Smarter leaders trust GlobalData

Data Insights Radware Ltd - Company Profile

Buy the Report

Access deeper industry intelligence

Experience unmatched clarity with a single platform that combines unique data, AI, and human expertise.

Find out more

According to GlobalData’s company profile on Radware, automation system authentication was a key innovation area identified from patents. Radware's grant share as of September 2023 was 70%. Grant share is based on the ratio of number of grants to total number of patents.

Method for detecting and mitigating encrypted dos attacks

A recently granted patent (Publication Number: US11750632B2) describes a method for detecting and mitigating denial-of-service (DoS) attacks that use an encrypted communication protocol. The method involves estimating traffic telemetries by analyzing transmission control protocol (TCP) headers of packets passing over an insecure network. These packets are secured using an encrypted version of a non-encrypted communication protocol and are intended for a protected entity. The estimated traffic telemetries are used to provide rate-based and rate-invariant features that demonstrate the normal behavior of the traffic using the encrypted protocol.

When a potential flood DoS attack using the encrypted communication protocol is detected, a mitigation action is executed. The detection is performed by evaluating the rate-based and rate-invariant features with respect to baselines. The evaluation determines whether the behavior of the ingress traffic indicates a potential flood DoS attack. The method does not require decrypting any of the ingress or egress traffic.

The patent also describes additional aspects of the method. It includes estimating traffic telemetries of egress traffic from the protected entity, based on TCP headers of the packets. The method involves computing baselines for the rate-based and rate-invariant features, including short-term and long-term baselines. The behavior of the ingress traffic indicates a potential flood DoS attack when anomalies are detected on the rate-based and rate-invariant features. The method further involves generating a suspect list of source IP addresses that triggered the anomalies, challenging each device in the list, and executing the mitigation action on traffic from devices that fail the challenge.

The patent also covers a non-transitory computer-readable medium containing instructions for executing the method and a system for detecting DoS attacks. The system includes a processing circuitry and a memory that stores the instructions for estimating traffic telemetries, providing rate-based and rate-invariant features, and executing the mitigation action.

Overall, this patent presents a method and system for detecting and mitigating DoS attacks that use an encrypted communication protocol. The method relies on analyzing TCP headers to estimate traffic telemetries and uses rate-based and rate-invariant features to identify potential flood DoS attacks. The system includes a processing circuitry and memory to implement the method.

To know more about GlobalData’s detailed insights on Radware, buy the report here.

GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.

GlobalData Patent Analytics tracks bibliographic data, legal events data, point in time patent ownerships, and backward and forward citations from global patenting offices. Textual analysis and official patent classifications are used to group patents into key thematic areas and link them to specific companies across the world’s largest industries.