{"id":6414,"date":"2018-01-12T00:31:26","date_gmt":"2018-01-11T16:31:26","guid":{"rendered":"https:\/\/www.curtin.edu.au\/news\/new-shield-ddos-cyber-attacks\/"},"modified":"2022-12-07T13:08:16","modified_gmt":"2022-12-07T05:08:16","slug":"new-shield-ddos-cyber-attacks","status":"publish","type":"post","link":"https:\/\/www.curtin.edu.au\/news\/new-shield-ddos-cyber-attacks\/","title":{"rendered":"New shield against DDoS cyber attacks"},"content":{"rendered":"<p>Curtin researchers have developed a security software shield that can prevent distributed denial of service (DDoS) attacks, such as the 2016 Australian census website crash and the 2016 October shutdown of major US websites.<\/p>\n<p>The software, dubbed the Probability Engine for Identifying Malicious Activity (PEIMA), is able to reduce DDoS attacks \u2013 where hackers swamp a computer system with artificially generated traffic to crash a server \u2013 by 90 to 96 per cent, rendering them effectively harmless.<\/p>\n<p>The team behind the idea, comprising <a href=\"https:\/\/staffportal.curtin.edu.au\/staff\/profile\/view\/M.Lazarescu\">Associate Professor Mihai Lazarescu<\/a>, <a href=\"https:\/\/staffportal.curtin.edu.au\/staff\/profile\/view\/Ducson.Pham\">Dr Sonny Pham<\/a>, <a href=\"https:\/\/staffportal.curtin.edu.au\/staff\/profile\/view\/Stefan.Prandl\">PhD candidate Stefan Prandl<\/a> and <a href=\"https:\/\/staffportal.curtin.edu.au\/staff\/profile\/view\/S.Soh\">Dr Sie Teng Soh<\/a> in collaboration with <a href=\"https:\/\/en.wikipedia.org\/wiki\/Subhash_Kak\">Professor Subhash Kak<\/a> from Oklahoma State University, is confident the software could prevent these attacks, which reportedly cost targeted organisations an average of US$2.5 million per incident*<sup>\u00a0<\/sup>and can be crippling for small to medium-sized businesses.<\/p>\n<p><iframe loading=\"lazy\" title=\"Stopping online Denial of Service attackers in their tracks\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/zIceLbbg4_U?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p>\u201cWe have validated the software using data provided by <a href=\"https:\/\/cits.curtin.edu.au\/\">Curtin IT Services<\/a> and we know it works,\u201d Lazarescu says excitedly.<\/p>\n<p>\u201cWhat\u2019s interesting is that the industry had given up on trying to fix this problem and now we have the solution.\u201d<\/p>\n<p>Recent years have seen large scale DDoS attacks, the most well-known of which occurred in 2016 against the <a href=\"http:\/\/www.abc.net.au\/news\/2017-03-08\/census-chiefs-unprepared-for-website-crash-foi-documents-show\/8333970\">Australian census website<\/a>, which left reportedly millions of Australians unable to submit their census forms online on its opening day, and <a href=\"https:\/\/www.businessinsider.com.au\/amazon-spotify-twitter-github-and-etsy-down-in-apparent-dns-attack-2016-10?r=US&amp;IR=T\">Domain Name System provider Dyn<\/a>, which led to many US-based users being unable to access popular websites including Airbnb, Amazon.com, Netflix, Reddit, Spotify and Twitter.<\/p>\n<h3>How does it work?<\/h3>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-44839\" src=\"https:\/\/www.curtin.edu.au\/news\/wp-content\/uploads\/2018\/01\/Graph.jpg\" alt=\"An analysis of DDoS traffic generated in an experiment. \" \/><\/p>\n<p style=\"font-size: 15px;font-style: italic\">An analysis of DDoS traffic generated in an experiment.<\/p>\n<p>The software incorporates powerful statistical techniques called \u2018power law probability distributions\u2019 to filter out the \u2018bad\u2019, artificially generated internet traffic from the \u2018good\u2019 human generated traffic.<\/p>\n<p>In a power law, the digits or categories from a naturally generated process follow universal rules on their probabilities, so when there are changes to how these digits or categories appear it likely indicates that there is an abnormality.<\/p>\n<p>This is useful in a DDoS attack because the fact that the attack is flooding the server with large amounts of artificial users sets it apart from the \u2018naturalness\u2019 of the network.<\/p>\n<p>\u201cPower laws can detect values that are considered to be anonymous,\u201d explains Pham.