Startups aim to prevent DoS attacks

With more than $100m in venture funding, four startups aim to combat denial of service (DoS) network attacks, which by some estimates total more than 4000 a week.

Arbor Networks, Asta Networks, Lancope Technologies and Mazu Networks are attempting to automate the response to DoS attacks which still require the co-operation of the major internet service providers (ISPs) as most DoS attacks cannot be traced.

John Pescatore, an analyst at Gartner, said: "We're seeing venture capital going towards DoS protection because the uptime of internet connections has become more important to businesses." He added that high visibility DoS attacks over the past 18 months have focused minds on tackling the problem.

"The economic slowdown is causing businesses to worry less about rolling out new ebusiness systems and more about the availability, reliability and performance of their existing systems. DoS attacks are just another form of outage," he said.

Pescatore refers to the four companies as "duelling university startups" which use algorithmic work to develop products. Asta and Lancope have added experienced management to the mix, he added.

Arbor's security technology allows ISPs to monitor their networks for DoS attacks without interrupting the network's flow. Cisco Systems, an Arbor backer, has a vested interest in ensuring its routers do not bring down internet traffic.

Asta's product is Vantage System, a distributed network of hardware sensors capable of detecting and responding to all known flood-based distributed DoS (DDoS) attacks and previously unknown ones.

Mazu, which plans to release its DoS solution next week, is also targeting DDoS attacks. The company has said that its intelligent software looks for network congestion patterns typical of a DDoS attack and provides a series of escalating response options that filter malicious packets while enabling legitimate traffic to flow.

Lancope is marketing its StealthWatch product, a flow-based network intrusion detection system, which provides advanced attack recognition. The system complements traditional intrusion detection systems by detecting undocumented, encrypted and Trojan horse attacks, the company said.

According to Lancope, its system will monitor for back door Trojans but does not claim to prevent DDoS attacks.