公开(公告)号：US10999319B2

公开(公告)日：2021-05-04

申请号：US16449916

申请日：2019-06-24

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck ,  Christopher Newton

IPC: H04L29/06

Abstract: Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems.

公开(公告)号：US20200267177A1

公开(公告)日：2020-08-20

申请号：US16861269

申请日：2020-04-29

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L29/06 ,  H04L12/717 ,  H04L12/755 ,  H04L12/24 ,  H04L12/715

Abstract: Embodiments are provided for managing routes of data traffic within a network. The management may be performed via a graphical user interface that interacts with a Web server to update a configuration file. The configuration file can be converted to router management commands by a network management device (e.g., a BGP speaker). The commands can then be sent to border routers for controlling network traffic. Embodiments are also provided for capturing and logging routing updates made in a network.

公开(公告)号：US20200169582A1

公开(公告)日：2020-05-28

申请号：US16704626

申请日：2019-12-05

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L29/06

Abstract: Embodiments can identify requests that may be tied to a DDOS attack. For example, the primary identifiers (e.g., a source address) of requests for a network resource (e.g., an entire website or a particular element of the website) can be tracked. In one embodiment, a statistical analysis of how often a particular source address (or other primary identifier) normally makes a request can be used to identify source addresses that make substantially more requests. A normal amount can correspond to an average number of request that a source address makes. According to some embodiments, a system can use statistical analysis methods on various request data in web server logs to identify potential attacks and send data concerned potential attacks to an HBA system for further analysis.

公开(公告)号：US10609052B2

公开(公告)日：2020-03-31

申请号：US16284805

申请日：2019-02-25

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L29/06 ,  H04W80/06 ,  H04L12/64 ,  H04L12/00

Abstract: A system can monitor the server for indications of an attack and adjusts server settings accordingly. In response, the system can increase server tolerance in a systematic way to deal with DDoS by adjusting server settings appropriately. Conversely, when the server is not under attack, the settings can be adjusted to those for standard operations (e.g., adjusted downward), as they are more optimal for normal, non-attack operations.

公开(公告)号：US20180007086A1

公开(公告)日：2018-01-04

申请号：US15707772

申请日：2017-09-18

Applicant: LEVEL 3 COMMUNICATIONS, LLC

Inventor： Robert Smith ,  Shawn Marck ,  Christopher Newton

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  H04L63/20

Abstract: Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems.

公开(公告)号：US20170318042A1

公开(公告)日：2017-11-02

申请号：US15651777

申请日：2017-07-17

Applicant: LEVEL 3 COMMUNICATIONS, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L29/06 ,  H04L12/64 ,  H04W80/06 ,  H04L12/00

CPC classification number: H04L63/1416 ,  H04L12/00 ,  H04L12/6418 ,  H04L63/1458 ,  H04W80/06

Abstract: A system can monitor the server for indications of an attack and adjusts server settings accordingly. In response, the system can increase server tolerance in a systematic way to deal with DDoS by adjusting server settings appropriately. Conversely, when the server is not under attack, the settings can be adjusted to those for standard operations (e.g., adjusted downward), as they are more optimal for normal, non-attack operations.

公开(公告)号：US20160080412A1

公开(公告)日：2016-03-17

申请号：US14852518

申请日：2015-09-12

Applicant: LEVEL 3 COMMUNICATIONS, LLC

Inventor： Robert Smith ,  Shawn Marck ,  Christopher Newton

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  H04L63/20

Abstract: Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems.

Abstract translation: 实施例提供了使用缓解系统（也称为洗涤中心）和非缓解系统的混合的DDoS服务的系统和方法。 非缓解系统较便宜，因此可以放置在客户的网络资源（例如，计算机，计算机集群或整个网络）或附近。 在正常情况下，客户资源的流量可以通过缓解系统或非缓解系统。 当检测到攻击时，否则将通过非缓解系统的流量被重新路由到缓解系统。 因此，非缓解系统可用于在正常情况下减少延迟并提供对客户网络资源的更有效的访问。 由于非缓解服务器没有配备来应对攻击，所以在攻击期间不使用非缓解系统，从而仍然使用缓解系统为客户网络资源提供保护。

公开(公告)号：US11411988B2

公开(公告)日：2022-08-09

申请号：US16861269

申请日：2020-04-29

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marek

IPC: H04L9/40 ,  H04L41/0813 ,  H04L41/08 ,  H04L45/02 ,  H04L41/0866 ,  H04L45/021 ,  H04L45/42 ,  H04L41/22

Abstract: Embodiments are provided for managing routes of data traffic within a network. The management may be performed via a graphical user interface that interacts with a Web server to update a configuration file. The configuration file can be converted to router management commands by a network management device (e.g., a BGP speaker). The commands can then be sent to border routers for controlling network traffic. Embodiments are also provided for capturing and logging routing updates made in a network.

公开(公告)号：US11190532B2

公开(公告)日：2021-11-30

申请号：US16831398

申请日：2020-03-26

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L29/06 ,  H04W80/06 ,  H04L12/64 ,  H04L12/00

Abstract: A system can monitor the server for indications of an attack and adjusts server settings accordingly. In response, the system can increase server tolerance in a systematic way to deal with DDoS by adjusting server settings appropriately. Conversely, when the server is not under attack, the settings can be adjusted to those for standard operations (e.g., adjusted downward), as they are more optimal for normal, non-attack operations.

公开(公告)号：US20210243225A1

公开(公告)日：2021-08-05

申请号：US17239745

申请日：2021-04-26

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck ,  Christopher Newton

IPC: H04L29/06

Abstract: Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems.