Patent · US Active

Method and system for detecting and mitigating HTTPS flood attacks

US11363044B2 · kind B2 · utility

0Cited by

9References

39Claims

0Family size

Assignee

Radware Ltd. · IL

Inventors

Ehud Doron · Lod, IL
Lev Medvedovsky · Netanya, IL
David Aviv · Hadera, IL
Eyal Rundstein · Nes Ziona, IL
Ronit Lubitch Greenberg · Tel Aviv-Yafo, IL
Avishay Balderman · Tel Aviv-Yafo, IL

Key dates

Filing date	Jun 26, 2019
Grant date	Jun 14, 2022
Priority date	—
Expiry date	Feb 28, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/02
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for detecting hypertext transfer protocol secure (HTTPS) flood denial-of-service (DDoS) attacks. The method estimating traffic telemetries of at least ingress traffic directed to a protected entity; providing at least one rate-base feature and at least one rate-invariant feature based on the estimated traffic telemetries, wherein the rate-base feature and the rate-invariant feature demonstrate a normal behavior of HTTPS traffic directed to the protected entity; evaluating the at least one rate-base feature and the at least one rate-invariant feature with respect to at least one baseline to determine whether the behavior of the at least HTTPS traffic indicates a potential HTTPS flood DDoS attack; and causing execution of a mitigation action when an indication of a potential HTTPS flood DDoS attack is determined.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.