Carrying on the continuous success in introducing Anti-DDoS solutions to Australian audiences, NSFOCUS participated again at the 2015 World Hosting Days (WHD) conference in Sydney, Australia last month.
Our Singapore-based Bobby Zhou, Regional Director for NSFOCUS gave an insightful presentation regarding how to have a collaborative protection network for the detection and mitigation of flooding DDoS attacks. “The attacks are growing,” highlighted in the presentation, with “3279 attacks exceeding 100GB in 2015 first half year”.
Here is the abstract of the presentation. Increasing use of the Internet for critical services makes distributed denial-of-service (DDoS) a top security threat. A distributed nature of DDoS suggests that a distributed mechanism is necessary for a successful defense. Three main DDoS defense functionalities — attack detection, rate limiting and traffic differentiation — are most effective when performed at the victim-end, core and source end respectively. Many existing systems are successful in one aspect of defense, but none offers a comprehensive solution and none has seen a wide deployment. NSFOCUS propose to harvest the strengths of existing defenses by organizing our systems into a collaborative overlay, called “Clean Pipe 2.0”, and augmenting them with communication and collaboration functionalities. Nodes collaborate during the attack to spread alerts and protect legitimate traffic, while rate limiting the attack. CP2.0 can accommodate existing defenses, provide synergistic response to attacks and naturally lead to an Internet-wide response to DDoS threats.