METHODS AND SYSTEMS FOR DETECTING AND MITIGATING A HIGH-RATE DISTRIBUTED DENIAL OF SERVICE (DDoS) ATTACK

摘要

Methods and systems for detecting and mitigating high-rate Distributed Denial of Service (DDoS) attacks are herein described. The present invention contemplates a variety of improved techniques for using a flow-based statistical collection mechanism to monitor and detect deviations in server usage data. The method further includes combining multiple anomaly algorithms in a unique way to improve the accuracy of identifying a high-rate DDoS attack. The DDoS solution includes a two-phase approach of detection and mitigation, both of which operate on a local- and a global-basis. Moreover, the anomaly algorithms can be modified or extrapolated to obtain the traffic deviation parameters and therefore, the attack probabilities.