Transparent Security

Transparent Security is a solution for identify the source devices of a DDoS attack and mitigates the attack in the customer premises or the access network. This solution leverages a P4 based programmable data plane for add in-band network telemetry (INT) for device identification and in-band mitigation.

Note: This is reference implementation for a minimal viable prototype.

For more information see the blog and white paper.

Getting started

$ git clone https://github.com/cablelabs/transparent-security

If you're new to git and GitHub, be sure to check out the Pro Git book. GitHub Help is also outstanding.

Or you can stay right here in your web browser on GitHub.

Contributing

Transparent Security was originally built by CableLabs, but we could use your help! Check out our contributing guidelines to get started.

Other important stuff

We use an Apache 2.0 License for Transparent Security.

Questions? Just send us an email at transparent-security@cablelabs.com or open an issue.

The docs

These directories contain other documentation

• Analytic Engine - How to setup the AE
  • kubernetes - directory containing sample CRDs to deploy the TPS AE on Kubernetes
• Build automation AMIs - Creating the required EC2 Images
• P4 INT - Description of the P4 INT header added to packets and associated Wireshark plugin
• Telemetry Report - Description of the Telemetry Report UDP Packet
• Terraform Example Variable File - Example "tfvars" files for configuring a Terraform run
• P4 Automation - Instructions on how to execute the P4 automation scripts

The directories

• automation - contains Terraform scripts for CI and testing on AWS
• bin - miscellaneous scripts mostly used by scripts in automation
• conf - miscellaneous environment configurations
• docs - miscellaneous MD files
• p4 - The P4 source code
• playbooks - The Ansible Playbooks used by automation
• tests - the Python unit test directory
• trans_sec - the project's top-level Python package