Identifying sources of network attacks

Assignee

• AMAZON TECHNOLOGIES, INC. · US

Inventors

• Anton Stephen Radlein · Seattle, US
• Harvo Reyzell Jones · Gig Harbor, US
• Nathan Dye · San Antonio, US
• Craig Wesley Howard · Seattle, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L61/4511
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods are described to enable identification of computing devices associated with network attacks, such as denial of service attacks. Data packets used to execute a network attack often include forged source address information, such that the address of an attacker is difficult or impossible to determine based on those data packets. However, attackers generally provide legitimate address information when resolving an identifier, such as a universal resource identifier (URI), of an attack target into corresponding destination addresses. The application enables individual client computing devices to be provided with different combinations of destination addresses, such that when an attack is detected on a given combination of destination address, the client computing device to which that combination of destination addresses was provided can be identified as a source of the attack.