SDN based DDoS detection using SciPass and Bro

This talk will present our efforts to detect and mitigate DDoS attacks within the TransPAC network using a combination of SciPass network control system, Bro and OpenFlow. One particularly attractive capability SciPass offers is to apply fine grained blocking based not only on the source of an attack but also the destination, protocol and port of the malicious traffic. Ultimately, this effort will evaluate the the effectiveness of this technique in production at 100Gbps. SciPass is an OpenFlow open source application designed by Indiana University to help network security scale to 100Gbps (http://globalnoc.iu.edu/sdn/scipass.html). Bro is a powerful open source network analysis framework maintained at https://www.bro.org.

Speakers

Part of session

Thunderclap Talks

Related documents