US 11,658,995 B1
Methods for dynamically mitigating network attacks and devices thereof
Judge Kennedy Singh Arora, San Jose, CA (US); Sandeep Agarwal, San Jose, CA (US); Nitesh Soni, San Jose, CA (US); and Ravneet S. Dhaliwal, San Jose, CA (US)
Assigned to F5, Inc., Seattle, WA (US)
Filed by F5 Networks, Inc., Seattle, WA (US)
Filed on Mar. 20, 2019, as Appl. No. 16/359,045.
Claims priority of provisional application 62/645,627, filed on Mar. 20, 2018.
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/1441 (2013.01) [H04L 63/1416 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for dynamically mitigating network attacks implemented by a network traffic management system comprising one or more network traffic management apparatuses, client devices, or server devices, the method comprising:
identifying when a domain name identifier in a received request matches one of a plurality of domain names stored in a whitelist domain name storage;
determining when the received request is a suspicious request when the identification indicates the received domain name identifier fails to match one of the plurality of domain names stored in the whitelist domain name storage; and
updating another storage when the determination indicates the received request is the suspicious request or otherwise updating the received request as a valid request;
wherein the determining when the received request is the suspicious request further comprises:
determining when the received domain name identifier matches one of a plurality of domain names stored in a suspicious list domain name storage,
executing threat mitigation on the received request when the determination indicates that the received domain name identifier matches one of the plurality of domain names stored in the suspicious list domain name storage,
determining when the executed threat mitigation repudiated a threat associated with the received domain name identifier, and
updating the whitelist domain name storage with the received domain name identifier when the determination indicates the threat was repudiated.