Two more research concerns join expanding DARPA project to counter DDoS cyber attacks

ARLINGTON, Va., 27 April 2016. Two U.S. military research concerns are joining a cyber security project to develop fundamentally new defenses against distributed denial of service (DDoS) cyber attacks on U.S. military data networks.

Two more research concerns join expanding DARPA project to counter DDoS cyber attacks
Two more research concerns join expanding DARPA project to counter DDoS cyber attacks
ARLINGTON, Va., 27 April 2016. Two U.S. military research concerns are joining a cyber security project to develop fundamentally new defenses against distributed denial of service (DDoS) cyber attacks on U.S. military data networks.

Officials of the U.S. Defense Advanced Research Projects Agency (DARPA) have awarded contracts to Georgia Tech Research Corp. in Atlanta, and to Raytheon BBN Technologies in Cambridge, Mass., for the Extreme DDoS Defense (XD3) project.

The DARPA XD3 program seeks to develop fundamentally new DDoS defenses that afford far greater resilience to these attacks, across a broader range of contexts, than existing approaches or evolutionary extensions can.

George Tech and Raytheon join Applied Communication Sciences, a Vencore Labs Company in Basking Ridge, N.J.; and to George Mason University in Fairfax, Va., on the DARPA XD3 project.

Related: Alleged Chinese cyber warfare attacks may have stolen U.S. military aircraft secrets

Georgia Tech won DARPA XD3 contracts Wednesday worth $5.6 million, and Raytheon BBN won DARPA XD3 contracts Friday worth $4.8 million. Applied Communication Sciences won a total of $15.2 million on 12 and 14 April, while George Mason won $4.4 million in XD3 contracts on 12 April.

DDoS attacks are attempts to overwhelm and crash computer network servers with an overwhelming number of online queries from many different nodes on the Internet.

Such attacks come from sets of networked hosts that collectively act to disrupt or deny access to information, communications, or computing capabilities, generally by exhausting the target's critical resources such as bandwidth, processor capacity, or memory.

Typical victims of these attacks include information storage and computing facilities; servers that handle content distribution, message forwarding, or command and control (C2); and portions of network infrastructure.

Related: Intelligence researchers get ready for CAUSE cyber security program to forecast cyber attacks

Botnet-induced volumetric attacks, which can generate hundreds of gigabits per second of malicious traffic, are perhaps the best-known form of DDoS. Low-volume DDoS attacks, however, can be even more difficult because they target specific applications, protocols, or state-machine behaviors while relying on seemingly innocuous message transmission to thwart traditional intrusion-detection techniques.

Typical DDoS defenses today rely on combinations of network-based filtering, traffic diversion and scrubbing, or replication of stored data to dilute volumetric attacks and to provide diverse access for legitimate users.

Still, existing DDoS defenses have their problems. First, they are too slow; formulation of filtering rules often taking hours to formulate and instantiate, while military communication can't stand disruptions longer than a minute or two.

Low-volume DDoS attacks remain exceedingly difficult to identify and block, and mechanisms that rely on in-line data inspection don't handle encryption well and are difficult to scale.

Related: Air Force asks industry for new ways to protect computers and embedded systems from cyber attacks

In addition, DDoS defenses must work in real time; techniques that are only useful for protecting the storage and dissemination of quasi-static data are insufficient.

The XD3 program focuses on three broad areas: thwarting DDoS attacks by dispersing cyber assets to complicate targeting; by disguising defenses to confuse or deceive the adversary; and by adaptive mitigation to blunt the effects of attacks that get through initial defenses.

Cyber experts from Georgia Tech, Raytheon BBN, Applied Communication Sciences, and George Mason University are focusing their DARPA XD3 work on manageable dispersion of cyber resources; networked maneuver; adaptive endpoint sensing and response; as well as integrating technologies from these three areas.

For more information contact Georgia Tech Research Corp. online at www.gtrc.gatech.edu; Raytheon BBN at www.raytheon.com/ourcompany/bbn; Applied Communication Sciences online at www.appcomsci.com; George Mason University at https://www2.gmu.edu/; or DARPA at www.darpa.mil.

More in Computers