公开(公告)号：US20230421603A1

公开(公告)日：2023-12-28

申请号：US18242874

申请日：2023-09-06

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck ,  Christopher Newton

IPC: H04L9/40

CPC classification number: H04L63/1458 ,  H04L63/20

Abstract: Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems.

公开(公告)号：US11032138B2

公开(公告)日：2021-06-08

申请号：US14920465

申请日：2015-10-22

Applicant: LEVEL 3 COMMUNICATIONS, LLC

Inventor： Robert Smith

IPC: H04L12/24 ,  H04L12/801 ,  H04L12/771 ,  H04L12/715

Abstract: Embodiments are provided for managing routes of data traffic within a network. The management may be performed via a graphical user interface that interacts with a Web server to update a configuration file. The configuration file can be converted to router management commands by a network management device (e.g., a BGP speaker). The commands can then be sent to a border routers for controlling network traffic. Embodiments are also provided for capturing and logging routing updates made in a network.

公开(公告)号：US20190089734A1

公开(公告)日：2019-03-21

申请号：US16193167

申请日：2018-11-16

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  H04L63/0263 ,  H04L63/1425

Abstract: Embodiments can identify requests that may be tied to a DDOS attack. For example, the primary identifiers (e.g., a source address) of requests for a network resource (e.g., an entire website or a particular element of the website) can be tracked. In one embodiment, a statistical analysis of how often a particular source address (or other primary identifier) normally makes a request can be used to identify source addresses that make substantially more requests. A normal amount can correspond to an average number of request that a source address makes. According to some embodiments, a system can use statistical analysis methods on various request data in web server logs to identify potential attacks and send data concerned potential attacks to an HBA system for further analysis.

公开(公告)号：US10218720B2

公开(公告)日：2019-02-26

申请号：US15651777

申请日：2017-07-17

Applicant: LEVEL 3 COMMUNICATIONS, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L29/06 ,  H04W80/06 ,  H04L12/00 ,  H04L12/64

Abstract: A system can monitor the server for indications of an attack and adjusts server settings accordingly. In response, the system can increase server tolerance in a systematic way to deal with DDoS by adjusting server settings appropriately. Conversely, when the server is not under attack, the settings can be adjusted to those for standard operations (e.g., adjusted downward), as they are more optimal for normal, non-attack operations.

公开(公告)号：US20190052670A1

公开(公告)日：2019-02-14

申请号：US16155587

申请日：2018-10-09

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck ,  Christopher Newton

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  H04L63/20

Abstract: Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems.

公开(公告)号：US10193922B2

公开(公告)日：2019-01-29

申请号：US14991010

申请日：2016-01-08

Applicant: LEVEL 3 COMMUNICATIONS, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L29/06

Abstract: Embodiments are provided for an actionable blacklist of DDoS offenders and ISPs associated offenders. The system can collect real-time attack data and perform real-time analysis, which can be fed into a centralized database for intelligent analysis to identify offenders and report to interested subscribers. The system can receive an indication that network resources are being targeted as part of one or more DDoS attacks, and then obtain the malicious IP address of devices associated with those DDoS attacks. The system can determine the Internet Service Provider (ISP) associated with malicious IP addresses. A metric can be computed that is associated with an ISP involved in the one or more DDoS attacks. If the metric exceeds a threshold, then an alert message indicating that the first ISP is involved in the one or more DDoS attacks can be sent to a list of subscribers.

公开(公告)号：US20160248806A1

公开(公告)日：2016-08-25

申请号：US14991024

申请日：2016-01-08

Applicant: LEVEL 3 COMMUNICATIONS, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L29/06 ,  H04L12/24 ,  H04L12/823 ,  H04L12/803

CPC classification number: H04L63/1458 ,  H04L41/0813 ,  H04L41/0866 ,  H04L41/0889 ,  H04L41/22 ,  H04L45/021 ,  H04L45/04 ,  H04L45/42 ,  H04L63/20

Abstract: Embodiments are provided for managing routes of data traffic within a network. The management may be performed via a graphical user interface that interacts with a Web server to update a configuration file. The configuration file can be converted to router management commands by a network management device (e.g., a BGP speaker). The commands can then be sent to border routers for controlling network traffic. Embodiments are also provided for capturing and logging routing updates made in a network.

Abstract translation: 提供了用于管理网络内的数据业务的路由的实施例。 管理可以通过与Web服务器交互以更新配置文件的图形用户界面来执行。 配置文件可以由网络管理设备（例如，BGP扬声器）转换为路由器管理命令。 然后可以将命令发送到边界路由器以控制网络流量。 还提供了用于捕获和记录在网络中进行的路由更新的实施例。

公开(公告)号：US12284208B2

公开(公告)日：2025-04-22

申请号：US18242874

申请日：2023-09-06

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck ,  Christopher Newton

IPC: H04L9/40

Abstract: Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems.

公开(公告)号：US12192231B2

公开(公告)日：2025-01-07

申请号：US18392537

申请日：2023-12-21

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L9/40 ,  H04L41/08 ,  H04L41/0813 ,  H04L41/0816 ,  H04L41/0823 ,  H04L41/0866 ,  H04L41/22 ,  H04L45/02 ,  H04L45/021 ,  H04L45/42 ,  H04L45/745 ,  H04L47/80

Abstract: Embodiments are provided for managing routes of data traffic within a network. The management may be performed via a graphical user interface that interacts with a Web server to update a configuration file. The configuration file can be converted to router management commands by a network management device (e.g., a BGP speaker). The commands can then be sent to border routers for controlling network traffic. Embodiments are also provided for capturing and logging routing updates made in a network.

公开(公告)号：US20220385533A1

公开(公告)日：2022-12-01

申请号：US17881925

申请日：2022-08-05

Applicant: Level 3 Communications, LLC

Inventor： Robert Smith ,  Shawn Marck

IPC: H04L41/0816 ,  H04L45/02 ,  H04L45/745 ,  H04L41/22 ,  H04L47/80 ,  H04L41/0823 ,  H04L9/40

Abstract: Embodiments are provided for managing routes of data traffic within a network. The management may be performed via a graphical user interface that interacts with a Web server to update a configuration file. The configuration file can be converted to router management commands by a network management device (e.g., a BGP speaker). The commands can then be sent to border routers for controlling network traffic. Embodiments are also provided for capturing and logging routing updates made in a network.