How Cloudflare works…maybe

1 min read

Bonjour personne géniale,

using Cloudflare myself for my blog and my overall interest in DDoS protection draw me to this weeks paper. It discusses a design of an overlay network for DDoS protection. Quite interesting to learn about the considerations coming into play. Sure Cloudflare, Akamai, Google etc. evolved since then, but this paper gives quite nice fundamentals on how to design such a protection. Especially the computation powered puzzles is a nice concept (was programming one on the weekend actually)….most like Bitcoins proof of work 😉


Abstract:

We present the design and implementation of OverDoSe, an overlay network offering generic DDoS protection for targeted sites. OverDoSe clients and servers are isolated at the IP level.Overlay nodes route packets between a client and a server, and regulate traffic according to the server’s instructions. Through the use of light-weight security primitives, OverDoSe achieves resilience against compromised overlay nodes with a minimal performance overhead. OverDoSe can be deployed by a single ISP who wishes to offer DDoS protection as a value-adding service to its customers

Download Link:

http://ra.adm.cs.cmu.edu/anon/home/ftp/usr0/anon/2006/CMU-CS-06-114.pdf


It would be awesome if you could help growing our little paper community even more by sharing it with your circles (you can also @eu_frey me on Twitter for retweets :D):

simon-frey.com/weeklycspaper

If you have any paper recommendation for me, please do not hesitate to approach me via [email protected] (Please keep the Backend & DevOps topic focus in mind)


With much love,

Simon Frey