Follow Slashdot stories on Twitter


Forgot your password?
The Military Security

Military Spends $4.4M To Supersize Net Monitoring 76

coondoggie writes "Bigger, better, faster, more are the driving themes behind the advanced network monitoring technology BBN Technologies is building for the military. The high-tech firm got a $4.4 million contract today from the Defense Advanced Research Projects Agency (DARPA) to develop novel, scalable attack detection algorithms; a flexible and expandable architecture for implementing and deploying the algorithms; and an execution environment for traffic inspection and algorithm execution. The network monitoring system is being developed under DARPA's Scalable Network Monitoring program which seeks to bolt down network security in the face of cyber attacks that have grown more subtle and sophisticated."
This discussion has been archived. No new comments can be posted.

Military Spends $4.4M To Supersize Net Monitoring

Comments Filter:
  • That sounds like a lot, but it did come with fries.
    • It doesn't actually sound like all that much to me. Frankly, I'm surprised that they're not spending 10x as much already. Of course, maybe they are...

      • Re: (Score:3, Informative)

        by Rayeth ( 1335201 )
        Considering the requirements laid out in TFA, I am exceedingly dubious that they will come up with anything for this price tag. Also note this same company got $13 Million for a program to quickly translate documents for the military. I'm guessing that one will also go nowhere. Security and Translation are two notoriously difficult things to get right.
        • Well DARPA invented the internet (not to mention a large number of other achievements that are significantly more sophisticated). What are your qualifications, Mr. Smartguy, for forming an opinion on what can be done?

          • Not only that, guess who had the ARPANET contract? BBN. I dealt with them for years, and they are a very capable organization. Chances are they can deliver what they say.
    • by Chaymus ( 697182 )

      So much for ordering off the dollar menu.

    • In Soviet America, net surfs YOU!
    • by b4upoo ( 166390 )

      That's such a tiny budget that it in effect suggests that no real work is being done at all.
              These days building a new high school can eat up more than 16 million dollars. Net security and monitoring migh call for a multi billion dollar project.

    • Actually it sounds like far too little.

      The root of the problem is that the USA has been pissing everyone else off for the better part of a century. Were it not for that key fact, the military probably wouldn't be afraid of everyone everywhere, including their own citizens.

  • $4.4 million for a system to detect what one person getting paid nothing will circumvent within days/hours/minutes of implementation.
    • by RandoX ( 828285 ) on Tuesday August 12, 2008 @12:51PM (#24570661)

      All that money, down the tubes.

    • by Xacid ( 560407 )
      That's just a bit shortsighted don't you think? That's like saying the money poured into all the anti-malware software was a waste despite continually keeping many computers safer than without.
      • Re: (Score:1, Insightful)

        by iXiXi ( 659985 )
        No, not shortsighted, just realistic. The fact remains that enormous amounts of money is spent to thwart these attackers and most of them don't get paid $4.4 million to hack.
        • by RingDev ( 879105 )

          I didn't read the article, but it doesn't sound like they are getting paid to develop was of thwarting, only detecting, based on monitoring network traffic.

          Even if the attacker changes their vector and packages, the goal would appear to be to pick up on the trends of network traffic in assaults to better identify weak points, communications bottle necks, sources, etc...


        • by pha3r0 ( 1210530 )

          No, not shortsighted, just realistic. The fact remains that enormous amounts of money is spent to thwart these attackers and most of them don't get paid $4.4 million to hack.

          I had to comment here (also note i logged in to make this) while I have not much tech experience, I have a lot of life experience. And that experience has taught me that criminals will work for nearly free becasue of there own psychological problems.

          I used to steal cars, not smart of course, no I did not make much money, I just did it because it was fun... Now why do we hack class?

        • by bws111 ( 1216812 )
          Should we also apply this thinking to other fields as well? Don't spend money on medical research, some new unpaid virus will come along and make us sick anyway. Don't spend money trying to cure hunger, some unpaid natural disaster will come along and kill people anyway. Don't spend money on science, any questions answered just lead to more questions anyway.
          • by iXiXi ( 659985 )
            Unfortunately, you read into what I am saying here. I am not being critical of the project. I am merely stating a fact that it is a shame that there is so much money that is being spent to try to handle internet thugs.
      • Re: (Score:3, Insightful)

        Ummm... Honestly it is a waste. 98% of malware is written for one platform. Windows. Which, as everyone who knows anything about technology knows, Windows is one big security hole. The money spent on blocking individual viruses could be better used in stopping flaws that allow viruses access.
        • The money spent on blocking individual viruses could be better used in stopping flaws that allow viruses access.

