PhD computing research to save online companies millions

Macquarie PhD student Udaya Kiran Tupakula has developed a new technique for dealing with distributed denial of service (DDoS) attacks on the Internet.

Working under the supervision of Professor Vijay Varadharajan of the Networked System Security Research Group at Macquarie, Tupakula created a technique that will reduce recovery time significantly and improve the response time considerably thereby saving online companies several tens of millions of dollars in lost trading each year.

About DDoS attacks

DDoS attacks stop legitimate customers from entering email or bank accounts, viewing webpages or purchasing online. An attacker first raises an army of hundreds or thousands of ‘zombie’ computers, by scanning online PCs for known vulnerabilities in operating systems, or by infecting them through email worms like MyDoom and Bagle. Once the zombie army is amassed, it can be ordered to launch a coordinated attack on a specific website at a preordained time by bombarding the site with packets of rubbish data.

According to a survey undertaken this year, 5000 attacks of one form or another occur on a weekly basis over the Internet, resulting in losses of several hundreds of millions of dollars annually. And there is no way of completely preventing them while security holes exist in common software systems and while the majority of the web’s 100 million users fail to adequately secure their PCs.

How the new technique works

Tupakula and Varadharajan began working on a new automated model in 2002, with funding from the Australian Research Council. After analysing the strengths and weaknesses of the existing techniques, they created innovative technology that utilises the existing Network Intrusion Detection Systems to advise a Controller that the site is under attack.

“The controller then arranges gatekeepers at certain doorways in the network and orders them to mark the different types of packets,” explains Varadharajan. “So when the server is attacked it will know precisely what it’s being attacked by, and can just discard those.”

Unlike other systems that tend to respond to a threat by removing both good and bad packets, the dynamic creation and placement of the filter allows good packets to travel through to the server as usual. This increases the response time of the servers, bringing them back up to their normal level of traffic very much faster than existing systems in most cases.

The Group is currently patenting their model, and will pursue commercialisation in the near future, as well as applying the technique to sensor networks and wireless networks. But more important to Varadharajan right now is the need to get the technology deployed where it will do the most good.

“I am passionate about the fact that this actually works and that people will see immediate benefits,” he says.

For more information, contact: Professor Vijay Varadharajan on (02) 9850 9534 or at vijay.varadharajan@mq.edu.au

December 2004

More Science and Technology stories here