System and method for mitigating distributed denial of service attacks

System and method for mitigating distributed denial of service attacks

A method and associated system for mitigating a Distributed Denial of Service (DDoS) attack on a target device including, receiving a plurality of data packets at a mitigation device, counting a number of occurrences of each destination address signature within each of a plurality of consecutive dat...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Cognet, Yves, O'Connell, Anne Gerardine
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method and associated system for mitigating a Distributed Denial of Service (DDoS) attack on a target device including, receiving a plurality of data packets at a mitigation device, counting a number of occurrences of each destination address signature within each of a plurality of consecutive data packet windows, classifying each data packet window of the plurality of consecutive data packet windows as a potential attack window if the number of occurrences of any one destination address signature within the data packet window exceeds a destination address signature threshold value. The method further includes, determining a total number of potential attack windows within a sliding time window and limiting the transmission of the plurality of data packets from the mitigation device if a total number of potential attack windows within the sliding time window exceeds a potential attack window threshold value.