The approaches described in this section could be pursued but are not necessarily approaches that have previously been conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.
Network services responsible for establishing client-server sessions can be overwhelmed by a Denial-of-Service (DoS) attack, a distributed Denial-of-Service (DDoS) attack, or Internet-of-Things (IoT) botnet traffic in an attempt to make the services unable to function by, for example, depleting their storage capacity to maintain established session data. Some services can be responsible for connecting millions of users in, for example, a gaming environment. Typically, when a request for a new session arrives, a service responsible for supporting sessions needs to determine whether the request is legitimate. To make this determination, the system has to complete a three-way transmission control protocol (TCP) handshake procedure to establish the session. Only after the session is established, can the system analyze the request in order to determine whether the request is legitimate. If the service is flooded with DDoS attack or IoT botnet traffic, the service can lack sufficient resources to establish and analyze the legitimacy of every session. Therefore, conventional DDoS and IoT botnet attack mitigation techniques have serious shortcomings.