<\/p>\n<p>\u201cIt doesn\u2019t matter what activity a user is undertaking: we know that a real person behaves differently to a computer program and that they leave a different signature.<\/p>\n<p>\u201cPower laws are very hard to beat. The only way to do it is to sacrifice the bandwidth that has been used to create the DDoS attack or to slow down the artificial traffic to the point where it looks normal, but that means it can\u2019t attack the server.\u201d<\/p>\n<h3>Get in touch<\/h3>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-42321\" src=\"https:\/\/www.curtin.edu.au\/news\/wp-content\/uploads\/2017\/09\/feature.jpg\" alt=\"Winners of the 2017 Curtinnovation Awards grouped together in a dark room with computers.\" \/><\/p>\n<p style=\"font-size: 15px;font-style: italic\">The PEIMA team. Dr Sonny Pham (back left), Dr Sie Teng Soh (back right), Associate Professor Mihai Lazarescu (front left) and Mr Stefan Prandl (front right). Lazarescu and Pham previously collaborated on the winning idea at the Curtin Commercial Innovation Awards: the <a href=\"https:\/\/news.curtin.edu.au\/stories\/smarter-science-safer-campus\/\">iCetana surveillance system<\/a>.<\/p>\n<p>The team\u2019s win at the 2017 <a href=\"https:\/\/news.curtin.edu.au\/stories\/curtin-innovation-awards-2017\/\">Curtinnovation Awards<\/a> as well as presentations they have given at information security event Black Hat USA 2017 and hacker convention DEF CON 25 in Las Vegas has led to significant interest in the PEIMA software from parties across varying industries.<\/p>\n<p>\u201cOur main goal is to commercialise this software as soon as possible because there&#8217;s a clear need for it. Let\u2019s try this out in a real situation,\u201d says Lazarescu.<\/p>\n<p>\u201cFor example, if you work for a financial institution and you\u2019re being blackmailed, let\u2019s deploy this software. If hackers try to launch a DDoS attack, we can stop it for you.<\/p>\n<p>\u201cWe\u2019re going to put a lot of malicious people out of work.\u201d<\/p>\n<p>For more information, contact Curtin\u2019s <a href=\"http:\/\/research.curtin.edu.au\/about\/contact\/\">Office of Research and Development<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<p>*Neustar, 2017<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Curtin researchers have built a security software that can prevent distributed denial of service attacks, such as the 2016 Australian census website crash and the 2016 shutdown of US websites.<\/p>\n","protected":false},"author":4275,"featured_media":6415,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","wds_primary_category":0,"wds_primary_research-areas":0,"footnotes":""},"categories":[3],"tags":[],"research-areas":[],"class_list":["post-6414","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-campus-and-global-community"],"acf":{"post_options":{"":null,"additional_content":{"title":"","content":"","image":false},"related_courses":false,"credits":{"author":"","photographer":"","media":false},"display_author":true,"banner":{"image":false}}},"featured_image":"https:\/\/www.curtin.edu.au\/news\/wp-content\/uploads\/2022\/07\/This-site-cant-be-reached-census-website-WP.jpg","author_meta":{"first_name":"Curtin","last_name":"University","display_name":"Curtin University"},"publishpress_future_action":{"enabled":false,"date":"2026-04-17 05:29:02","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/posts\/6414","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/users\/4275"}],"replies":[{"embeddable":true,"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/comments?post=6414"}],"version-history":[{"count":0,"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/posts\/6414\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/media\/6415"}],"wp:attachment":[{"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/media?parent=6414"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/categories?post=6414"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/tags?post=6414"},{"taxonomy":"research-areas","embeddable":true,"href":"https:\/\/www.curtin.edu.au\/news\/wp-json\/wp\/v2\/research-areas?post=6414"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}