The present invention is a methodology to prioritize packets based on the
conditional probability that given the values of attributes carried by packet, the packet is a legitimate one. We will call this the conditional legitimate probability of a packet from here onward. The
conditional probability of each packet is evaluated based on Bayesian
estimation technique. This is accomplished by comparing the attributes carried by an incoming packet against the “nominal” distribution of attributes of legitimate packet
stream. Since an exact prioritization of packets based on their conditional legitimate probability would require offline, multiple-pass operations, e.g. sorting, we take the following alternative approach to realize an online, one-pass selectively dropping scheme. In particular, we maintain the cumulative
distribution function (CDF) of the conditional legitimate probability of all incoming packets and apply a threshold-based selective dropping mechanism according to the
conditional probability value computed for each incoming packet. To speed-up the computation of the conditional legitimate probability for each incoming packet, we may, as an alternative, use the logarithmic version of the equation to implement the Bayesian
estimation process. Other features of the invention include: providing means to guarantee minimum
throughput of particular (pre-configured) type(s) of packets; providing a. Filtering Mechanism to suppress the
noise during
estimation / maintenance of nominal attributes distribution; applying state-of-the-art
efficient algorithm / data-structures for quantile and
histogram building / updates; using the proven, industrial-strength load-shedding algorithms as a submodule in the
overload control algorithm; and being amenable to practical implementation to support online, one-pass
processing on high-speed communication links.