Using teamwork to fight DDoS attacks

Using teamwork to fight DDoS attacks

When a distributed denial of service (DDoS) attack hits an organization, it quickly overwhelms network resources, disrupting services and making resources unavailable for users. These attacks can temporarily cripple any enterprise, but they are especially difficult for smaller organizations to manage. 

In response to the need for better responses to such threats, the Department of Homeland Security recently awarded a $1.7 million contract to Galois to create a technology that will defend against large and sophisticated DDoS attacks.

Galois’ project, DDoS Defense for a Community of Peers (3DCoP), uses a peer-to-peer collaboration that allows organizations to work together to detect and mitigate the attacks. 

The company has developed a traffic flow monitoring capability that observes traffic flows in and out of the network and finds patterns of interest. The DDoS traffic details are shared through peer-to-peer software, giving the teamed organizations the benefit of mutual detection and a unified defense to block attacks originating from thousands of locations, the company said.

“Current DDoS defense systems are proving ineffective because they operate in isolation, which introduces delays in the detection, reporting, and response to a DDoS attack,” said Adam Wick, Galois' research lead for mobile security and systems software. “This delay is critical. It provides positive feedback to the attacker, who will continue to send more and more traffic at the target network.”

Galois believes it can help organizations detect and block DDoS attacks before networks are completely saturated.  By cutting mitigation response time by 50 percent, 3DCoP can reduce peak traffic by 75 to 90 percent. In addition, Galois also aims to reduce the time between the start of the attack and detection time by 25 percent.

“Our solution advances the state of DDoS defense by providing new tools that allow multiple defenders to coordinate their response, resulting in earlier detection and faster DDoS mitigation,” Wick said.

About the Author

Derek Major is a former reporter for GCN.

inside gcn

  • secure cloud choices

    Public cloud security doesn't end with the cloud provider

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group