| CPC H04L 63/1458 (2013.01) [G06N 5/048 (2013.01); H04L 47/122 (2013.01); H04L 63/0227 (2013.01); H04L 63/1425 (2013.01); H04L 63/18 (2013.01); G06N 20/00 (2019.01); H04L 63/101 (2013.01); H04L 63/1416 (2013.01)] | 19 Claims |
|
1. A defense platform for protecting against excessive utilization of at least one cloud service used for providing a cloud-hosted application, wherein the defense platform is deployed out-of-path of traffic between a plurality of end user devices and the cloud-hosted application, comprising:
at least one detector;
a mitigator; and
a controller communicatively connected to the detector and the mitigator;
wherein the at least one detector is configured to:
receive telemetries from a plurality of sources, wherein each source is configured to collect telemetries related to the traffic between a plurality of end user devices and an edge network configured at least to distribute traffic for the cloud-hosted application, wherein the telemetries are out-of-path information with respect to traffic to and from the cloud-hosted application and wherein at least a portion of the telemetries collected are related to operation of a portion of at least one cloud computing platform hosting the cloud-hosted application;
detect, based on the collected telemetries and at least one learned normal utilization behavior of each cloud service for the cloud-hosted application, excessive utilization of at least one of the at least one cloud service by the cloud-hosted application;
wherein the controller, upon detection of the excessive utilization of the at least one cloud service by the cloud-hosted application, is configured to cause mitigation, by the mitigator, of the excessive utilization of each cloud service;
wherein traffic to and from the cloud-hosted application is delivered at least partially via at least one edge network; and
wherein the plurality of sources includes at least one source deployed in the at least one cloud computing platform and at least one source deployed in the at least one edge network.
|