New Technology Tracks, Kills DoS Attacks At ISP Level

[William Knowles <wk () C4I ORG>]

http://www.techweb.com/wire/story/TWB20000914S0006

09/14/00, 10:34 a.m. ET

A year ago, the University of Washington's computers were infiltrated
to help spread denial of service (DoS) attacks to other computers.
They were bombarded with so much data that their systems overloaded
and shut down.

Similar attacks in February temporarily closed Amazon.com Inc.
(stock: AMZN), Yahoo Inc. (stock: YHOO), and eBay Inc.
(stock: EBAY).

With attacks on the rise, four University of Washington computer
networking experts felt compelled to take action -- and formed a
company, called Asta Networks, aimed at protecting websites from
assaults.

Stefan Savage, a Ph.D. candidate whose research is at the center of
Asta's technology, said he and his computer science advisors decided
they could have a greater impact on the industry by forming a company
rather than by writing papers.

While other security firms address the problem at customers' sites
through firewalls, Asta aims to detect and stop DoS attacks at the
Internet backbone and service provider level. "It's a distributed
solution placed on the network, rather than a solution that resides
solely with the customers," said Asta chief technologist David
Wetherall, a University of Washington computer science and engineering
faculty member.

Savage, Asta's chief scientist, added, "We can do the most good where
there is the most traffic."

Only five months old and armed with $3 million in venture funding,
Asta is being fairly closed-lipped about its technology. Officials say
they have patents pending and don't want to alert competitors to their
secrets. The technology, however, stems from Savage's recently
published research on tracing anonymous attacks back to their source.

Asta has not announced any customers, but said it plans to deploy its
software through partners by November and begin selling it for an
undisclosed price in the first quarter of next year.

The software would alert customers that they are being bombarded with
too much traffic, so the operator can decide how to control the
traffic at the appropriate place in the network, said Wetherall. "Our
goal is customers would never see the site go down."

While Asta's initial products will focus on detecting and eradicating
DoS attacks, the company's long term goal is to improve Internet
reliability and performance. The software will also address "success
failure" problems, which occur when an Internet site is overloaded
with desired traffic. That occurred when Victoria Secret invited
people to its online fashion show and the site slowed to a crawl
because of heavy traffic.

Because Asta has disclosed so little about the specifics of its
technology, few are willing to comment on it directly. But John
Pescatore, research director for Internet security at Gartner Group,
Stamford, Conn., said Gartner has been telling its clients since
February that there is little enterprises can do about DoS attacks.
Instead, they should demand protection from their Internet service and
backbone providers. "It must be built into the Internet structure,
from the backbone and domain name services," he said. "They aren't
doing a good enough job of protecting their customers."

Pescatore said that as more companies rely on the Internet for B-to-B
transactions, and as online businesses become more connected with one
another, the market for infrastructure solutions will grow. "It can't
be just end enterprises demanding it from ISPs or ISPs demanding it
from backbone providers. It has to be across the board," he said.

Dave Dittrich, a University of Washington computer security expert who
is not involved with Asta, said the solution must be global. "The
problem is a very difficult one that is not going to be solved
trivially. It may take fundamental changes in the way the Internet is
designed, which could take many years to implement," he said


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".