a stamp as a function of the generated verification data. The application is responsive to an additional request from the client including the calculated stamp to determine if it corresponds to the generated verification data. If the calculated stamp corresponds to the generated verification data, the additional web request is submitted to the web application for processing. A Web server subject to a DOS attack will be able to distinguish between genuine users(who generate stamps) and malicious users(who will not generate stamps) and over a period of time be able to restore service to the former and deny to the latter.
37 Citations
20 Claims
-
1. A computer-readable media having computer-executable components for managing web requests being received by a server from a client, said web requests each including header data including message identification (message ID) data identifying unique message data included in the web request and client identification (client ID) data identifying a particular client sending the web request, said components comprising:
-
a sending component for sending a reply message to the client for each received, web request having different message ID data, said reply message including transformation data and instructions to compute stamp data as a function of the transformation data;
a generating component for generating verification data as a function of the stamp data included in an additional web request received from the client;
a comparing component for comparing the generated verification data to the stamp data included in the additional web request received from the client; and
a processing component for processing the additional web request if the stamp data of the additional web request corresponds to the generated verification data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for throttling a client sending a plurality of content requests to a server, said content request including message data specifying content for retrieval:
-
receiving, at the server, one of a plurality of content request from the client;
transmitting to a client a response message with instructions to compute a stamp as a function of transformation data for each client;
receiving, at the server, an additional content request having a computed stamp from the client; and
generating verification data as a function of header data included in the received additional content request and assigning processing priority to received additional messages from the client which have a computed stamp corresponding to the generated verification data. - View Dependent Claims (13, 14, 15)
-
-
16. A method for throttling a client sending a distribution request with a plurality of addresses to a server, said distribution request including a message for delivery:
-
receiving, at the server, the distribution request from the client;
determining if the distribution request includes a stamp for each address;
generating verification data as a function of header data included in the received distribution request when the determining indicates that the distribution request includes a stamp; and
assigning processing priority to the distribution request received from the client which has a stamp corresponding to the generated verification data. - View Dependent Claims (17, 18, 19, 20)
-
Specification