CPC H04L 63/1458 (2013.01) [G06F 3/0482 (2013.01); H04L 41/22 (2013.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01)] | 20 Claims |
1. A computer implemented method for managing and configuring flow specification (FlowSpec) messages for a customer network by a controller device coupled to the customer network, comprising:
monitoring, by the controller device, a plurality of Internet Protocol (IP) packets flowing through the customer network, the plurality of IP packets including a plurality of attributes;
detecting, by the controller device, a network attack in the customer network based on one or more attributes of the plurality of attributes;
generating, by the controller device, responsive to detecting the network attack, a Flowspec message for the customer network, the Flowspec message including one or more actions to mitigate the network attack, and the Flowspec message generated by modifying one or more aspects of a second Flowspec message to reflect one or more characteristics of the customer network; and
updating, by the controller device, responsive to generating the Flowspec message, a database to include (1) the Flowspec message and (2) the one or more characteristics of the customer network;
wherein the Flowspec message is retrieved, by a second controller device associated with a second customer network, responsive to the second controller device detecting a second network attack in the second customer network based on the second customer network having the one or more characteristics of the customer network.
|