Hardware acceleration device for denial-of-service attack identification and mitigation
US11838319B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 2, 2022 |
| Grant date | Dec 5, 2023 |
| Priority date | — |
| Expiry date | May 2, 2042 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L69/329
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems and methods for providing an integrated or Smart NIC-based hardware accelerator for a network security device to facilitate identification and mitigation of DoS attacks is provided. According to one embodiment, a processor of a network security device receives an application layer protocol request from a client, directed to a domain hosted by various servers and protected by the network security device. The application layer protocol request is parsed to extract a domain name and a path string. The hardware acceleration sub-system updates rate-based counters based on the application layer protocol request by performing a longest prefix match on the domain name and the path string. When a rate threshold associated with the rate-based counters is exceeded, a challenge message is created and transmitted to the client, having embedded therein the application layer protocol request; otherwise the application layer protocol request is allowed to pass through the network security device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.