Building a DDoS Mitigation Pipeline

Explore CloudFlare's innovative approach to DDoS mitigation in this 21-minute conference talk from USENIX Enigma 2016. Dive into the complete rewrite of CloudFlare's DDoS mitigation pipeline, designed to automate responses and reduce the workload on the operations team. Learn about the system's real-time capabilities, its ability to deploy new mitigation techniques rapidly, and its improved accuracy compared to human operators. Discover the pipeline's key components, including sampled packet data from switches, HTTP logs, attack categorization, a reactive programming engine for high-level constraints, and a centrally-managed iptables mitigations framework. Gain insights into the design philosophy, incremental development process, and future plans for this practical and effective DDoS mitigation solution.