The web infrastructure company Cloudflare (opens in new tab) has revealed its autonomous edge DDoS protection (opens in new tab) systems were able to automatically detect and mitigate the largest DDoS attack it has encountered so far.
Back in July, the company was able to thwart a 17.2 million request-per-second (rps) DDoS attack which was almost three times larger than any previously recorded DDoS attacks (opens in new tab).
To put this in perspective, Cloudflare points out in a new blog post (opens in new tab) that it served 25m HTTP requests per second on average during Q2 2021 which means the attack generated 68 percent of its Q2 average rps rate of legitimate HTTP traffic.
- We've built a list of the best endpoint protection software (opens in new tab)
- These are the best DDoS protection (opens in new tab) solutions on the market
- Also check out our roundup of the best firewall (opens in new tab)
The botnet (opens in new tab) used to launch this attack has reappeared at least twice in recent weeks and Cloudflare says that it was also used to target one of its customers in the web hosting (opens in new tab) industry with an HTTP DDoS attack that peaked just below 8m rps.
Automated DDoS detection and mitigation
Cloudflare was able to stop this massive attack and others like it thanks to its autonomous edge DDoS protection systems that are capable of automatically detecting and mitigating DDoS attacks.
The system is powered by the company's own denial of service daemon (dosd) which is a home-grown software-defined daemon. Cloudflare runs a unique dosd instance in every server housed in its data centers (opens in new tab) around the world.
Each dosd instance can independently analyze traffic samples that are out-of-path and by doing so, this allows the company to asynchronously scan for DDoS attacks without introducing latency or impacting performance. Findings related to DDoS attacks are then shared between the dosd instances in a data center to serve as a form of proactive threat intelligence sharing.
Due to the global scale and reliability of its network along with this autonomous approach, Cloudflare (opens in new tab) can mitigate attacks that reach 68 percent of its average per-second-rate and higher without the need for manual mitigation by its staff.
While Cloudflare was able to stop this 17.2m rps DDoS attack, there will likely be larger attacks in the future as cybercriminals devise new attack methods and the botnets used to carry out these attacks continue to add more IoT (opens in new tab) and other devices to their ranks.
- We've also highlighted the best antivirus (opens in new tab)