DARPA wants to take the sting out of DDoS attacks

DARPA wants to take the sting out of DDoS attacks

While posing a minor inconvenience compared to other more malicious cyberattacks, distributed denial of service attacks post enough of a threat that the Defense Advanced Research Projects Agency nonetheless is looking for innovative approaches to mitigate their effects.  The Extreme DDoS Defense (XD3) program is looking to the private sector for “fundamentally new DDoS defenses that afford far greater resilience to these attacks, across a broader range of contexts, than existing approaches or evolutionary extensions,” according to a recent broad agency announcement.

While this BAA does not include detection and mitigation of DDoS-related malware on hosts or networked devices, DARPA listed five technical areas for which contractors can submit responses that focus on lessening the effect of DDoS attacks and improving recovery time.  For example, the solicitation seeks proposals to:

  • Devise and demonstrate new architectures that physically and logically disperse these capabilities while retaining (or even exceeding) the performance of traditional centralized approaches.

  • Develop new cyber agility and defensive maneuver techniques that improve resilience against DDoS attacks by overcoming limitations of preconceived maneuver plans that cannot adapt to circumstances and exploring deceptive approaches to establish a false reality for adversaries.

  • Produce a response time of 10 seconds or less from attacks and at least a 90 percent recovery in application performance compared with hosts that do not have XD3 capabilities.

DARPA believes XD3 concepts can be leveraged by the military, commercial network service providers, cloud computing and storage service providers and enterprises of all sizes. 

Given the threat and array of targets DDoS attacks pose, XD3 BAA responses will consider a wide range of network and service contexts, such as enterprise networks, wide‐area networks, wireless networks, cloud computing and software-defined networks, to name a few.  

The response date is Oct. 13, 2015, and the proposers day will be held on Sept. 2, 2015.

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected