Columbia Technology Ventures

Multipath network for preventing sophisticated Denial-of-Service cyber attacks

Servers that use the internet for communications and connectivity are fundamentally vulnerable to cyber attacks. Denial-of-service attacks (DoS) prevent access to resources by overwhelming a network with traffic, and are one way that webpages and other connected resources can be targeted. Indirection-based overlay networks (IONs) prevent some DoS attacks by routing transmitted information through multiple nodes, but these can be circumvented by cyber attackers with detailed or real-time understanding of the network. This technology consists of software and devices for preventing both targeting and sweeping DoS cyber attacks using a multipath network. It can be used to efficiently protect internet-connected networks and their stored information from sophisticated DoS cyber attacks.

Randomized network architecture can prevent both targeted and sweeping DOS cyber attacks

This technology is a next-generation method that uses a modified ION pathway to protect against DoS attacks. The network architecture utilized by this technology takes into account cyber attackers that may have knowledge of the layout of the ION. It can be used to prevent targeted DoS attacks on a particular node by spreading information packets across multiple nodes in a randomized fashion, so that they cannot be traced by the attacker. It can also be used to prevent sweeping DoS attacks by passing information between nodes as stateless tokens generated using a pseudorandom number.

This technology has been shown to prevent a DoS attack by up to 1.3 million zombie hosts while maintaining end-to-end connectivity, even when up to 40% of the overlay nodes were inoperable.

Lead Inventor:

Angelos Keromytis, Ph.D.

Applications:

  • Prevention of targeted and sweeping Denial-of-Service attacks on internet-connected networks
  • Protection of information transmitted by internet-connected networks

Advantages:

  • Can withstand attacks from 1.3M zombie hosts
  • Functions even when up to 40% of the overlay nodes are rendered inoperable
  • Networks experience less than 15% performance degradation under large-scale attacks
  • Latency is decreased in many cases
  • Provides a mechanism to prevent against a new class of threats that are introduced due to the use of overlays
  • Efficiently inhibits attack within a multipath network
  • Prevents attacker from spying on information transmitted from a client to server

Patent Information:

Patent Issued

Tech Ventures Reference: IR M06-015

Related Publications: