Identifying a denial-of-service attack in a cloud-based proxy service

Assignee

• CLOUDFLARE, INC. · US

Inventors

• Lee Hahn Holloway · Santa Cruz, US
• Srikanth N. Rao · San Francisco, US
• Matthew Browning Prince · San Francisco, US
• Matthieu Philippe François Tourne · San Francisco, US
• Ian Gerald Pye · San Francisco, US
• Ray Raymond Bejjani · San Francisco, US
• Terry Paul Rodery, Jr. · Millbrae, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A cloud-based proxy service identifies a denial-of-service (DoS) attack including determining that there is a potential DoS attack being directed to an IP address of the cloud-based proxy service; and responsive to determining that there are a plurality of domains that resolve to that IP address, identifying the one of the plurality of domains that is the target of the DoS attack. The domain that is under attack is identified by scattering the plurality of domains to resolve to different IP addresses, where a result of the scattering is that each of those domains resolves to a different IP address, and identifying one of those plurality of domains as the target of the DoS attack by determining that there is an abnormally high amount of traffic being directed to the IP address in which that domain resolves.