Systems and methods to detect and respond to distributed denial of service (DDoS) attacks

摘要

Embodiments relate to systems, devices, and computer-implemented methods for mitigating Distributed Denial of Service (“DDoS”) attacks. The method can include receiving, by a server, a response message from an application server. The method can further include determining a source internet protocol (IP) address associated with the source client based on a request message received from a source client. The request message received from the source client corresponds to the response message received from the application server. In addition, the method can include identifying, by the server, a plurality of counters associated with the source IP address, and identifying, by the server, a response type of the response message. Further, the method can include causing a value of at least one of the plurality of counters to change based on the response message and the response type.

主权项

1. A computer-implemented method for mitigating a distributed denial of service (DDoS) attack, comprising:
receiving, by a server, a response message from an application server; determining a source internet protocol (IP) address corresponding to a source client based on a request message received from the source client, wherein the request message received from the source client corresponds to the response message received from the application server; identifying, by the server, a plurality of counters corresponding to the source IP address, wherein the plurality of counters includes a consecutive bad request counter (CBRC) that is used to track a number of consecutive bad requests received from the source IP address; identifying, by the server, a response type of the response message; and causing a value of at least one of the plurality of counters to change based on the response message and the response type.