公开(公告)号：WO2017196558A1

公开(公告)日：2017-11-16

申请号：PCT/US2017/030042

申请日：2017-04-28

Applicant: CISCO TECHNOLOGY, INC.

Inventor： REDDY, Tirumaleswar ,  WING, Daniel ,  PATIL, Prashanth

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  H04L9/0861 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3263 ,  H04L63/0236 ,  H04L63/0823 ,  H04L63/1425 ,  H04L63/168 ,  H04L65/1006 ,  H04L67/02 ,  H04L67/10 ,  H04L69/329

Abstract: In one embodiment, a distributed denial of service attack on a network is identified. In response to the distributed denial of service attack, a script to request a short term certificate is executed. The short term certificate is generated by a certificate server and received either directly or indirectly from the certificate server. An instruction to redirect traffic using the short term certificate and private key is sent to a distributed denial of service attack protection service that is operable to filter or otherwise mitigate malicious traffic involved in the distributed denial of service attack.

Abstract translation: 在一个实施例中，识别网络上的分布式拒绝服务攻击。 为了响应分布式拒绝服务攻击，执行脚本以请求短期证书。 短期证书由证书服务器生成并直接或间接从证书服务器接收。 使用短期证书和私钥重定向流量的指令被发送到分布式拒绝服务攻击保护服务，该服务可用于过滤或以其他方式缓解涉及分布式拒绝服务攻击的恶意流量。