Method and system for mitigating distributed denial of service attacks using centralized management

摘要

The present invention provides a method and system for mitigating distributed denial of service (DDoS) attacks using central management and shared resources. The present invention implements a shared model for mitigating devices distributed in a packet network to mitigate a DoS attack. Mitigating devices are distributed in the packet network to support different network devices during a DoS attack. Configuration information is loaded dynamically into the mitigating devices to adjust the mitigation effort to different network devices. The present invention also implements a shared model for detecting devices distributed in the packet network to detect the presence of a DoS attack. Baselines are created to distinguish between valid packets and invalid packets. When invalid packets are detected, a notification occurs to other devices or a central management system.