Esc

Inbound Session Volume Analysis

D3-ISVA
D3-ISVA (Inbound Session Volume Analysis)

Definition

Analyzing inbound network session or connection attempt volume.

How it works

Network appliances are configured to alert on certain packets that typically are involved in DoS attacks. Typical packets include ICMP packets and SYN requests that are commonly used to flood networks. A sampling period is used to define a time window in which collected counts of the identified packets can be measured. If the collected number of packets exceeds a predefined limit then an alert is generated.

Considerations

Scalability as volume of attacks increase; single servers may not have the memory and storage resources to handle high volumes of network traffic.

loading...
json
loading...

References

All
Academic Paper
Patent

The following references were used to develop the Inbound Session Volume Analysis knowledge-base article.

(Note: the consideration of references does not imply specific functionality exists in an offering.)

DETECTING DDoS ATTACK USING Snort

Reference Type: Academic Paper Organization: Indian Institute of Information Technology Allahabad Author: Manas Gogoi, Sourav Mishra
Source: https://www.researchgate.net/publication/338660054_DETECTING_DDoS_ATTACK_USING_Snort

Identifying a denial-of-service attack in a cloud-based proxy service

Reference Type: Patent Organization: Cloudfare Inc. Author: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe Francois Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
Source: https://patents.google.com/patent/US8613089B1

Method and system for UDP flood attack detection

Reference Type: Patent Author: Hongda Chen, Lijin Lu
Source: https://patents.google.com/patent/US8307430B1

Protecting against distributed denial of service attacks

Reference Type: Patent Organization: Cisco Technologies Inc. Author: Guy Pazi, Anat Bremler-Bar, Rami Rivlin, Dan Touitou
Source: https://patents.google.com/patent/US7171683B2

Protecting against distributed network flood attacks

Reference Type: Patent Organization: Juniper Networks Inc. Author: Krishna Narayanaswamy, Bryan Burns, Venkata Rama Raju Manthena
Source: https://patents.google.com/patent/US8789173B2

A knowledge graph of cybersecurity countermeasures