Detecting patterns in network traffic responses for mitigating DDOS attacks
US12041079B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 12, 2022 |
| Grant date | Jul 16, 2024 |
| Priority date | — |
| Expiry date | Apr 6, 2043 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/02
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A computer system and process for mitigating a Distributed Denial of Service (DDoS) attack to one or more protected computer networks by determining keywords and/or patterns in HyperText Transfer Protocol (HTTP) responses. Stored HTTP responses are analyzed to extract one or more HTTP characteristics for each stored HTTP response. One or more patterns having one or more keywords in each stored HTTP response is determined utilizing the extracted one or more HTTP characteristics for each stored HTTP response. A hash value is determined for each determined pattern, which is preferably stored in a hash structure accompanied by its respective determined HTTP characteristics. Each hash value accompanied by its respective determined HTTP characteristics is stored as a mitigation filter candidate if the hash value contains a determined pattern consisting of at least a predetermined percentage of all determined patterns stored in the hash structure. A determination is then made as to whether if each stored filter candidate contains an acceptable pattern, whereby filter candidates having acceptable patterns are removed from being a mitigation filter candidate. A regular expression is then ge…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.