×

Application rate limiting without overhead

  • US 9,071,576 B1
  • Filed: 03/12/2013
  • Issued: 06/30/2015
  • Est. Priority Date: 03/12/2013
  • Status: Active Grant
First Claim
Patent Images

1. A system for managing application service requests, comprising:

  • a memory;

    a first processor;

    a second processor;

    an operating system that receives a total number of service requests within a predefined time interval, wherein the total number of service requests comprises a plurality of Internet protocol addresses, copies the total number of service requests from a network capturing tool to the memory, and derives a subset of service requests from the total number of service requests by purging service requests among the total number of service requests that comprise a black listed Internet protocol address;

    a domain name service server application stored in the memory that, when executed by the first processor,receives the subset of service requests from the operating system, andprocesses the subset of service requests; and

    a service request monitor application stored in the memory of the system that, when executed by the second processor,reads the total number of service requests from the memory,counts the total number of service requests,determines a rate of the total number of service requests associated with the plurality of Internet protocol addresses based on the counts,determines when the rate of the total number of service requests associated with the plurality of Internet protocol addresses exceeds a first threshold, wherein a rate of at least 5,000 is the first threshold for the total number of service requests associated with the plurality of Internet protocol addresses over a five minute interval,responsive to the rate of the total number of service requests associated with the plurality of Internet protocol addresses exceeding the first threshold, analyzes a rate of service requests associated with each Internet protocol address of the plurality of Internet protocol addresses,determines when the rate of service requests associated with an Internet protocol address of the plurality of Internet protocol addresses exceeds a second threshold, andsends a message to the operating system to black list the Internet protocol address responsive to the rate of service requests associated with the Internet protocol address exceeding the second threshold,whereby the service request monitor application limits the rate of service requests associated with a single Internet protocol address.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×