The growing problems associated with security exploits within the any-to-any architecture of the Internet are of significant concern to service providers and their customers. These customers are increasingly affected by the damages caused by Denial of Service (“DoS”) attacks. A DoS attack is defined as an action taken upon on a computer network or system by an offensive device that prevents any part of the system from functioning in accordance with its intended purpose. This attack may cause a loss of service to the users of the system. Typically, the loss of network services and user connectivity is achieved by flooding the system to prevent the normal servicing for performing legitimate requests. The flooding may consume all of the available bandwidth of the targeted network or it may exhaust the computational resources of the targeted system.
A Distributed Denial of Service (“DDoS”) attack is a more aggressive action that involves multiple offensive devices performing an attack on a single target computer network or system. This attack may be performed in a coordinated manner by these multiple devices to attack a specific resource of a service provider network. The targeted resource can be any networking device such as routers, Internet servers, electronic mail servers, Domain Name System (“DNS”) servers, etc.
The any-to-any architecture of the Internet makes service providers and their customers vulnerable to the growing problems of DDoS attacks. It would be useful for a service provider to offer the customers a means to selectively treat the traffic from certain transmission sources when interacting with the customer. Therefore, the ability to avoid or mitigate the damages of a DDoS attack would be applicable and useful to a customer of a service provider.