NFV-style DDoS mitigation using Snabb Switch

My employer arranged for a hack day last month. It meant anyone participating was free to hack on anything they wanted and at the end of the day we got to present our work during a 2 minute flash presentation to our colleagues as well as a number of students from KTH's (Royal institute of technology) computer science program.

Modern DDoS detection

The detection of DDoS attacks is typically based on some form of threshold value and typically on traffic that is going to a potential target, ie to the host that we want to protect from attacks.

It can be a threshold value for total traffic or for a certain traffic class, like UDP packets, and the actual threshold value can either be configured statically or it can be more dynamic and based on previously collected data, ie baselining and from that finding anomalous traffic patterns.

Syndicate content