| 主权项 |
1. A security system for detecting and mitigating encrypted denial-of-service (DoS) attacks, the security system is connected in a secured database, comprising:
a DoS defense (DoSD) module configured to detect an encrypted DoS attack in an inbound traffic by analyzing attributes only in the inbound traffic that relate to at least one of a network layer and an application layer, wherein the DoSD module is configured to initially analyze the network layer attributes in the inbound traffic, and analyze the application layer attributes when an encrypted DoS attack at the network layer has not been detected, wherein the DoSD module is further configured to mitigate a detected encrypted attack, the inbound traffic originates at a client and is addressed to a protected server; and a cryptographic protocol engine (CPE) configured to establish a new encrypted session between the client and the security system, decrypt requests included in the inbound traffic, and send encrypted responses to the client over the new encrypted session between the client and the security system, wherein the CPE is further configured to establish a new network connection between the client and the protected server when an encrypted DoS attack at the application layer has not been detected, wherein the new network connection causes outbound traffic originating at the protected server to be directly routed to the client to eliminate reception and processing of the outbound traffic by the security system connected in the secured datacenter. |
