The US Department of Homeland Security (DHS) has awarded a $1.7 million contract to create technology that is capable of defending against large and sophisticated distributed denial of service (DDoS) attacks.
Under the auspices of the DHS’ Science and Technology Directorate (S&T), computer science specialist Galois has been tasked with creating the DDoS Defense for a Community of Peers (3DCoP), which involves a peer-to-peer collaboration mechanism through which organizations work together to detect and mitigate DDoS attacks.
The goals of the project are not small-time: It aims to reduce mitigation response time by 50%, resulting in peak traffic reduction of 75% – 90%. Additionally, it plans to reduce the time between the start of the attack and the detection of the attack by 25%.
“Current DDoS defense systems are proving ineffective because they operate in isolation, which introduces delays in the detection, reporting, and response to a DDoS attack,” said Adam Wick, research lead, mobile security and systems software, Galois. “This delay is critical. It provides positive feedback to the attacker, who will continue to send more and more traffic at the target network. Our solution advances the state of DDoS defense by providing new tools that allow multiple defenders to coordinate their response, resulting in earlier detection and faster DDoS mitigation.”
To address these delays, 3DCoP brings multiple defending organizations together to detect DDoS attacks, compute mitigations and coordinate responses, including convincing service providers to take action. Underlying the implementation is a traffic flow monitoring capability, which observes traffic flows in and out of the enclave and finds patterns of interest.
3DCoP then transmits these discovered patterns via a peer-to-peer communication grid that can compute a more complete view of the network.
“As a result, rather than having a single, small entity requesting a rule change of a major ISP, we create a large virtual organization that acts with consensus,” the company explained in its project brief.
The contract is part of the DHS S&T Cyber Security Division’s larger Distributed Denial of Service Defenses (DDoSD) program.
Photo © Leonard Zhukovsky/Shutterstock.com