A denial of service (DoS) attack in the world of networking typically refers to an attempt directed towards rendering a computer resource unavailable by overwhelming the resource with requests. A typical DoS attack involves sending over the network a large quantity of requests to the computing resource in a very short period of time interval in what is known as a network traffic storm to intentionally cause disruptions in the computer resource's communications. There are a variety of mechanisms used to overwhelm a computer resource on the network using DoS attacks, including, but not limited to reflected floods, amplification attacks, and malformed TCP/IP packets.
Today, virtually any computing resource connected to a network may be vulnerable to such attacks. For example, Domain Name Systems (DNS) servers provide a valuable service to users of the internet by resolving internet domain names into network addresses to locate a service on the internet. Disrupting services from a DNS server may significantly disrupt access to a large number of other services that depend on such translations. Therefore, it is not a surprise to discover that DNS servers have been ranked on the SysAdmin, Audit, Networking, and Security (SANS) Institute's Top-20 Internet Security Attack Targets list for seven consecutive years. For example, in February 2007, at least three of the thirteen DNS root servers were flooded with malformed DNS packets during a DoS attack. Several of the servers experienced brief outages as a result, including the U.S. Department of Defense's G server.
One commonly used approach to attacking DNS servers includes DNS floods. DNS floods typically involve sending a large number of domain name queries to a given DNS server over a short time period to disrupt the server's ability to adequately respond to DNS requests. Thus, there is a desire to provide security protection to at least DNS servers, although other network services are also at risk. Therefore, it is with respect to this consideration and others that the current invention is directed.