ISAC Home
About ISAC
ISAC Services
ISAC Solutions
ISAC News
ISAC Contact Information
Read more
 
CAREERS
 

 


HawkEye screenshot

In the last few years, Denial-of-Service (DoS) attacks have grown increasingly sophisiticated and dangerous. Current technology does not provide a network security administrators with an adequate toolset to address the growing threat of DoS attacks. Current tools cannot predict DoS attacks, trace back the source of an attack, warn administrators in the presence of heavy network failure, or automatically mitigate the effects of an attack at hand. Without these necessary capabilities, DoS attacks will continue to plague both the commercial sector and U.S. Critical Information Infrastructure.

To address the DoS problem, ISAC has developed a comprehensive DoS protection strategy that combines four main elements. First, DoS attacks must be predicted before they occur or as they are about to take place so that they can be mitigated before damage is critical. Second, DoS attacks must be detected in real-time to prevent attack spread and initiate warning even in the presence of complete network failure. Third, automatic detection and mitigation methods must be developed and deployed to address current DoS attacks. Finally, accurate and forensically sound evidence of the DoS attack must be maintained securely to prosecute network attackers and prevent subsequent similar network attacks. The HawkEye Network Appliance provides all of these important elements in an easy to install and maintain network appliance.

Innovative Technology Solutions
 ISAC has developed a Computational Fluid Dynamics (CFD) modelling and simulation module (CFD-DoS) that utilizes CFD-based algorithms and solvers to provide high-granularity, faster-than-real-time simulation capability. Using CFD-DoS, HawkEye is able to predict denial-of-service attacks before they happen, and before the damage is done. Advanced prediction allows administrators to plan and deploy appropriate DoS countermeasures to mitigate the attack - before it happens! CFD-DoS also provides anti-spoof traceback technology that identifies the true source of an attacking host (or multiple attacking hosts). Current detection products are only capable of reporting source IP Addresses which are easy for attackers to spoof and interject. By identifying the true source, accurate countermeasures can be applied at the source of the DoS attack, not the destination!


HawkEye Architecture

HawkEye also provides critical communication between HawkEye sensors and to a global situational awareness manager using ISAC's proprietary Out-of-Band Cyber Warning Software. By utilizing out-of-band channels, network awareness is maintained even during network failure. ISAC's Out-of-Band Cyber Warning Software allows network countermeasures to be deployed quickly and efficiently. It will enable network and security managers to stop a devastating attack before it spreads. It will also enable managers to bring a network back to operational status after a DoS attack.

ISAC POC: Mr. Andy Smith andy.smith(at)isac-usa(dot)com

KEY PERSONNEL
INDUSTRY NEWS
SECURITY ADVISORIES
DOD NEWS
 
 
Copyright © 2006 ISAC, Inc. All rights reserved. Photos courtesy of U.S. Army and Department of Defense