TechTalk: Mitigating attacks on internet infrastructure with eBPF programs

Thursday

May 1, 2025

16:00

Start

17:00

End

SUE office, De Ooyen 9, Geldermalsen
Share this:
Two people in a meeting room. One person in front of a screen presenting.
Back to overview

Reserve your spot

* required

By reserving your spot, you confirm that you have read our privacy statement.
Cloud Security

Mitigating attacks oninternal network infrastructure with eBPF

Universities are increasingly becoming targets of layer-7 DDoS attacks, particularly attacks that target their DNS authoritative name servers and can disrupt critical services. This project focused on developing a robust defense strategy within the SURF network by using Linux eBPF programs for real-time, in-kernel filtering of DNS traffic. This approach makes it possible to inspect and filter packets at extremely high speeds, which is crucial for limiting the impact of these high-volume attacks on essential servers.

To effectively cleanse malicious traffic, we deployed BGP to dynamically route DNS traffic to a dedicated eBPF "washer." This washer, equipped with our optimized eBPF filters and Bloom filter configurations, analyzes and cleans the traffic before it reaches its targets, the DNS authoritative name servers. An important part of our research was optimizing these Bloom filter configurations, which are essential for quickly identifying malicious DNS queries. In this TechTalk, I will delve deeper into the design of the eBPF filters, the BGP routing to the washer, and the performance analysis of the chosen Bloom filters, and I will share the challenges and insights we have gained in strengthening academic network security.

Speaker

Ferran Tufan – Infrastructure, Cloud, and Linux Engineer SUE
Ferran is an alumnus of the Master's program in Security and Network Engineering (OS3) and holds a bachelor's degree in Computer Science. With a background in information security within a university and a strong interest in open source, Ferran has combined academic knowledge with hands-on experience, both in paid and volunteer roles. With a passion for building secure and resilient infrastructure, he applies site reliability engineering principles to design systems that prioritize integrity and confidentiality.

 

Sign up now for this talk on cloud security at SUE, De Ooyen 9 in Geldermalsen! After the TechTalk, you are welcome to join us for a delicious dinner and drinks.
Contact Person
Robbie van Rooijen
Commercial Director

Questions about Cloud Security?
Let's talk!

Let's chat!

info@sue.nl +31 345 656 666

Let's chat!

info@sue.nl +31 345 656 666 LinkedIn

Discover other events

Back to overview

Thursday

April 2, 2026

TechTalk with Red Hat: OpenShift virtualization

16:00

Start

17:00

End

SUE office, De Ooyen 9, Geldermalsen
Privacy overview
This website uses cookies. We use cookies to ensure that our website and services function properly, to gain insight into the use of our website, and to improve our products and marketing. For more information, please read our privacy and cookie policy.