Distributed denial of service cellular signaling
First Claim
1. A method for providing a mobile signaling channel during a Distributed Denial of Service (DDoS) attack on a network machine or a network resource, the method comprising:
- determining, by a processor, whether a capacity of a primary signaling channel associated with a DDoS device protecting upstream data communications in a communication network serving the network machine or the network resource is below a predetermined threshold capacity, wherein the predetermined threshold capacity is measured in data packets per unit of time or throughput;
based on a determination that the capacity of the primary signaling channel associated with the DDoS device is below the predetermined threshold capacity, determining, by the processor, that the DDoS device is unavailable to signal, via the primary signaling channel, that a DDoS attack directed to the network machine or the network resource is in progress;
based on unavailability of the DDoS device to signal the DDoS attack via the primary signaling channel, activating, by the processor, a secondary signaling channel for the DDoS device, the secondary signaling channel being a mobile signaling channel provided using a mobile device communicatively coupled to the DDoS device;
sending, by the mobile device, notification of the DDoS attack to a Threat Protection System (TPS) via the secondary signaling channel; and
in response to the sending of the notification, triggering, by the Threat Protection System, at least one DDoS protective measure, wherein the at least one DDoS protective measure includes at least one of passing data packets addressed to one of an attacked network machine and an attacked network resource through traffic filters, dropping a malicious data packet, resetting a connection, blocking a data packet received from an offending Internet Protocol address, and unfragmenting data packet streams.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are methods and systems for providing a mobile signaling channel during a distributed denial of service (DDoS) attack. An example method for providing a mobile signaling channel during a DDoS attack may include communicatively coupling a mobile device to a DDoS device protecting upstream data communications during the DDoS attack. The mobile device may be operable to signal the DDoS attack via the mobile signaling channel. Furthermore, the method may include determining that a capacity of a primary signaling channel associated with the DDoS device is below a predetermined threshold capacity. The method may further include activating signaling of the DDoS attack by the mobile device via the mobile signaling channel. The activation may be performed based on the determination that the capacity of the primary signaling channel associated with the DDoS device is below the predetermined threshold capacity.
200 Citations
16 Claims
-
1. A method for providing a mobile signaling channel during a Distributed Denial of Service (DDoS) attack on a network machine or a network resource, the method comprising:
-
determining, by a processor, whether a capacity of a primary signaling channel associated with a DDoS device protecting upstream data communications in a communication network serving the network machine or the network resource is below a predetermined threshold capacity, wherein the predetermined threshold capacity is measured in data packets per unit of time or throughput; based on a determination that the capacity of the primary signaling channel associated with the DDoS device is below the predetermined threshold capacity, determining, by the processor, that the DDoS device is unavailable to signal, via the primary signaling channel, that a DDoS attack directed to the network machine or the network resource is in progress; based on unavailability of the DDoS device to signal the DDoS attack via the primary signaling channel, activating, by the processor, a secondary signaling channel for the DDoS device, the secondary signaling channel being a mobile signaling channel provided using a mobile device communicatively coupled to the DDoS device; sending, by the mobile device, notification of the DDoS attack to a Threat Protection System (TPS) via the secondary signaling channel; and in response to the sending of the notification, triggering, by the Threat Protection System, at least one DDoS protective measure, wherein the at least one DDoS protective measure includes at least one of passing data packets addressed to one of an attacked network machine and an attacked network resource through traffic filters, dropping a malicious data packet, resetting a connection, blocking a data packet received from an offending Internet Protocol address, and unfragmenting data packet streams. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for providing a mobile signaling channel during a Distributed Denial of Service (DDoS) attack on a network machine or a network resource, the system comprising:
-
a hardware processor; and a memory communicatively coupled to the processor;
the memory storing instructions executable by the processor to;determine whether a capacity of a primary signaling channel associated with a DDoS device protecting upstream data communications in a communication network serving the network machine or the network resource is below a predetermined threshold capacity, wherein the predetermined threshold capacity is measured in data packets per unit of time or throughput; based on a determination that the capacity of the primary signaling channel associated with the DDoS device is below the predetermined threshold capacity, determining that the DDoS device is unavailable to signal, via the primary signaling channel, that a DDoS attack directed to the network machine or the network resource is in progress; based on unavailability of the DDoS device to signal the DDoS attack via the primary signaling channel, activate a secondary signaling channel for the DDoS device, the secondary signaling channel being a mobile signaling channel provided using a mobile device communicatively coupled to the DDoS device; send notification of the DDoS attack to a Threat Protection System (TPS) via the secondary signaling channel; and in response to the sending of the notification, trigger, by the Threat Protection System, at least one DDoS protective measure, wherein the at least one DDoS protective measure includes at least one of passing data packets addressed to one of an attacked network machine and an attacked network resource through traffic filters, dropping a malicious data packet, resetting a connection, blocking a data packet received from an offending Internet Protocol address, and unfragmenting data packet streams. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory processor-readable medium having embodied thereon a program being executable by at least one processor to perform a method for providing a mobile signaling channel during a Distributed Denial of Service (DDoS) attack on a network machine or a network resource, the method comprising:
-
determining, by a processor, whether a capacity of a primary signaling channel associated with a DDoS device protecting upstream data communications in a communication network serving the network machine or the network resource is below a predetermined threshold capacity, wherein the predetermined threshold capacity is measured in data packets per unit of time or throughput; based on a determination that the capacity of the primary signaling channel associated with the DDoS device is below the predetermined threshold capacity, determining, by the processor, that the DDoS device is unavailable to signal, via the primary signaling channel, that a DDoS attack directed to the network machine or the network resource is in progress based on unavailability of the DDoS device to signal the DDoS attack via the primary signaling channel, activating, by the processor, a secondary signaling channel for the DDoS device, the secondary signaling channel being a mobile signaling channel provided using a mobile device communicatively coupled to the DDoS device; sending, by the mobile device, notification of the DDoS attack to a threat protection system via the secondary signaling channel; and in response to the sending of the notification, triggering, by the Threat Protection System, at least one DDoS protective measure, wherein the at least one DDoS protective measure includes at least one of passing data packets addressed to one of an attacked network machine and an attacked network resource through traffic filters, dropping a malicious data packet, resetting a connection, blocking a data packet received from an offending Internet Protocol address, and unfragmenting data packet streams.
-
Specification