search

cablelabs / ddos-info-sharing

The repository for the CRITS based DDoS Information Sharing platform
https://cablelabs.github.io/ddos-info-sharing/
5 stars 0 forks source link

Add support for Tattle-Tale-based reporting and time/source/network-based correlation #22

Open craigpratt opened 2 years ago

craigpratt commented 2 years ago

To support automated backtrace of spoofed DDoS attacks, the DIS backend could support uploading of attacks to known DDoS reflectors and attempt to cross-correlate attacks based on start/end time and source IPs (which represent the target in spoofed DDoS attacks).

By having the uploaded attack reports include the source network (peering, local, or otherwise) - and having enough participants - then the attacks can hopefully be cross-correlated across peering networks back to the source, identified, and have address validation enabled (or work with the peering provider to filter/mitigate the traffic).

darshakthakore commented 2 years ago
do-not-edit-start-codetree-epic-issues

Issues in this epic:

Title Milestone Assignees Stage State
Containerize Tattle-Tale reporting components #154 N/A N/A Done Closed
do-not-edit-end-codetree-epic-issues