Bigger, better, faster, more are the driving themes behind the advanced network monitoring technology BBN Technologies is building for the military.
The high-tech firm got a $.4.4 million contract today from the Defense Advanced Research Projects Agency (DARPA) to develop novel, scalable attack detection algorithms; a flexible and expandable architecture for implementing and deploying the algorithms; and an execution environment for traffic inspection and algorithm execution.
The network monitoring systems is being developed under DARPA's Scalable Network Monitoring program which seeks to bolt down network security in the face of cyber attacks that have grown more subtle and sophisticated. New technologies and applications provide new attack routes and have made traditional signature-based and anomaly detection-based defensive measures inadequate in both speed and sensitivity, BBN added.
To be effective in today's networks, detection algorithms must operate quickly, efficiently, and effectively in large, content-rich environments. DARPA said that because traffic volume is increasing at a faster rate than the number of hosts on the network, the computing power required to provide gateway network monitoring and defense of autonomous systems will continually grow as a fraction of the power of the monitored network. If these trends continue unabated the network will soon consume the majority of its resources solely to defend itself, DARPA said.
New approaches to network-based monitoring are sought that provide maximum coverage of the network (from the gateway down) with performance independent of the network size, DARPA said.
Some of DARPA's Scalable Network Monitoring program requirements include:
BBN earlier this year got $13 million in additional funding from DARPA to develop a system that quickly converts documents in foreign languages into English so that military personnel can react more rapidly to threats.
Layer 8 in a box
Check out these other hot stories:
DARPA chief outlines expansive array of future networking projects
NASA spends $25M for two unmanned aircraft to explore the earth
Researchers mash Google Earth with electrical data to predict national grid problems
Eleven charged with pilfering millions of credit cards
DARPA earmarks $10M to keep heat out of electronics
Layer 8 is Network World's daily home for the not-just-networking news.
Contact Layer 8
Layer 8 archive
The opinions expressed in this Weblog are those of the writer and may not represent the opinions of Network World.
|
|
Scalable Monitoring was demonstrated at AFCEA West 2008
The DARPA Scalable Network Monitoring project would certainly benefit from a technology that Cetacea Networks has developed and can provide using COTS hardware today. Our OrcaFlow traffic anomaly detection system scales to monitoring terabits/sec of real-time traffic using existing, standards-based network infrastructure. We are able to monitor 1000's of 1 Gbps links in parallel and in real-time today. We demonstrated this capability at the AFCEA West 2008 exhibition in San Diego earlier this year.
In addition, our sensors offer the lowest power consumption per gigabit of monitored traffic (approx. 0.002 watts) compared to existing traffic anomaly detection systems.
The BBN project may be able to leverage OrcaFlow technology with work they will pursue under this contract.
http://www.orcaflow.ca
Way to plug your product.
Way to plug your product.
You should read the more than just this article to understand whats going on.
Your product has no use here.
Furthermore your anomaly detection is very weak.
Scalable monitoring
Hey Anonymous,
I'd be happy to have a discussion around the goals of the DARPA Scalable Network Monitoring project, perhaps you'd be willing to reveal your identity and affiliation as well. Yes, I've read the DARPA BAA 07-52 document.
DARPA, as expected, has set a very high bar for the goals of the project. They are looking for radical new ways of approaching the problem, since current conventional thinking about packet content analysis technologies just do not scale with network size, link speed, and data volume.
Throwing more hardware at the problem will only defer hitting "The Wall" in this monitoring marathon, and new approaches also must now keep a lid on energy consumption and heat issues since these scalable monitoring systems will have to run flat out on a 24/7 basis.
These challenges mean we need to leverage the parallelism that exists in the network infrastructure to continuously carve the problem up into manageable pieces. However, it's highly desirable to do this without requiring a forklift upgrade of the entire Internet.
We need to create dynamic security technology mash-ups that pull in the strengths of many different ways of applying focused analysis of abnormal network activity. In addition, we need efficient, low cost and scalable methods, both in $ and complexity, which help us focus our analysis on the events which matter. All plugging aside, Cetacea has developed a new way of looking at network monitoring which does satisfy some of the goals today, that DARPA defined in BAA 07-52.
As a last thought, I recently found this observation in one Government agency document which discussed the pursuit of very different approaches to hard problems: "Typically there is tremendous resistance to the introduction of disruptive technologies by established providers.".
Further discussion of these issues is more than welcome.
Gary MacIsaac, President/CTO
Cetacea Networks Corp.
Post new comment