VOLUME DDOS ATTACKS PROTECTION SYSTEM AND METHOD Russian patent published in 2023 - IPC H04L9/40

Abstract RU 2791869 C1

FIELD: information systems protection.

SUBSTANCE: invention relates to information systems protection field. Method comprises the following stages: specifying passing traffic thresholds for two protection methods, the values of which are set by an operator; coleecting information about flow from routers to a NetFlow collector; analyzing and calculating the flow traffic volume using a NetFlow collector; determining the deviations that occur in a form of the traffic threshold exceeding using a NetFlow collector; sending network credentials via the detected flow message broker to exabgp-consumer software installed on the ExaBGP server to block or limit the bandwidth of malicious traffic using BGP-FlowSpec or BGP BlackHole; generate exabgp-consumer blocking rule for types of attacks based on malicious traffic volume in case only BGP-FlowSpec was exceeded; generating exabgp-consumer blocking rule by substituting the BGP community attribute specified by the autonomous system administrator to block malicious traffic in case both BGP FlowSpec and BGP Blackhole were exceeded.

EFFECT: invention provides protection against Volume DDoS attacks.

2 cl, 2 dwg

Similar patents RU2791869C1

Title	Year	Author	Number
SYSTEM AND METHOD OF REDUCING FALSE RESPONSES WHEN DETECTING NETWORK ATTACK	2011	Gudov Nikolaj Vladimirovich Levashov Dmitrij Anatol'Evich	RU2480937C2
METHOD FOR PROTECTING COMPUTER NETWORK AGAINST INTRUSION	2021	Chajkovskij Sergej Stanislavovich	RU2758997C1
METHOD OF DETECTING COMPUTER ATTACKS TO NETWORKED COMPUTER SYSTEM	2013	Fatkieva Roza Ravil'Evna Atiskov Aleksej Jur'Evich Levonevskij Dmitrij Konstantinovich	RU2538292C1
METHOD OF PROTECTION AGAINST DDOS-ATTACK ON BASIS OF TRAFFIC CLASSIFICATION	2018	Repin Dmitrij Sergeevich Krasnov Andrej Evgenevich Nadezhdin Evgenij Nikolaevich Nikolskij Dmitrij Nikolaevich Galyaev Vladimir Sergeevich Zykova Evgeniya Andreevna	RU2704741C2
METHOD OF PROTECTING COMMUNICATION NETWORK SERVICE SERVERS AGAINST COMPUTER ATTACKS	2019	Dobryshin Mikhail Mikhajlovich Zakalkin Pavel Vladimirovich Starodubtsev Yurij Ivanovich Ivanov Sergej Aleksandrovich Anikanov Gennadij Aleksandrovich	RU2718650C1
METHOD OF PROTECTION OF SERVICE SERVER FROM DDOS ATTACK	2018	Bukharin Vladimir Vladimirovich Zakalkin Pavel Vladimirovich Karajchev Sergej Yurevich Starodubtsev Yurij Ivanovich Sergeev Mikhail Igorevich	RU2679219C1
METHOD OF CONSTRUCTING DATA NETWORKS WITH HIGH LEVEL OF SECURITY FROM DDoS ATTACKS	2015	Krylov Vladimir Vladimirovich Sokolova Eleonora Stanislavovna Lyakhmanov Dmitrij Aleksandrovich	RU2576488C1
METHOD AND SYSTEM FOR PREVENTING MALICIOUS AUTOMATED ATTACKS	2020	Zolotarev Vitalii Gennad'Evich Barabanov Anton Alekseevich Leksunin Oleg Aleksandrovich	RU2740027C1
METHOD AND SYSTEM FOR PREVENTING MALICIOUS AUTOMATED ATTACKS	2021	Zolotarev Vitalii Gennad'Evich Barabanov Anton Alekseevich Leksunin Oleg Aleksandrovich	RU2768567C1
METHOD OF DETECTING NETWORK ATTACKS BASED ON ANALYSIS OF TRAFFIC TIME STRUCTURE	2017	Repin Dmitrij Sergeevich Krasnov Andrej Evgenevich Nadezhdin Evgenij Nikolaevich Nikolskij Dmitrij Nikolaevich Galyaev Vladimir Sergeevich	RU2680756C1

RU 2 791 869 C1

Authors

Vakhrameev Leonid Aleksandrovich

Chernetsov Maksim Viktorovich

Dates

2023-03-14—Published

2022-02-03—Filed