Coordinated detection and differentiation of denial of service attacks

According to one embodiment, an analyzer module (AM) within a same protected network and on-premise with a web application server (WAS) detects and distinguishes between types of Denial-of-Service (DoS) attacks. The AM tracks whether test HTTP messages, which include test HTTP request messages that...

Full description

Saved in:
Bibliographic Details
Main Authors Shulman Amichai, Be'Ery Tal Arieh
Format Patent
LanguageEnglish
Published 01.11.2016
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:According to one embodiment, an analyzer module (AM) within a same protected network and on-premise with a web application server (WAS) detects and distinguishes between types of Denial-of-Service (DoS) attacks. The AM tracks whether test HTTP messages, which include test HTTP request messages that a signal generation module (SGM) is configured to transmit to the WAS and test HTTP response messages that the WAS is expected to transmit in response to the test HTTP request messages, are timely received. The AM is aware of a timeliness that the SGM is expected to transmit the test HTTP request messages and that the WAS is expected to transmit the test response HTTP messages. The AM detects an occurrence of a DoS attack and identifies the type of the DoS attack based upon the result of the tracking indicating that a number of the test HTTP messages have not been timely received.
Bibliography:Application Number: US201514832893