DDoS defense: Pentagon eyes new security tools to counter cyber-attacks within seconds
The fresh measures would help organizations to quickly deal with the distributed denial-of-service attacks, with the aim being a 10-second recovery rate from any given assault, the Defense Department stated in their latest report.
Researchers are set to develop the program Extreme DDos Defense (XD3) for three years starting from next spring, Pentagon officials said.
In the latest Pentagon report, it is specified that those who will examine high-profile systems during XD3 program – like government web security – for potential loopholes, should have clearance to do that.
The amount of funding hasn’t been revealed as of yet, but a few grants will be distributed among the researchers who would like to take part and will submit their proposals by October 13.
Denial-of-service assaults happen when attackers access the servers, flood them with bogus traffic and cause the servers to fail.
Researchers say it’s partly due to computer systems being consolidated and predictable which makes them an easy target.
The current issue is that cloud systems and other infrastructure software "rely heavily on highly shared, centralized servers and data centers.”
"Responses to DDoS attacks are too slow and manually driven, with diagnosis and formulation of filtering rules often taking hours to formulate and instantiate. In contrast, military communication often demands that disruptions be limited to minutes or less," the Defense Department said in the report.
XD3 will attempt to prevent DDoS assaults by "dispersing cyber assets, disguising the characteristics and behaviors of those assets, and mitigating the attacks that still penetrate” facilities and networks throughout the globe – all that to make planning and conducting the assaults harder.
DDoS attacks have caused great damage to many areas, from government’s services and banking sector to gaming.
In July 2009, the websites of the White House and the Pentagon were targeted in an unprecedented DDoS attack, while Wall Street banks were targeted in 2011.
In 2007, a major DDoS assault was staged against Estonia and forced government and industry web access offline for two weeks.
The first huge DDoS attack took place in 2000, when 15-year-old Canadian aka ‘Mafiaboy’ took down Yahoo, the number one search engine at the time. Afterwards, he attacked CNN, eBay and Amazon.