System and method for the detection of and reaction to denial of service attacks
First Claim
Patent Images
1. A computer implemented method for detecting denial of service attacks, comprising the steps of:
- issuing a bit encoded login challenge composed of human viewable images not composed of machine readable text in response to a login request to said computer from a requester of services; and
responsive to an incorrect response to said challenge, said computer placing said requester in a state of limited service.
2 Assignments
0 Petitions
Accused Products
Abstract
Challenge-response and probative methods together or independent of each other enable detection of devices participating in denial of service (DOS) and distributed DOS (DDOS) attacks upon a network resource, and upon identification of devices participating in attacks, minimize the effect of the attack and/or minimize the ability of the device to continue its attack by placing the attacking devices in a state of reduced or denied service.
-
Citations
28 Claims
-
1. A computer implemented method for detecting denial of service attacks, comprising the steps of:
-
issuing a bit encoded login challenge composed of human viewable images not composed of machine readable text in response to a login request to said computer from a requester of services; and responsive to an incorrect response to said challenge, said computer placing said requester in a state of limited service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer implemented method for detecting denial of service attacks, comprising the steps of:
-
executing a bit-encoded challenge and response login procedure and a network probing test frame transmission and analysis procedure to detect a hacker denial of service attack, said bit-encoded challenge comprising human viewable images not composed of machine readable text; said network probing test frame transmission and analysis procedure including defining a signature of discrete speed, streaming speed, and latency of the connecting device failing said bit-encoded challenge-response login procedure, and adding said signature to a router based filter for filtering out login requests from said hacker responsive to said signature; and responsive to detecting said denial of service attack, placing said hacker in a lower level of service state.
-
-
12. A computer implemented method for detecting denial of service attacks, comprising the steps of:
-
selecting sending and receiving probative test packets through a network; responsive to said packets, determining network evaluation parameters for said network; responsive to said network evaluation parameters, determining presence of network denial of service attacks, said network evaluation parameters including response time and throughput characteristics of said network, said throughput characteristics including capacity, utilization, and performance; and executing a bit-encoded challenge and response procedure to discourage and repel said attacks, said bit-encoded challenge comprising human viewable images not composed of machine readable text. - View Dependent Claims (13, 14)
-
-
15. A computer implemented probative test and analysis method for detecting and responding to denial of service attacks on a network resource, comprising the steps of:
-
creating a template of attack patterns; determining historical, current, and predicted states of said network for each of a plurality of types of network traffic; responsive to said attack patterns, determining if a spike in network traffic is a distributed denial of service attack and, if so, determining its source; and denying full service to sources associated with said service attack. - View Dependent Claims (16)
-
-
17. A computer program product for detecting denial of service attacks, comprising:
-
a computer readable medium; first program instructions to issue a bit encoded login challenge comprising human viewable images not composed of machine readable text in response to a login request from a requester of services; second program instructions, responsive to an incorrect response to said challenge, to place said requester in a state of limited service; and
whereinsaid first and second program instructions are recorded on said computer readable medium. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A computer program product for detecting denial of service attacks, comprising:
-
a computer readable medium; first program instructions for executing a network probing test frame transmission and analysis procedure including requiring response of a user to presentation of human viewable images not composed of machine readable text to detect a hacker denial of service attack; second program instructions, responsive to detecting a denial of service attack, for placing said hacker in a state of lower level of service; and
whereinsaid first and second program instructions are recorded on said computer readable medium.
-
-
28. A computer program product for detecting denial of service attacks, comprising:
-
a computer readable medium first program instructions to selectively send and receive probative test packets through a network; second program instructions, responsive to said packets, to determine network evaluation parameters for said network; third program instructions, responsive to said network evaluation parameters, to determine presence of network denial of service attacks, said network evaluation parameters including response time and throughput characteristics of said network, said throughput characteristics including capacity, utilization, and performance; fourth program instructions to execute a bit-encoded challenge and response procedure to discourage and repel said attacks, said bit-encoded challenge comprising human viewable images not composed of machine readable text; and
whereinsaid first, second, third, and fourth program instructions are recorded on said computer readable medium.
-
Specification