DETECTING ATTACKS ON DATA CENTERS
First Claim
Patent Images
1. A method for detecting attacks on a data center, comprising:
- sampling a packet stream by coordinating at multiple levels of data center architecture, based on specified parameters;
processing the sampled packet stream to identify one or more data center attacks; and
generating one or more attack notifications for the identified data center attacks.
3 Assignments
0 Petitions
Accused Products
Abstract
The claimed subject matter includes a system and method for detecting attacks on a data center. The method includes sampling a packet stream by coordinating at multiple levels of data center architecture, based on specified parameters. The method also includes processing the sampled packet stream to identify one or more data center attacks. Further, the method includes generating attack notifications for the identified data center attacks.
240 Citations
20 Claims
-
1. A method for detecting attacks on a data center, comprising:
-
sampling a packet stream by coordinating at multiple levels of data center architecture, based on specified parameters; processing the sampled packet stream to identify one or more data center attacks; and generating one or more attack notifications for the identified data center attacks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for detecting attacks on a data center of a cloud service, comprising:
a distributed architecture comprising a plurality of computing units, each of the computing units comprising; a processing unit; and a system memory, the computing units comprising an attack detection engine executed by one of the processing units, the attack detection engine comprising; a sampler to sample a packet stream in coordination at multiple levels of a data center architecture, based on a plurality of specified time granularities; and a controller configured to; determine, based on the packet stream, granular traffic volumes for the specified time granularities; identify a plurality of data center attacks occurring across one or more of the specified time granularities based on the sampling; and generate a plurality of attack notifications for the data center attacks. - View Dependent Claims (16, 17)
-
18. One or more computer-readable storage memory devices for storing computer-readable instructions, the computer-readable instructions when executed by one or more processing devices, the computer-readable instructions comprising code configured to:
-
determine, based on a packet stream for the data center, granular traffic volumes for a plurality of specified time granularities; sample the packet stream using coordination at multiple levels of data center architecture, based on the specified time granularities; identify a plurality of data center attacks occurring across one or more of the specified time granularities based on the sampling; and generate a plurality of attack notifications for the data center attacks. - View Dependent Claims (19, 20)
-
Specification