          By 'stopping flaws' do you mean sending money to Microsoft, or just outright replacing Windows?

          Because only one of those two options is likely to work well.

        • by moxley ( 895517 )

          One reason for this is because windows is the dominant platform, especially for those who are not that technically literate; (and likely those who are own at least one machine running windows).

          Certianly I am not saying that OSX and linux (or any unix variant) don't present more of a challenge, but if their adoption was as widespread and in as many areas as windows there would likely be much, much more malware to contend with.

          All in all there is no perfect system. There will likely always be something to exp

        • by Jackmn ( 895532 )

          The money spent on blocking individual viruses could be better used in stopping flaws that allow viruses access.

          Users are willing to run software from untrusted sources and give it administrative access when prompted. In my limited experience, this is far and away the most common cause of infections. There is nothing that can be done to prevent this (in any operating system). This can be somewhat mitigated by providing a repository for trusted software (as implemented in most Linux distributions), but there

      • You raise a good point. This program is just one of many, some public, mostly private, that act as a sort of immune system for the internet. The various malware evolves and gets to exploit each and every weakness that gets found. Having another potentially 'evolving' element of the immune system sounds like a good idea to me. Defending a single point with a single system does not strike me a sensible way to run things.
      • Although monitoring is important, it seems like it might be more cost effective to release code that spreads and patches vulnerable/infected machines. If the number of those could be cut way down, maybe DDoS attacks wouldn't be such a threat.

        There's already malware that removes other malware to increase the available resources. If malware can do that, why not something friendly doing it?

        While antivirus products do help people, I can see why some would question their value.
        If a home or auto security produ

  • by cohomology ( 111648 ) on Tuesday August 12, 2008 @12:51PM (#24570659)

    to cater the meetings to discuss the project.

    • It's likely they missed a few zeros [].
    • by fyoder ( 857358 ) *

      to cater the meetings to discuss the project.

      There might be enough left over for a few print outs of the ping man page or something else networky.

    • $4.4 million is almost enough to cater the meetings to discuss the project.

      No kidding. Factor in another $4 mil for hookers and blow, and then we can worry about actual money going to curb our civil liberties.
  • $.4.4 million? (Score:1, Offtopic)

    by wezzul ( 813900 )
    $.4.4 million? So is that like $440k? $400,000.40?
    • As posted by CmdrTaco:
      $.4.4 million

      That's not off topic. The post as it reads right now is "$.4.4 million". Sure, we can assume it is 4.4 million because it seems like an nonsensical number otherwise, but this is very unclear and should be corrected.

  • to develop novel, scalable attack detection algorithms

    'novel' just doesn't carry the same meaning anymore. USPTO is a prime example.

    • You are so very right. Several of the higher-ranked scientific journals don't accept articles that contain claims of novelty. I think phys rev lett is an example. Because that's just not the way science works, it is based upon an incremental increase of understanding.

      As for the rest, 4.4 million is about enough to have a team of about 10 low paid scientists work for 3 years (not just the salary, at least half goes to administrative overhead anyway). Good for them, of course, but hardly a major project.

  • If there's one thing the government hasn't learned yet it is paying money to some company about something they don't understand is generally a bad idea.

    It's all fun and games until some kid from Finland renders your new-bought toy obsolete.
  • The article doesn't say, but it seems logical that they would want the US military network to be able to handle both an attack like the one launched earlier this year against Georgia's internet infrastructure (likely by Russia) and the almost-certainly Russian-based one during actual armed conflict this week.

    DoD has a budget of about $439.3 billion and DARPA gets $3.2 billion of that (according to Wikipedia). $4.4 million doesn't sound like that much out of that kind of budget, but I'd be interested in what

    • I am sure it just had to do with buying a bunch more of brand new routers, that weren't
      coming with pre-installed malwares from the chinese. They would have to replace all the router intfrastructure and that is probably what is costing this money. My 2 cents

  • Ok people, is it time yet? We need to encrypt ALL traffic.

