A computer network generally includes a number of interconnected network devices. Large networks, such as the Internet, typically include a number of interconnected computer networks, which in this context are often referred to as sub-networks or subnets. These subnets are each assigned a range of network addresses that can be allocated to the individual network devices that reside in the respective subnet. A server or other device in each subnet may be responsible for allocating these network addresses in accordance with a network address allocation protocol, such as a dynamic host configuration protocol (DHCP).
Various types of network attacks exist that attempt to exploit operation of address allocation protocols. For example, a denial of service (DoS) attack may represent one type of attack that floods a DHCP server with address allocation requests. The DHCP server may be unable to distinguish between legitimate address allocation requests and illegitimate address allocation requests associated with the DoS attack. As such, the DHCP server may process each of the illegitimate address allocation requests, wasting computing and other resources that would be better allocated to processing legitimate address allocation requests. The DHCP server may, when processing resources are consumed processing the illegitimate address allocation requests, begin dropping all address allocation requests, preventing legitimate end users of the access network from gaining network connectivity to the subnet.