DARPA to brief industry next month cyber security defenses against denial of service
ARLINGTON, Va., 6 Aug. 2015. U.S. military researchers will brief industry next month on an upcoming cyber security project to develop fundamentally new defenses against distributed denial of service (DDoS) cyber attacks on U.S. military data networks.
Officials of the U.S. Defense Advanced Research Projects Agency (DARPA) will conduct industry briefings on the upcoming Extreme DDoS Defense (XD3) project from 1 to 4:30 p.m. on 2 Sept. 2015 at the DARPA Conference Center, 675 N. Randolph St. in Arlington, Va.
The DARPA XD3 program will seek to develop fundamentally new DDoS defenses that afford far greater resilience to these attacks, across a broader range of contexts, than existing approaches or evolutionary extensions can.
DDoS attacks are attempts to overwhelm and crash computer network servers with an overwhelming number of online queries from many different nodes on the Internet.
Such attacks come from sets of networked hosts that collectively act to disrupt or deny access to information, communications, or computing capabilities, generally by exhausting the target's critical resources such as bandwidth, processor capacity, or memory.
Typical victims of these attacks include information storage and computing facilities; servers that handle content distribution, message forwarding, or command and control (C2); and portions of network infrastructure.
Botnet-induced volumetric attacks, which can generate hundreds of gigabits per second of malicious traffic, are perhaps the best-known form of DDoS. Low-volume DDoS attacks, however, can be even more difficult because they target specific applications, protocols, or state-machine behaviors while relying on seemingly innocuous message transmission to thwart traditional intrusion-detection techniques.
Typical DDoS defenses today rely on combinations of network-based filtering, traffic diversion and scrubbing, or replication of stored data to dilute volumetric attacks and to provide diverse access for legitimate users.
Still, existing DDoS defenses have their problems. First, they are too slow; formulation of filtering rules often taking hours to formulate and instantiate, while military communication can't stand disruptions longer than a minute or two.
Low-volume DDoS attacks remain exceedingly difficult to identify and block, and mechanisms that rely on in-line data inspection don't handle encryption well and are difficult to scale.
In addition, DDoS defenses must work in real time; techniques that are only useful for protecting the storage and dissemination of quasi-static data are insufficient.
The XD3 program focuses on three broad areas: thwarting DDoS attacks by dispersing cyber assets to complicate targeting; by disguising defenses to confuse or deceive the adversary; and by adaptive mitigation to blunt the effects of attacks that get through initial defenses.
The industry briefings next are to familiarize participants with DARPA’s interests; identify potential proposers; and to address questions.