Client-side active validation for mitigating DDOS attacks
US9473530B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 3, 2013 |
| Grant date | Oct 18, 2016 |
| Priority date | — |
| Expiry date | Feb 20, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/144
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Methods and systems for mitigating denial-of-service attacks include a proxy server that monitors a set of application servers configured to receive and service requests from clients. The proxy server intercepts the requests, and in response, provides the clients with customized client-side scripts embedded in markup language. The client-side scripts may include random strings to generate follow-through random uniform resource identifier redirection requests expected by the proxy server. The client-side scripts, upon execution, may challenge the clients by demanding user interaction within a specified period of time, requesting a delay before responding, and/or attempting to set a challenge cookie multiple times. If a client provides the demanded user interaction within the specified time, honors the delay, and/or sets the challenge cookie with the correct value, then the client-side scripts may generate a redirection request expected by the proxy server for that client and the proxy servers may whitelist that client for a configurable duration and forward that client's subsequent requests to the application servers without challenge.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.