DETECTION OF AND RESPONSES TO NETWORK ATTACKS
First Claim
1. A method comprising:
- monitoring, by a network diagnostic system node, a data communication dropped by a first transmission manager node servicing a target class of first virtual machine nodes;
determining, by the network diagnostic system node, that the dropped data communication is a form of attack on a network to which the first virtual machine nodes are connected; and
sending, by the network diagnostic system node, a notification message of the determined attack to a data transmission system manager node thereby causing the data transmission system manager node to generate a list of one or more internet protocol addresses associated with a source of the dropped data communication and send the list of one or more internet protocol addresses to at least one second transmission manager node for second virtual machine nodes that are not part of the target class.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for detecting and responding to attacks on a computer network. One embodiment of such a method describes monitoring dropped data communications intended for a target class of first virtual machine nodes; determining whether a dropped data communication is a form of attack on a network to which the first virtual machine nodes are connected; and sending a notification message of the determined attack to a data transmission system manager node thereby causing the data transmission system manager node to generate a list of one or more internet protocol addresses associated with a source of the dropped data communication and send the list of one or more internet protocol addresses to at least one second transmission manager node for second virtual machine nodes that are not part of the target class
21 Citations
1 Claim
-
1. A method comprising:
-
monitoring, by a network diagnostic system node, a data communication dropped by a first transmission manager node servicing a target class of first virtual machine nodes; determining, by the network diagnostic system node, that the dropped data communication is a form of attack on a network to which the first virtual machine nodes are connected; and sending, by the network diagnostic system node, a notification message of the determined attack to a data transmission system manager node thereby causing the data transmission system manager node to generate a list of one or more internet protocol addresses associated with a source of the dropped data communication and send the list of one or more internet protocol addresses to at least one second transmission manager node for second virtual machine nodes that are not part of the target class.
-
Specification
-
- Resources
-
Current AssigneeAmazon Technologies, Inc. (Amazon.com, Inc.)
-
Original AssigneeAmazon Technologies, Inc. (Amazon.com, Inc.)
-
InventorsRubin, Gregory A.
-
Application NumberUS15/013,452Publication NumberTime in Patent OfficeDaysField of SearchUS Class CurrentCPC Class CodesG06F 21/554 involving event detection a...G06F 21/606 by securing the transmissio...H04L 63/1408 by monitoring network traff...H04L 63/1416 Event detection, e.g. attac...H04L 63/1441 Countermeasures against mal...H04L 63/20 for managing network securi...
