Architecture to thwart denial of service attacks
First Claim
1. A method of thwarting denial of service attacks on a victim data center coupled to a network, the method comprising:
- monitoring network traffic through monitors disposed at a plurality of points in the network;
communicating data from the monitors to a central controller, over a redundant network that is a different network from the network being monitored;
analyzing the data comprising network traffic statistics to identify network traffic that is part of a denial of service attack; and
filtering the network traffic based on results of analyzing the network traffic to discard network traffic that is identified as part of the denial of service attack.
21 Assignments
0 Petitions
Accused Products
Abstract
A system architecture for thwarting denial of service attacks on a victim data center is described. The system includes a first plurality of monitors that monitor network traffic flow through the network. The first plurality of monitors is disposed at a second plurality of points in the network. The system includes a central controller that receives data from the plurality of monitors, over a hardened, redundant network. The central controller analyzes network traffic statistics to identify malicious network traffic. In some embodiments of the system, a gateway device is disposed to pass network packets between the network and the victim site. The gateway is disposed to protect the victim site, and is coupled to the control center by the redundant hardened network.
-
Citations
35 Claims
-
1. A method of thwarting denial of service attacks on a victim data center coupled to a network, the method comprising:
-
monitoring network traffic through monitors disposed at a plurality of points in the network; communicating data from the monitors to a central controller, over a redundant network that is a different network from the network being monitored; analyzing the data comprising network traffic statistics to identify network traffic that is part of a denial of service attack; and filtering the network traffic based on results of analyzing the network traffic to discard network traffic that is identified as part of the denial of service attack. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A distributed system to thwarting denial of service attacks comprises:
a plurality of monitors dispersed throughout a network, the monitors collecting statistical data for performance of intelligent traffic analysis and filtering to identify malicious traffic and to eliminate the malicious traffic to thwart the denial of service attack. - View Dependent Claims (12, 13)
-
14. A system for thwarting denial of service attacks on a victim data center coupled to a network comprises:
-
a first plurality of monitors that monitor network traffic flow through the network, the first plurality of monitors disposed at a second plurality of points in the network; and a central controller that receives data from the plurality of monitors, over a different redundant network, the central controller analyzing network traffic statistics to identify malicious network traffic and to coordinate the first plurality of monitors to filter the network traffic based on results of analyzing the network traffic to discard network traffic that is identified as malicious traffic. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A distributed system to thwart denial of service attacks comprises:
a plurality of gateways dispersed throughout a network, near data centers that might be sources of an attack, the gateways collecting statistical data for performance of intelligent traffic analysis and filtering, identify malicious traffic at the source of an attack, to eliminate the malicious traffic and thwart the denial of service attack. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35)
Specification