Variable dynamic throttling of network traffic for intrusion prevention

Assignee

• International Business Machines Corporation · US

Inventors

• David A. Christenson · Chesterfield, US
• James R. Coon · Rochester, US
• Christopher Thomas Gloe · Rochester, US
• Daniel P. Kolz · Rochester, US
• Scott D. McCreadie · Rochester, US
• Timothy R. Seeger · Rochester, US
• Kyong Jin Shim · Rochester, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L47/28
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Methods, apparatus, and computer program products for variable dynamic throttling of network traffic for intrusion prevention are disclosed that include initializing, as throttling parameters, a predefined time interval, a packet count, a packet count threshold, a throttle rate, a keepers count, and a discards count; starting a timer, the timer remaining on no longer than the predefined time interval; maintaining, while the timer is on, statistics including the packet count, the keepers count, and the discards count; for each data communications packet received by the network host, determining, in dependence upon the statistics and the throttle rate, whether to discard the packet and determining whether the packet count exceeds the packet count threshold; and if the packet count exceeds the packet count threshold: resetting the statistics, incrementing the throttle rate, and restarting the timer.