Short Term Certificate Management During Distributed Denial of ServiceAttacks
First Claim
Patent Images
1. A method comprising:
- identifying, by a processor, a distributed denial of service attack on a network;
executing, by the processor, a script to request a short term certificate in response to the distributed denial of service attack;
receiving the short term certificate generated by a certificate server; and
generating, by the processor, an instruction to redirect traffic using the short term certificate and associated private key,wherein malicious traffic involved in the distributed denial of service attack is filtered by a protection service in response to the short term certificate.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a distributed denial of service attack on a network is identified. In response to the distributed denial of service attack, a script to request a short term certificate is executed. The short term certificate is generated by a certificate server and received either directly or indirectly from the certificate server. An instruction to redirect traffic using the short term certificate and private key is sent to a distributed denial of service attack protection service that is operable to filter or otherwise mitigate malicious traffic involved in the distributed denial of service attack.
20 Citations
20 Claims
-
1. A method comprising:
-
identifying, by a processor, a distributed denial of service attack on a network; executing, by the processor, a script to request a short term certificate in response to the distributed denial of service attack; receiving the short term certificate generated by a certificate server; and generating, by the processor, an instruction to redirect traffic using the short term certificate and associated private key, wherein malicious traffic involved in the distributed denial of service attack is filtered by a protection service in response to the short term certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method comprising:
-
receiving a protection message indicative of a distributed denial of service attack on a network; receiving a short term certificate and private key for a protected device coupled with the network, wherein the short term certificate is generated in response to the distributed denial of service attack; intercepting, by a processor, traffic for the network using the short term certificate; and filtering, by the processor, malicious traffic involved in the distributed denial of service attack in response to the short term certificate. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. An apparatus comprising:
-
a processor; and a memory comprising one or more instructions executable by the processor to perform; identify a distributed denial of service attack on a network; execute the processor, a script to request a short term certificate in response to the distributed denial of service attack; receive the short term certificate generated by a certificate server; and generate an instruction to a protection service to service traffic using the short term certificate and private key, wherein malicious traffic involved in the distributed denial of service attack is filtered by the protection service in response to the short term certificate. - View Dependent Claims (19)
-
-
20. An apparatus comprising:
-
a communication interface configured to receive a short term certificate for a public key and private key for a protected device coupled with the network, wherein the short term certificate and private key is generated in response to the distributed denial of service attack; a DDoS protection controller configured to identify traffic for the network using the short term certificate and private key, and filter malicious traffic involved in the distributed denial of service attack in response to the short term certificate.
-
Specification