28-29 May 2019
Orea Hotel Voronez
Europe/Prague timezone

Adaptive mitigation of DDoS attacks using BGP Flowspec

29 May 2019, 09:30
30m
Congress Hall (Orea Hotel Voronez)

Congress Hall

Orea Hotel Voronez

Krizkovskeho 47 603 73 Brno Czech Republic
CSNOG 2019 CSNOG2

Description

Prupose of the presentation is to demonstrate capabilities of BGP Flowspec implemented on routers to mitigate volumetric DDoS attacks while adapting on continuously changing attack pattern. Attack detection is based on flow (NetFlow/IPFIX) technology that enable to identify attack pattern that is automatically converted into set of BGP Flowspec rules and pushed to routers for attack mitigation. Continuous monitoring of attack characteristics enables to update mitigation rules automatically when deviation from current attack pattern is detected. As part of the presentation we would like to explain flow data and show what value it brings for network operators in broader context than just DDoS protection.

Primary authors

Pavel Minařík (Flowmon Networks a.s.) Mr Jiří Knapek (Flowmon Networks a.s.)

Presentation Materials

Your browser is out of date!

Update your browser to view this website correctly. Update my browser now

×