Fault Tolerant Network
The Fault Tolerant Networks (FTN) program was developed to produce technologies to provide continuous and correct network operation even when attacks are successful. These technologies would allow reduction in the amount of damage sustained during an attack, allowing networks to maintain an acceptable, minimum level of functionality. Technologies for strengthening networks were developed by introducing fault tolerance capabilities against possible attacks at the network level, emphasizing integrity and availability; and technologies for mitigating potential vulnerabilities associated with denial of service attacks. The most promising technologies were tested in operationally relevant experiments with U.S. warfighters in DARPA's Partners in Experimentation program, which was also budgeted in this project.
Program Accomplishments:
- Developed epidemic protocols for reliably communicating between peers in ad-hoc networks and adaptive multi-path forwarding protocols for tolerating and adapting to faults in wide-area networks. Explored the relationship between these approaches and developed a unified model for multi-path communication.
- Demonstrated attack profiling and filtering algorithms that discard a high percentage of DDoS traffic and a low percentage of non-DDoS traffic.
Program Plans:
- Extend an overlay network prototype to integrate boundary security, enforcing overlay separation and preventing leakage of traffic onto the base network.
- Demonstrate statistical measures that are both efficient and effective at detecting traffic that contributes to a Distributed Denial of Service (DDoS) attack that originates multiple network "hops" back from the attack target.
- Implement and evaluated distributed queuing in prototype router hardware while continuing fundamental studies of distributed queuing algorithms, with a focus on algorithms that support reservation-oriented traffic.
- Develop tools for measuring and communicating the structure of network topologies in both wide-area and mobile environments and for measuring underlying latencies, service times, and characteristics that constrain the best possible network availability solutions.
