The project’s goal is to provide a constant and reliable view of Distributed Denial of Service (DDoS) and malicious activities and disseminate the information within networks of Computer Security Incident Response Teams (CSIRTs) by building a large-scale distributed DDoS sensor network (D4 platform) and relying on existing information sharing platforms for dissemination. Specifically, the platform will collect DDoS information from multiple types of Internet-based networks including CSIRTs within and outside the CSIRT network established by the Directive on security of network and information systems (EU 2016/1148), analyse it, and disseminate it real-time to CSIRTs platforms including through the Cyber security Core Service Platform (CSP) co-operation mechanism (“MeliCERTes”) and existing and new MISP threat sharing communities. Measurements and datasets collected within D4 platform will be disseminated at large within D4 members and outside, including open data feeds.
Building a large-scale network sensor can be a tedious task, the aim of the D4 Project is to make the creation and maintenance of such network simple and efficient. To reach the goal, the D4 project will develop open source components required to operate such network sensor and will live test the infrastructure with an DDoS and malicious activities sensor network deployed on a voluntary basis.