Rootconf 2014

On devops and cloud infrastructure

DDOS mitigation @flipkart

Submitted by Sameer Garg (@sameerg) on Monday, 12 May 2014

videocam_off

Technical level

Advanced

Section

Full talk

Status

Confirmed & Scheduled

View proposal in schedule

Vote on this proposal

Login to vote

Total votes:  +1

Objective

In this talk we explore various types of attacks and what flipkart does for mitigation.

Description

DDOS Attacks have been on the rise all over the world. This include Volumetric i.e. Layer 4 TCP / UDP and Application i.e. Layer 7 HTTP, MySQL.Volumetric attacks are all about muscling out the attacker at the upstream / scrubbing farms. The same cannot be done for Layer 7 attacks.

Traditional DDoS systems cannot catch Layer7 attacks as they all work on layer 4. There are inline solutions such as WAF, etc which looks at traffic and make profiles like IDP. But at scale all that becomes resource intensive and affects latencies. At flipkart we devised a solution that looks at logs from various layers, detects patterns and automatically blocks the attacker at the perimeter.

In this talk we explore various types of attacks and what Flipkart does for mitigation.

Requirements

Basic understanding of TCP/IP and Internet Routing protocols

Speaker bio

Sameer is a Senior Operations Engineer at Flipkart, India's largest e-commerce website with multiple data centers and thousands of servers, where he works on website reliability, scalability and network performance. Before fipkart he handled gigs at Yahoo! and Naukri.

Comments

Login with Twitter or Google to leave a comment