Security News > 2022 > December > How Gcore uses regular expressions to block DDoS attacks

In DDoS Protection, Gcore uses the bundle of XDP and regular expressions.
There are two approaches to filtering out malicious traffic in DDoS Protection: packet parsers and handling regular expressions.
Working with regex is a resource-intensive process, and Gcore claims they're going to check millions of packets and use regular expressions of different complexity.
Hyperscan is an engine designed to process regular expressions in DPI systems, checking if a packet's payload matches any predefined regular expressions.
What open-source solution does Gcore offer to the community: eBPF API for handling regex in XDP. If your infrastructure needs to handle regular expressions in XDP, you can use a ready-made solution provided by their developers instead of going all the way from scratch.
What benchmarks do Gcore have on regex usage in XDP. Their DDoS filtering solution is based on 3rd Generation Intel® Xeon® Scalable processors and 100GbE Intel® Ethernet Network Adapter E810.
News URL
Related news
- DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns (source)
- Cloudflare mitigates record number of DDoS attacks in 2025 (source)
- DDoS attacks jump 358% compared to last year (source)
- Pro-Russia hacktivists bombard Dutch public orgs with DDoS attacks (source)
- Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks (source)
- New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors (source)