For Immediate Release
DHS Science & Technology Press Office
Contact: John Verrico, (202) 254-2385
Washington, DC – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) awarded a contract to the University of Delaware to develop technology that will make it more difficult for attackers to launch Distributed Denial of Service (DDoS) attacks. The $1.9 million project titled “Ensuring Energy and Power Safety in Data Centers” was awarded through Broad Agency Announcement HSHQDC-14-R- B00017 will become part of the DHS S&T Cyber Security Division’s larger Distributed Denial of Service Defenses (DDoSD) program.
DDoS attacks are used to render key resources unavailable. A classic DDoS attack might disrupt an organization’s website and temporarily block a consumer’s ability to access the site. A more strategic attack makes a key resource inaccessible during a critical period. Prominent DDoS attacks have been conducted against financial institutions, news organizations, providers of internet security resources, and government agencies. Any organization that relies on network resources is considered a potential target, and the current environment offers many advantages to the attacker.
“Cyber threats are constantly changing,” said DHS Under Secretary for Science and Technology Dr. Reginald Brothers. “S&T is working to develop innovative solutions to help keep pace with these changes and defend against cyber threats like DDoS attacks.”
This University of Delaware project aims to address new types of malicious attacks that target data centers. New system attacks differ from conventional DDoS attacks in terms of their purpose, methodology, and effects. Instead of flooding the victim servers, their traffic behaviors will mimic those of normal users. However, data centers may incur more serious damage from these attacks than conventional DDoS attacks since they aim to create energy, power, and thermal emergencies. Systems will be better secured by using accumulated data analytics; these will allow operators to more accurately track irregularities, along with changes in energy consumption per client, server power consumption, and the relation to increases in server temperature. A better understanding of established baselines will lead to faster identification of unexpected system changes, and thereby speed up operator reaction time.
“Adversaries are always seeking new ways to exploit critical systems,” said Dr. Dan Massey, Cyber Security Division DDoSD Program Manager. “The University of Delaware approach aims to anticipate new vulnerabilities that arise from our increasing reliance on data centers and the cloud. If successful, these results will help reduce, or even eliminate, attacks before the attacks become widely used.”
With the success of launching this R&D project, S&T looks forward to securing the nation’s networks by anticipating and defending against DDoS attacks.
For more information, visit scitech.dhs.gov/cyber-research, or email SandT-Cyber-Liaison@hq.dhs.gov.