%% You should probably cite draft-khare-idr-bgp-flowspec-payload-match-08 instead of this revision.
@techreport{khare-idr-bgp-flowspec-payload-match-05,
    number =    {draft-khare-idr-bgp-flowspec-payload-match-05},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-khare-idr-bgp-flowspec-payload-match/05/},
    author =    {Anurag Khare and John Scudder and Luay Jalil and Michael Gallagher and Kirill Kasavchenko},
    title =     {{BGP FlowSpec Payload Matching}},
    pagetotal = 13,
    year =      2019,
    month =     dec,
    day =       8,
    abstract =  {The rise in frequency, volume, and pernicious effects of DDoS attacks has elevated them from fare for the specialist to generalist press. Numerous reports detail the taxonomy of DDoS types, the varying motivations of their attackers, as well as the resulting business and reputation loss of their targets. BGP FlowSpec (RFC 5575, "Dissemination of Flow Specification Rules") can be used to rapidly disseminate filters that thwart attacks, being particularly effective against the volumetric type. Operators can use existing FlowSpec components to match on pre-defined packet header fields. However recent enhancements to forwarding plane filter implementations allow matches at arbitary locations within the packet header and, to some extent, the payload. This capability can be used to detect highly amplified attacks whose attack signature remains relatively constant while values in the packet header vary, as well as the burgeoning variety of tunneled traffic. We define a new FlowSpec component, "Flexible Match Conditions", with similar matching semantics to those of existing components. This component will allow the operator to define bounded match conditions using bit offsets and a variety of match types.},
}