Detecting and preventing undesirable network traffic from being sourced out of a network domain

Assignee

• ARBOR NETWORKS, INC. · US

Inventors

• David Wetherall · Burlingame, US
• Stefan Savage · Carlsbad, US
• Thomas E. Anderson · Normal, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L43/16
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

The present invention provides for a novel approach to protecting a system owner's system(s) from being exploited and providing involuntary assistance to a DOS attack. The present invention provides the protection by detecting and preventing undesirable or inappropriate network traffic from being sourced from a network domain. More specifically, a monitor/regulator is provided to monitor network traffic leaving a network domain. The monitor/regulator determines if undesirable/inappropriate network traffics are leaving the network domain based on the observed characteristics of the outbound and inbound network traffics. If it is determined that undesirable/inappropriate network traffics are leaving the network domain, the monitors/regulator, in one embodiment, at least warns system owners of the detection. In another embodiment, the monitors/regulator further issues regulation instruction(s) to boundary routing device(s) of the network domain(s), thereby preventing the network domain(s) from being exploited to source such undesirable/inappropriate network traffics.