Package net.targetr.wtm3.util

Class AttackDetection

java.lang.Object
net.targetr.wtm3.util.AttackDetection
public class AttackDetection extends Object
Provides mechanisms to detect and mitigate potential denial-of-service (DoS) attacks or abuse by monitoring request rates from specific client identifiers (like IP addresses).

This class implements a flexible rate-limiting strategy, tracking the number of requests made by each client identifier within a customizable rolling time window. If an identifier exceeds the predefined maximum number of requests within the specified time unit, a SecurityException is thrown.

  • Constructor Details

    • AttackDetection

      public AttackDetection(int maxRequestsCount, long timeUnit)
      Constructs a new AttackDetection instance with customizable rate limits.
      Parameters:
      maxRequestsCount - the maximum allowed requests within the configured time window
      timeUnit - the duration of the rate-limiting time window in milliseconds

  • Method Details

    • checkRequestRate

      public void checkRequestRate(String id) throws SecurityException
      Checks if the given id has exceeded the allowed request rate limit.

      If the limit is exceeded, a SecurityException is thrown. This method also triggers periodic cleanup of expired rate records.

      Parameters:
      id - the id of the client making the request
      Throws:
      SecurityException - if the id has exceeded the maximum allowed requests in the configured time unit

    • clearExpiredRates

      public void clearExpiredRates()
      Removes all request rate records that are older than the configured time unit.

      This method iterates through the currently tracked records and discards those whose initial request timestamp is older than the configured time unit threshold.