1. Field of the Invention
The present invention relates to the field of networking. More specifically, the present invention relates to the monitoring and regulation of routing devices of network domains to detect and prevent undesirable network traffic from being sourced out of the network domains.
2. Background Information
With advances in integrated circuit, microprocessor, networking and communication technologies, increasing numbers of devices, in particular, digital computing devices, are being networked together. Devices are often first coupled to a local area network, such as an Ethernet based office/home network. In turn, the local area networks are interconnected together through wide area networks, such as ATM networks, Frame Relays, and the like. Of particular interest is the TCP/IP based global inter-networks, Internet.
As a result of this trend of increased connectivity, increasing numbers of applications that are network dependent are being deployed. Examples of these network dependent applications include but are not limited to, email, net based telephony, world wide web and various types of e-commerce. Success of many of these content/service providers as well as commerce sites depends on the quality of service that they provide.
Unfortunately, the connectivity that makes it possible for these servers to provide the content/service, also makes it very easy for hackers to launch denial of service (DOS) attacks against these servers. Compounding the misfortunes is the fact that often times, innocent systems are exploited in assisting the attacks, without the system owners even knowing their systems are being exploited. The exploitation not only may affect the level of services delivered by the exploited systems, it may also leave the exploited systems vulnerable to liability for the damages inflicted on the servers being attacked.
To date, all the known methods and apparatuses that can assist a system owner in protecting his/her systems from being exploited are basically intrusion protection oriented. That is all the methods and apparatuses are substantially oriented towards keeping undesirable network traffics from entering a network domain and/or preventing unauthorized program execution on the owner's systems. As experience has demonstrated, none of these methods and apparatuses is perfect. From time to time, we have learned that hackers are able to get through. Thus, additional methods and apparatuses that can further prevent systems from being exploited and giving involuntary assistance to DOS attacks are desired.