Application delivery solutions provider, Radware (NASDAQ:RDWR), today announced the issuance of three
United States Patents based on real-time signatures to protect and secure application and network Traffic.
The new additions to Radware’s patent portfolio include:
• “Generated Anomaly Pattern for HTTP Flood Protection”
• “Method for Generating Anomaly Pattern for HTTP Flood Protection”
• “Stateful Attack Protection”
The three patents cover a system, methodology, and approach to detect botnet-originated web misuse and denial of service attacks, by learning the behavior in which users utilize the web server application and analyzing patterns that deviate from the normal “human” behavior. When an attack is detected, the system creates a real-time signature that characterizes the bot attack pattern and blocks bot activities accordingly – all without blocking legitimate user traffic.
Patent numbers 7,617,170 (“Generated Anomaly Pattern for HTTP Flood Protection”) and 7,624,084 (“Method for Generating Anomaly Pattern for HTTP Flood Protection”) cover the system and methodology required to detect and mitigate bot originated DoS/DDoS HTTP “page” flood attacks. The protection uses various methods to learn the normal behavior toward the protected servers that tunes the sensitivity of the anomaly detection engine, based on fuzzy logic inference systems and statistical thresholds. The protection system enables mitigation according to the source IP(s) and the HTTP request URL’s that are used as part of the attack.
Patent No. 7,607,170 (“Stateful Attack Protection”) provides a method for detecting an attack in a computer network. This includes monitoring communications traffic transmitted over connections on the network that are associated with a stateful application protocol required to detect respective application states of the connections, and analyzing a distribution of application states required to identify the attack.
“Radware’s latest three patents tap into today’s enterprise network security requirements for a progressive application security management system that enables uninterrupted network and application access, while filtering out potential threats,” said Avi Chesla, Vice President, Security Products, Radware.
