Multi-tiered server architecture to mitigate malicious traffic

Assignee

• AT&T Intellectual Property I, L.P. · US

Inventors

• Anestis Karasaridis · Middletown, US
• Eric Noel · Holmdel, US
• Stephen Chou · Bound Brook, US
• Patrick Michael Velardo, Jr. · Manalapan, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L43/0817
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A processing system having at least one processor may obtain domain name system (DNS) traffic records of a DNS platform, the DNS traffic records associated with a source device having a first status and that is submitting DNS queries, where a first-tier DNS authoritative server of the DNS platform is configured to forward the DNS queries from the source device to at least a first second-tier DNS authoritative server of the DNS platform designated for the first status. The processing system may further detect anomalous DNS traffic records from the DNS traffic records, identify a change of the source device from a first status to a second status, based upon the detecting the anomalous DNS traffic records, and reconfigure the first-tier DNS authoritative server to redirect the DNS queries from the source device to at least a second second-tier DNS authoritative server designated for the second status.