Determining blocking measures for processing communication traffic anomalies
First Claim
Patent Images
1. A method for processing communication traffic, said method comprising:
- detecting an anomaly in communication traffic within a communication network;
in response to a detection of an anomaly occurred in said communication traffic, applying a blocking measure A, a blocking measure A &
B, and a blocking measure A &
!B to said communication traffic for stopping said anomaly;
determining whether or not said anomaly reoccurs after said blocking measure A &
B has been temporarily removed;
in response to a determination that said anomaly does not reoccur, canceling said block measure A &
B from being applied to said communication traffic and enforcing said blocking measure A &
!B on said communication traffic;
in response to a determination that said anomaly reoccurs, reimposing said blocking measure A &
B on said communication traffic and temporarily removing said blocking measure A &
!B from said communication traffic;
determining whether or not said anomaly reoccurs after said blocking measure A &
!B had been temporarily removed;
in response to a determination that said anomaly does not reoccur, canceling said block measure A &
!B from being applied to said communication traffic and enforcing said blocking measure A &
B on said communication traffic; and
in response to a determination that said anomaly reoccurs, reimposing said block measure A on said communication traffic.
1 Assignment
0 Petitions
Accused Products
Abstract
Communication traffic is processed by detecting an anomaly in the communication traffic. A first blocking measure A is applied to the anomalous traffic that stops the anomalous traffic. A second blocking measure is determined such that application of a logical combination of the first blocking measure A and the second blocking measure to the anomalous traffic stops the anomalous traffic.
33 Citations
4 Claims
-
1. A method for processing communication traffic, said method comprising:
-
detecting an anomaly in communication traffic within a communication network; in response to a detection of an anomaly occurred in said communication traffic, applying a blocking measure A, a blocking measure A &
B, and a blocking measure A &
!B to said communication traffic for stopping said anomaly;determining whether or not said anomaly reoccurs after said blocking measure A &
B has been temporarily removed;in response to a determination that said anomaly does not reoccur, canceling said block measure A &
B from being applied to said communication traffic and enforcing said blocking measure A &
!B on said communication traffic;in response to a determination that said anomaly reoccurs, reimposing said blocking measure A &
B on said communication traffic and temporarily removing said blocking measure A &
!B from said communication traffic;determining whether or not said anomaly reoccurs after said blocking measure A &
!B had been temporarily removed;in response to a determination that said anomaly does not reoccur, canceling said block measure A &
!B from being applied to said communication traffic and enforcing said blocking measure A &
B on said communication traffic; andin response to a determination that said anomaly reoccurs, reimposing said block measure A on said communication traffic. - View Dependent Claims (2, 3, 4)
-
Specification