The distribution and processing of information have been revolutionized by the use of computers connected to a network. At first, the networks were small and contained within a local area. These small networks were called local area networks (“LANs”) LANs allowed small numbers of users to efficiently distribute information and files among each of the computers connected to the LAN. Soon thereafter, several LANs were connected together forming a wide area network (“WAN”). WANs allowed users to exchange information across networks located in different geographic areas. Currently, one of the largest computer networks is the Internet.
The Internet is a worldwide interconnection of computer networks that communicate using a common protocol and allows millions of computers from low-end personal computes to high-end super computers to communicate with each other. Physically, the Internet uses a portion of the total resource of the currently existing public telecommunication networks. Technically, what distinguishes the Internet is its use of a set of protocols called Transmission Control Protocol/Internet Protocol (“TCP/IP”). Two recent adaptations of Internet technology, the Intranet and the Extranet, also make use of the TCP/IP protocol.
One of the most rapidly expanding aspects of the Internet is the World Wide Web (the “Web”). The Web consists of computers (servers and clients) that are able to support the Hypertext Transfer Protocol (“HTTP”). HTTP is the set of rules for exchanging files, such as text, graphic images, sound, video and other multimedia files on the Web. Relative to the TCP/IP suite of protocols (which are the basis for information exchange on the Internet), HTTP is an application protocol.
Typically, most Web sites are accessed using a Web browser of which Netscape's Navigatort™ and Microsoft's Internet Explorer™ are the most popular. Using a Web browser, a user can subscribe to services, purchase items and retrieve information from business Web sites or any other Web site no matter where the user is located.
Due to the accessability of the Internet and the Web by vast number of users, Web sites and other computers connected to the Internet are potentially vulnerable to denial-of-service attacks by millions of sources. One type of denial-of-service attack is the connection depletion attack.
The connection depletion attack is one in which the attacker seeks to initiate and leave unresolved a large number of connections requests at a particular computer system (“server”) that provides a service. The large number of unresolved connections causes the server to exhaust its resources and renders the server incapable of servicing legitimate requests. The “TCP SYN flooding” and the “e-mail bomb” attacks are examples of connection depletion attacks.
Accordingly, what is needed in the art is a better way to reduce the possibility of connection depletion attacks and still service legitimate requests.