Prior to the background of the invention being set forth, it may be helpful to set forth definitions of certain terms that will be used hereinafter.
The term “denial of service” or “DoS”, and more particularly “distributed denial of service” or “DDoS”, as used herein refers to a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.
The terms “network element” or “services and network elements” as used herein refer broadly to facility or equipment used in the provision of a telecommunications service and can thus refer to elements in charge of network security but also to network elements which are not related to network security. The type of network element or a service may include any of the following entities: Web service; Web socket service; Domain Name System (DNS) service; Cloud Access Control List (ACL); Firewall; Web Application Firewall (WAF); DDoS mitigation appliance; Internet Service Provider (ISP)-based DDoS protection; Cloud-based DDoS Protection (which is DNS based); Cloud based DDoS Protection being Border gateway Protocol (BGP) based; Content Distribution Network (CDN); router; and an Internet pipe.
The term “decision support system” or “DSS” as used herein is defined herein as a computer-based information system that supports business or organizational decision-making activities, typically resulting in ranking, sorting or choosing from among alternatives. DSSs serve the management, operations, and planning levels of an organization (usually mid and higher management) and help people make decisions about problems that may be rapidly changing and not easily specified in advance—i.e., Unstructured and Semi-Structured decision problems. Decision support systems can be either fully computerized, human-powered or a combination of both.
One challenge of determining a readiness of a computer network of an organization against DDoS attacks is that many organizations are reluctant to provide full access to their network in order to carry out an analysis that check readiness against DDoS attacks by interfacing into their actual network.
Yet another challenge which is even more important is the ability, or more particularly, lack thereof, of running an actual “live” DDoS testing, also known as DDoS Penetration Testing or DDoS Simulation Testing.
It would be therefore advantageous to be able to reach a conclusion or get some insight regarding the readiness of a specific computer network against DDoS attacks without actually accessing and simulating an attack against the computer network itself.