System and method for denial of service attack mitigation using cloud services

What is claimed is: 1. A method for mitigating an attack on a network utilizing a subscriber monitoring device and a service provider mitigation system, the method comprising: the subscriber monitoring device monitoring network traffic between a subscriber network and a service provider network; the subscriber monitoring device and service provider mitigation system sending and receiving asynchronous status messages to each other using a stateless protocol; the subscriber monitoring device determining if the subscriber network is under attack and determining a fingerprint for the attack, wherein the attack fingerprint comprises at least one of one or more source IP addresses of the packets that make up the attack, one or more destination IP addresses of the packets that make up the attack, characteristics of packet payloads related to the packets that make up the attack and port numbers that are under attack; the subscriber monitoring device requesting mitigation from the service provider mitigation system via a mitigation request when the subscriber network is under attack, wherein said mitigation request includes the attack fingerprint; the service provider mitigation system providing mitigation, the mitigation including dropping packets generated by attackers based on, at least in part, the attack fingerprint while the subscriber network is under attack, the mitigation being provided in response to the requested mitigation; and the subscriber monitoring device sending a request to terminate the mitigation in response to an amount of network traffic dropped by the service provider mitigation system as indicated by status messages from the service provider mitigation system and an amount of network traffic received from the service provider mitigation system following the mitigation, wherein the service provider mitigation system further comprises a plurality of sensors and communication devices providing data communication and transmission of packets across the service provider network, wherein each status message sent between the subscriber monitoring device and the service provider monitoring system includes an arrival time of a most recently received status message and a timestamp of when the respective status message was sent, wherein each status message sent between the subscriber monitoring device and the service provider monitoring system includes an arrival time of a most recently received status message and a timestamp of when the respective status message was sent. 2. The method according to claim 1 , further comprising determining if the subscriber network is under attack in response to the amount network traffic received by the subscriber network. 3. The method according to claim 1 , further comprising determining if the subscriber network is under attack in response to the amount of network traffic between the service provider network and subscriber network exceeding a predefined threshold. 4. The method according to claim 1 , wherein the service provider mitigation system comprises packet scrubbing systems, and the method further comprising sending packets destined for the subscriber network first to the packet scrubbing systems. 5. The method according to claim 4 , further comprising the packet scrubbing system dropping packets identified as attack traffic. 6. The method according to claim 4 , wherein sending the packets destined for the subscriber network to the packet scrubbing system comprises tunneling, route injection, Domain Name System modification, and/or Network Address Translation. 7. The method according to claim 4 , wherein sending the packets destined for the subscriber network to the packet scrubbing system comprises sending the packets using Generic Routing Encapsulation or Multiprotocol Label Switching. 8. The method according to claim 1 , wherein the status messages include internet protocol addresses of a cloud scrubbing device and the subscriber monitoring device. 9. The method according to claim 1 , wherein the status messages include a modified internet protocol address of a device under attack within the subscriber network. 10. The method according to claim 1 , wherein the attack is a denial of service attack. 11. The method according to claim 1 , wherein the subscriber monitoring device utilizes port mirroring to monitor all the network traffic entering and/or leaving the subscriber network via a router. 12. A system for mitigating an attack on a network, the system comprising: a subscriber monitoring device monitoring network traffic between a subscriber network and a service provider network, and determining if the subscriber network is under attack and determining a fingerprint for the attack, wherein the attack fingerprint comprises at least one of one or more source IP addresses of the packets that make up the attack, one or more destination IP addresses of the packets that make up the attack, characteristics of packet payloads related to the packets that make up the attack and port numbers that are under attack; a service provider mitigation system, in which the subscriber monitoring device and the service provider mitigation system send and receive asynchronous status messages to each other using a stateless protocol, the service provider mitigation system providing mitigation, the mitigation including dropping packets generated by attackers based on, at least in part, the attack fingerprint while the subscriber network is under attack, the mitigation being in response to a requested mitigation via a mitigation request from the subscriber monitoring system, wherein said mitigation request includes the attack fingerprint and wherein the subscriber monitoring device sends a request to terminate the mitigation in response to an amount of network traffic dropped by the service provider mitigation system as indicated by status messages from the service provider mitigation system and an amount of network traffic received from the service provider mitigation system following the mitigation, wherein the service provider mitigation system further comprises a plurality of sensors and communication devices providing data communication and transmission of packets across the service provider network, wherein each status message sent between the subscriber monitoring device and the service provider monitoring system includes an arrival time of a most recently received status message and a timestamp of when the respective status message was sent. 13. The system according to claim 12 , wherein the subscriber monitoring device determines if the subscriber network is under attack in response to the amount network traffic received by the subscriber network. 14. The system according to claim 12 , wherein the subscriber monitoring device determines if the subscriber network is under attack in response to the amount network traffic between the service provider network and subscriber network exceeding a predefined threshold. 15. The system according to claim 12 , further comprising a packet scrubbing system, wherein the packets destined for the subscriber network are first sent to the packet scrubbing systems. 16. The system according to claim 15 , wherein the packet scrubbing system drops packets identified as attack traffic. 17. The system according to claim 15 , wherein sending the packets destined for the subscriber network to the packet scrubbing system comprises tunneling, route injection, Domain Name System modification, and/or Network Address Translation. 18. The system according to claim 15 , further comprising sending packets to t