SYSTEM AND METHOD OF TRAFFIC FILTERING UPON DETECTION OF A DDOS ATTACK
First Claim
1. A method for filtering network traffic to protect a server from a distributed denial-of-service (DDoS) attack, wherein the method comprises:
- responsive to detecting a computing device is subject to a DDoS attack, intercepting data from a network node to the computing device;
determining one or more data transmission parameters based on the intercepted data;
assigning a danger rating to the network node;
changing the danger rating of the network node based on application of a filter and on the data transmission parameters; and
responsive to determining that the danger rating of the network node exceeds a threshold value, limiting a transmittal of data from the network node to the computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are a system, a method, and computer readable storage medium having instructions for filtering network traffic to protect a server from a distributed denial-of-service (DDoS) attack. The described technique includes intercepting data from a network node to the computing device responsive to detecting a computing device is subject to a DDoS attack. The technique further includes determining one or more data transmission parameters based on the intercepted data, assigning a danger rating to the network node, and changing the danger rating of the network node based on application of a filter and on the data transmission parameters. The described technique limits a transmittal of data from the network node to the computing device if the resultant danger rating of the network node exceeds a threshold value.
14 Citations
21 Claims
-
1. A method for filtering network traffic to protect a server from a distributed denial-of-service (DDoS) attack, wherein the method comprises:
-
responsive to detecting a computing device is subject to a DDoS attack, intercepting data from a network node to the computing device; determining one or more data transmission parameters based on the intercepted data; assigning a danger rating to the network node; changing the danger rating of the network node based on application of a filter and on the data transmission parameters; and responsive to determining that the danger rating of the network node exceeds a threshold value, limiting a transmittal of data from the network node to the computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for filtering network traffic to protect a server from a distributed denial-of-service (DDoS) attack, wherein the system comprises:
-
a memory device storing one or more filters; and a processor configured to; responsive to detecting a computing device is subject to a DDoS attack, intercept data from a network node to the computing device; determine one or more data transmission parameters based on the intercepted data; assign a danger rating to the network node; change the danger rating of the network node based on application of a filter and on the data transmission parameters; and responsive to determining that the danger rating of the network node exceeds a threshold value, limit a transmittal of data from the network node to the computing device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable medium comprising computer executable instructions for filtering network traffic to protect a server from a distributed denial-of-service (DDoS) attack, including instructions for:
-
responsive to detecting a computing device is subject to a DDoS attack, intercepting data from a network node to the computing device; determining one or more data transmission parameters based on the intercepted data; assigning a danger rating to the network node; changing the danger rating of the network node based on application of a filter and on the data transmission parameters; and responsive to determining that the danger rating of the network node exceeds a threshold value, limiting a transmittal of data from the network node to the computing device. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification