Packet-based communications have gained wide acceptance in modern society. A wide range of services, which utilize packet-based communication transport, are now commonly available on home computers, mobile devices such as smartphones and tablets as well as televisions. Even voice communications are transitioning to use of packet-switched data communications type transport as a replacement for older technologies. Most if not all modern enterprises are dependent on communication through packet-based networks, to at least some extent. In many cases, such communications are mission critical. With such wide adoption of packet network communications, levels of service availability and high degrees of reliability become mandatory. Any compromise of service causes not only severe inconvenience but may incur severe financial loss.
It is not uncommon for malicious devices in a communication network to attempt to compromise the network by bombarding a device and/or network with network traffic, thereby preventing legitimate devices from enjoying the services of the network. Such attacks are called “denial-of-service” (DoS) attacks. When multiple devices, e.g., a botnet, launch a DoS attack, it is known as a Distributed DoS (DDos) attack.
Communication networks may use network protection devices, such as firewalls, to block unwanted and/or potentially malicious traffic from infiltrating the network.