SBIR-STTR Award

Border Gateway Protocol Distributed Denial of Service Attack Alert Extension (DDoS-AE)
Award last edited on: 7/22/2015

Sponsored Program
SBIR
Awarding Agency
DHS
Total Award Amount
$99,939
Award Phase
1
Solicitation Topic Code
H-SB015.1-003
Principal Investigator
Harley S Green

Company Information

Blue Ridge Envisioneering Inc

5180 Parkstone Drive Unit 200
Gainesville, VA 20155
   (571) 379-7503
   info@br-envision.com
   www.br-envision.com
Location: Single
Congr. District: 10
County: Prince Willim

Phase I

Contract Number: ----------
Start Date: ----    Completed: ----
Phase I year
2015
Phase I Amount
$99,939
Our approach will be to design and develop a BGP extension called the DDoS Alert Extension (DDoS-AE) and a web-based central service (CS) that will leverage existing infrastructure and established protocols to enable real-time distribution of DDoS alert messages. A prototype unit running the DDoS-AE will be designed using innovative new hardware such as FPGAs and GPUs to aid in the detection and mitigation of DDoS attacks. The proposed alert messages will contain message classification information that can be used by routers to implement targeted filters to block and/or throttle DDoS traffic. The proposed system will provide routers and network operators with standard interfaces for generating DDoS alerts, allowing multiple sources and ever evolving techniques to facilitate DDoS traffic classification and identification. Additionally, this work will investigate techniques utilizing information already present in BGP to supplement the DDoS packet classifiers to aid in DDoS alert generation. Unlike other DDoS mitigation techniques, this proposed effort does not require network operators to replace existing network equipment; it also has the unique advantage of leveraging existing BGP peer knowledge and relationships. The CS allows DDoS-AE nodes that may not have BGP peers using the extension, to reap the benefits of the alert network, as well as providing a commercialization opportunity to allow human operators. CS will also provide network operators a robust interface for monitoring, reporting, and responding to attacks, greatly increasing the immediate effectiveness of the extension without requiring wide-spread adoption.

Phase II

Contract Number: ----------
Start Date: ----    Completed: ----
Phase II year
----
Phase II Amount
----