    • I don't need to encrypt crap. You just need to stop accepting non-encrypted traffic. Then you will be safe.
      • Re: (Score:3, Interesting)

        by nurb432 ( 527695 )

        There goes 90% of the internet today then.

        Even 'knowledgeable' sites like /. haven't stepped up to the plate yet.

        At least my side of the email traffic is, but pretty sure the other side isn't, since people still don't understand.

        • Re: (Score:1, Funny)

          by Anonymous Coward
          Oh yeah, because slashdot definitely requires the best encryption available today, as we share very precious information like funny comments.
          • by nurb432 ( 527695 )

            The content isn't the point. Doesn't matter what the content is, its not the governments business unless you are under a court blessed surveillance order.

    • Maybe DARPA should sponsor The Pirate Bay's efforts [] to encrypt internet traffic instead. Different goals, but same means. Wouldn't that be ironic?
    • My data is always encrypted. Even this message appearing to inform users that I always encrypt my data, is actually the result of a one time pad code sending a message to my minions to do the bidding proscribed for today.
  • by tucuxi ( 1146347 ) on Tuesday August 12, 2008 @02:13PM (#24571825)

    That is lots of fundamental research we are talking about. I am no expert in network monitoring, but 4.4M to solve the following problems seems like peanuts:

    Probability of detection of malicious traffic greater than 99% per attack launched

    While some types of traffic are obviously not ham (say, spoofed IPs or syn scans), assigning intent to raw data flows requires nothing less than strong AI. Think of spam - anybody can fool a spam filter, no matter what filter, given enough time and motivation. You can also fool the human reading the mail, for that matter...

    A false alarm rate while monitoring traffic of not more than one false alarm per day.

    This makes a whitelist approach a lot harder. My guess is that any decent system will flag many, many things, and prioritize some over others. That way it is up to the network operator to dig deeper or not into each individual incident, using the program's classification as a starting point. I have no idea why email programs don't allow you to rank messages on "perceived spamminess" - it would make digging for false positives and negatives a lot easier...

    Support capabilities at conventional gateway line speeds of 1Gbps in Phase I of the contract, while Phase II will demonstrate the scalability of this capability at gateway line speeds of 100Gbps.

    This part, together with the "very high scalability" requirement, is the icing on the cake. It is impossible to detect complex threats in real-time, so the best bet would be to layer defenses. Very fast reflexes for certain behavior (say, DDOS), longer mulling times for patterns that are more deeply hidden (say, a covert channel somewhere).

    In any case, 4.4M is peanuts to meet these goals at full strength. The most probable outcome is some fundamental research, partial successes, and another grant in a few years (possibly to a different team) to try to get further along the track.

    • by Yvanhoe ( 564877 )

      Probability of detection of malicious traffic greater than 99% per attack launched

      While some types of traffic are obviously not ham (say, spoofed IPs or syn scans), assigning intent to raw data flows requires nothing less than strong AI.

      I would like to add that the remaining 1% happens to be the preferred vector of Chinese attacks. Many Human Rights NGO received apparently totally legit emails about current events with an infected .doc or a .pdf (itself containing perfectly interesting information)

    • There was this funky "stupid filter" thing. Can it be used as a spam filter? Bots may be a lot of things, but they ain't smart. And the ones who get down to create 'non-stupid' templates might as well send spam manualy. Just my $0.02.
  • Ever work on a big project? One that was over due by a significant amount? Yeah, easily $4M.

    That amount is like the military paying someone to think about it and give them a paper on it. I've been on civilian-side government projects that were well beyond $4M. Sounds like someone got a "sure, toss some cash at it and see what happens" approval, but not an official "this is a priority, make it so" approval.

    Now, $40M is where we start to see some serious thinking about the issue. Yeah, it's an arbitrary a

  • Can we name it Skynet?
  • I think the military really understands how big a threat cyber attacks are/will be. Thank Jebus.

God made the integers; all else is the work of Man. -- Kronecker