Search International and National Patent Collections

1. (WO2018129595) METHOD AND SYSTEM FOR DETECTING AND MITIGATING A DENIAL OF SERVICE ATTACK

Pub. No.:    WO/2018/129595    International Application No.:    PCT/AU2018/050022
Publication Date: Fri Jul 20 01:59:59 CEST 2018 International Filing Date: Tue Jan 16 00:59:59 CET 2018
IPC: G06F 21/00
Applicants: CURTIN UNIVERSITY OF TECHNOLOGY
Inventors: LAZARESCU, Mihai Mugurel
SOH, Sie Teng
KAK, Subhash
Title: METHOD AND SYSTEM FOR DETECTING AND MITIGATING A DENIAL OF SERVICE ATTACK
Abstract:
A method and system for detecting and mitigating a denial of service attack against a destination server (12) and/or connected devices (14). Incoming traffic packets (26) are monitored and a first distribution of the incoming traffic packets (26) is built in accordance with Benford's Law for normal traffic behaviour. A denial of service attack is detected when it occurs. Once an attack is detected, the incoming traffic packets (26/28) are sorted in accordance with Zipf's Law and a sorted distribution is created. The sorted distribution is compared with the first distribution. The incoming traffic packets (28) in the sorted distribution that are not consistent with the first distribution are discarded. A second distribution is then built in accordance with Benford's Law using the incoming traffic packets (28) in the sorted distribution excluding the discarded incoming traffic packets. The incoming traffic packets in the second distribution are allowed to pass to the destination server (12) and/or connected devices (14).