Security News > 2022 > December > How Gcore uses regular expressions to block DDoS attacks
In DDoS Protection, Gcore uses the bundle of XDP and regular expressions.
There are two approaches to filtering out malicious traffic in DDoS Protection: packet parsers and handling regular expressions.
Working with regex is a resource-intensive process, and Gcore claims they're going to check millions of packets and use regular expressions of different complexity.
Hyperscan is an engine designed to process regular expressions in DPI systems, checking if a packet's payload matches any predefined regular expressions.
What open-source solution does Gcore offer to the community: eBPF API for handling regex in XDP. If your infrastructure needs to handle regular expressions in XDP, you can use a ready-made solution provided by their developers instead of going all the way from scratch.
What benchmarks do Gcore have on regex usage in XDP. Their DDoS filtering solution is based on 3rd Generation Intel® Xeon® Scalable processors and 100GbE Intel® Ethernet Network Adapter E810.