Numerous DDoS defense technologies are now under development by researchers and product vendors. A critical problem is that these technologies, however promising, cannot be validated unless they can be shown to be effective in an environment representative of the equipment, topology, and bandwidth that exists at large ISPs and peering points. Operational settings having these characteristics typically cannot allow the degree of experimentation needed for technology evaluation.

NAI Labs, the research division of Network Associates, Inc., under contract to the Defense Advanced Research Projects Agency (DARPA), is formulating a set of equipment, connectivity, and data requirements for experimentation and evaluation of new DDoS defense technologies. Meeting these requirements would allow researchers, vendors, service providers, and potential customers to verify that emerging DDoS defense technologies are suitable for large-scale operational deployment. If these requirements can be articulated and supported by industry, U.S. government sponsorship may ultimately be sought to implement them. DARPA, through its contract to NAI Labs, is seeking input from the NANOG community so that a future facility based on these requirements can promote the development of new technology capable of defending against the broadest spectrum of future DDoS attacks.

This presentation will introduce the project and describe the research work results to date. It is intended to be an introduction to the project and will be followed by a Monday evening BOF, in which feedback and comments from the NANOG community will be sought.

About the Presenter
Wes Hardaker is a Research Scientist with NAI Labs, the research division of Network Associates. His current research is focused on policy management of high-speed IPsec devices and on designing a test network suitable for evaluating DDoS defense products and research work. Priror to join NAI Labs, he worked at U.C. Davis developing its security infrastructure. Additionally, he is the lead developer of the popular net-snmp open source network management toolkit.