Abstract: Disclosed are a system, method, and computer readable storage medium having instructions for applying a plurality of interconnected filters to protect a computing device from a DDoS attack. The method includes, responsive to detecting the computing device is subject to the DDoS attack, intercepting data from a network node to the computing device, determining data transmission parameters, assigning an initial danger rating to the network node, identifying a subset of the plurality of the interconnected filters which are concurrently triggered, changing the danger rating of the network node based on an application of the subset of the plurality of interconnected filters that are triggered and the data transmission parameters, and responsive to determining that the danger rating of the network node exceeds a threshold value, limiting a transmittal of data from the network node to the computing device by limiting channel capacity between the network node and the computing device.

Abstract: Disclosed are a system, method, and computer readable storage medium having instructions for applying a plurality of interconnected filters to protect a computing device from a DDoS attack. The method includes, responsive to detecting the computing device is subject to the DDoS attack, intercepting data from a network node to the computing device, determining data transmission parameters, assigning an initial danger rating to the network node, identifying a subset of the plurality of the interconnected filters which are concurrently triggered, changing the danger rating of the network node based on an application of the subset of the plurality of interconnected filters that are triggered and the data transmission parameters, and responsive to determining that the danger rating of the network node exceeds a threshold value, limiting a transmittal of data from the network node to the computing device by limiting channel capacity between the network node and the computing device.

Abstract: Disclosed are a system, a method, and computer readable storage medium having instructions for filtering network traffic to protect a server from a distributed denial-of-service (DDoS) attack. The described technique includes intercepting data from a network node to the computing device responsive to detecting a computing device is subject to a DDoS attack. The technique further includes determining one or more data transmission parameters based on the intercepted data, assigning a danger rating to the network node, and changing the danger rating of the network node based on application of a filter and on the data transmission parameters. The described technique limits a transmittal of data from the network node to the computing device if the resultant danger rating of the network node exceeds a threshold value.

Abstract: Disclosed are a system, a method, and computer readable storage medium having instructions for filtering network traffic to protect a server from a distributed denial-of-service (DDoS) attack. The described technique includes intercepting data from a network node to the computing device responsive to detecting a computing device is subject to a DDoS attack. The technique further includes determining one or more data transmission parameters based on the intercepted data, assigning a danger rating to the network node, and changing the danger rating of the network node based on application of a filter and on the data transmission parameters. The described technique limits a transmittal of data from the network node to the computing device if the resultant danger rating of the network node exceeds a threshold value.