Automatic detection and mitigation of denial of service attacks
A method (600) for mitigating network abuse comprises obtaining a first set of network traffic messages (22) for network traffic currently received by a network service (30); and determining, via a first model (310), whether network abuse is occurring based on the first set of network traffic messag...
Gespeichert in:
Hauptverfasser: | , , , , , , , |
---|---|
Format: | Patent |
Sprache: | chi ; eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | A method (600) for mitigating network abuse comprises obtaining a first set of network traffic messages (22) for network traffic currently received by a network service (30); and determining, via a first model (310), whether network abuse is occurring based on the first set of network traffic messages. When network abuse is occurring, the method includes obtaining a second set of current network traffic messages. The method further includes, for each network traffic message in the second set of network traffic messages, marking the network traffic message as an abused network traffic message or a non-abused network traffic message via a second model (172). The method further includes generating at least one network traffic rule (402) via a third model (410). Each network traffic rule, when implemented, reduces the impact of abusing network traffic messages.
一种用于缓解网络滥用的方法(600)包括:获得由网络服务(30)当前接收到的网络业务的网络业务消息(22)的第一集合;以及经由第一模型(310)基于网络业务消息的第一集合来确定是否正在发生网络滥用。当正在发生网络滥用时,所述方法包括获得当前网络业务消息的第二集合。所述方法还包括对于网络业务消息的第二集合中的 |
---|