The project’s goal is to provide a constant and reliable view of Distributed Denial of Service (DDoS) and malicious activities and disseminate the information within networks of Computer Security Incident Response Teams (CSIRTs) by building a large-scale distributed DDoS sensor network (D4 platform) and relying on existing information sharing platforms for dissemination. Specifically, the platform will collect DDoS information from multiple types of Internet-based networks including CSIRTs within and outside the CSIRT network established by the Directive on security of network and information systems (EU 2016/1148), analyse it, and disseminate it real-time to CSIRTs platforms including through the Cyber security Core Service Platform (CSP) co-operation mechanism (“MeliCERTes”) and existing and new MISP threat sharing communities. Measurements and datasets collected within D4 platform will be disseminated at large within D4 members and outside, including open data feeds.

Practical overview

Building a large-scale network sensor can be a tedious task, the aim of the D4 Project is to make the creation and maintenance of such network simple and efficient. To reach the goal, the D4 project develops open source components required to operate such network sensor and monitor malicious activities through a sensor network deployed on a voluntary basis.

D4 project’s legal aspects in the context of GDPR are analyzed in the following report.



Postal address

  D4 Project
  CIRCL - Computer Incident Response Center Luxembourg
  c/o "Luxembourg House of Cybersecurity" g.i.e.
  122, rue Adolphe Fischer
  L-1521 Luxembourg
  Grand-Duchy of Luxembourg


(+352) 247 88444