Identifying a potential DDOS attack using statistical analysis
US10511625B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 16, 2018 |
| Grant date | Dec 17, 2019 |
| Priority date | — |
| Expiry date | Nov 16, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1425
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Embodiments can identify requests that may be tied to a DDOS attack. For example, the primary identifiers (e.g., a source address) of requests for a network resource (e.g., an entire website or a particular element of the website) can be tracked. In one embodiment, a statistical analysis of how often a particular source address (or other primary identifier) normally makes a request can be used to identify source addresses that make substantially more requests. A normal amount can correspond to an average number of request that a source address makes. According to some embodiments, a system can use statistical analysis methods on various request data in web server logs to identify potential attacks and send data concerned potential attacks to an HBA system for further analysis.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.