The Linux Network Stack Extension for DDoS Mitigation and Web Security

Explore the development and functionality of Tempesta FW, an open-source Linux kernel module designed for efficient HTTPS traffic filtering and DDoS mitigation. Learn about the challenges of processing massive HTTP traffic from malicious clients, and discover how Tempesta FW integrates with the Linux TCP/IP stack to implement advanced HTTP security features. Delve into topics such as HTTPtables, SIMD HTTP string processing algorithms, and TempestaTLS, a fork of mbedTLS for kernel-level TLS handshakes. Gain insights into performance optimizations and benchmarks comparing TempestaTLS with OpenSSL in real-life DDoS attack scenarios against TLS handshakes.