Security News > 2022 > December > How Gcore uses regular expressions to block DDoS attacks
In DDoS Protection, Gcore uses the bundle of XDP and regular expressions.
There are two approaches to filtering out malicious traffic in DDoS Protection: packet parsers and handling regular expressions.
Working with regex is a resource-intensive process, and Gcore claims they're going to check millions of packets and use regular expressions of different complexity.
Hyperscan is an engine designed to process regular expressions in DPI systems, checking if a packet's payload matches any predefined regular expressions.
What open-source solution does Gcore offer to the community: eBPF API for handling regex in XDP. If your infrastructure needs to handle regular expressions in XDP, you can use a ready-made solution provided by their developers instead of going all the way from scratch.
What benchmarks do Gcore have on regex usage in XDP. Their DDoS filtering solution is based on 3rd Generation Intel® Xeon® Scalable processors and 100GbE Intel® Ethernet Network Adapter E810.
News URL
Related news
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)
- Recently patched CUPS flaw can be used to amplify DDoS attacks (source)
- Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (source)
- Largest Recorded DDoS Attack is 3.8 Tbps (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks (source)