Re: OBESEUS - A new type of DDOS protector

[Guillaume FORTAINE <gfortaine () live com>]

Dear Mister Dobbins,

Thank you for your reply.

> Flow telemetry has demonstrated its extraordinary utility to network operators worldwide over the last decade, and continued 
> advances such as Cisco's Flexible NetFlow and the IETF IPFIX/PSAMP effort signify that this is the broad consensus of 
> the operational community.
>    

What about Argus ? [1]

http://qosient.com/argus/


> Layer-7 attacks against various types of services/apps can achieve significant amplification effects and 
> disproportionate impact, are increasing in frequency and impact, and therefore must be addressed by any operationally 
> viable solution in this space.
>    

https://www.dpacket.org/

> I believe that an effective and operationally useful open-source solution for basic DDoS 
> detection/classification/traceback/mitigation can be implemented using existing widely-used and -understood 
> tools/techniques as described here:
>
> <http://mailman.nanog.org/pipermail/nanog/2010-January/016747.html>
>    

Me and my partners are working on a Flow Based Security Awareness 
Framework for High-Speed Networks.

http://docs.google.com/viewer?url=http://www.vabo.cz/spi/2009/presentations/03/02-celeda_rehak_CAMNEP_no_video.pdf

For a demo :

http://demo.cognitivesecurity.cz/



I look forward to your answer,

Best Regards,

Guillaume FORTAINE

[1] 
https://tools.netsa.cert.org/wiki/download/attachments/10027010/Bullard_IntroductionToArgus.pdf?version=1&modificationDate=1263221338000