Method and system for mitigation of distributed denial of service (DDOS) attacks

摘要

A system and method for mitigating the effects of malicious internet traffic, including DDOS attacks, by utilizing a DNS Traffic Analyzer and Firewall to analyze network traffic intended for a DNS server and preventing some network traffic from accessing the DNS server.

主权项

1. A system for mitigating malicious network traffic, comprising: a protected server within a domain; at least one Authoritative Domain Name System (DNS) server of the domain; at least one DNS Traffic Analyzer and Firewall (DTAF), wherein network traffic must pass through the at least one DTAF Firewall before accessing the at least one Authoritative DNS server, and wherein the at least one DTAF Firewall analyzes the network traffic attempting to pass through the at least one DTAF Firewall; and a Central Master DTAF, wherein the at least one DTAF Firewall send network traffic data to the Central Master DTAF, and wherein the Central Master DTAF sends at least one access control list to the at least one DTAF Firewall.