-
Notifications
You must be signed in to change notification settings - Fork 22
MoU Phase 1
Number: 2014-09-023
The parties:
- Stichting NLnet, domiciled in Science Park 400, 1098 XH Amsterdam, The Netherlands, referred to as "NLnet" in this document, represented by Marc Gauw,
and
- Radically Open Security, domiciled in Zieseniskade 21, 1017 RT Amsterdam, referred to as "ROS" in this document,
given that:
-
NLnet has the statutory mission to promote access to information technology for a global population
-
Distributed Denial of Service (or DDoS) attacks are increasingly common on the internet, which poses a significant risk of disturbance to endpoints on the entire internet
-
ROS together with NBIP, the operators of NaWas, have designed an architectural blueprint for an application to detect DDoS attacks
-
ROS has expressed the ambition to build an Open Source Anti-DDoS Solution that will both enable organisations to defend themselves against DDoS (in an affordable fashion), as well as give academic researchers access to a high-speed (10G) SW defined network tap they can perform research on, thus hopefully advancing the state of the art in DDoS detection and mitigation.
-
Being an open source solution, after its initial creation OSAS can be customised at will by anyone and deployed at any scale anywhere at marginal cost. - NLnet and Radically Open Security agree the development of an Open Source Anti-DDoS Solution would be an important contribution to the privacy, security and resilience of the internet.
agree to the following:
-
ROS has written the proposal "Open Source Anti-DDoS Solution" which is attached to this document as Appendix 1.
-
ROS is understood to be responsible for all aspects of the project including coordinating the project and allocating funds - in line with the terms of this MoU. Appendix 1 forms an integral part of this Memorandum of Understanding. If and where statements in these Appendix or other appendices are in contradiction with one or more statements in the main memorandum text, the statement or statements in the main memorandum text will prevail.
-
ROS commits to publicly reporting its progress on at least a monthly basis (more often is encouraged) and to maintain a public status page for the project. When technical, legal or personal circumstances require so, ROS may alternatively send non-public updates about the status of the project to NLnet.
-
Overall project management shall be directed by Melanie Rieback, acting as project manager.
-
NLnet commits to make a reservation for the amount of 15.000 EUR to ROS in order to support the "Open Source Anti-DDoS Solution" project. Donations will be final when the specified milestones or partial deliveries have been completed. The payment will be made by wire transfer into the bank account of ROS to be designated by Melanie Rieback.
-
The source code of the various parts of the Project will be made publicly available under the GPLv2.
-
NLnet and ROS may issue one or more individual or joint public statements announcing the project and NLnet's financial support. ROS is also encouraged to visibly and vocally acknowledge NLnet's contribution where possible - e.g. through its website, promotional materials, in presentations and in source code.
-
Funding to any particular group or person will be on the understanding that they coordinate their activities in agreement with ROS, in the spirit of cooperation, and in an effort to achieve the successful release of the results of the "Open Source Anti-DDoS Solution" Project.
-
This Memorandum of Understanding cannot be seen as any kind of employment agreement. All donation payments are made as a grant payments to ROS. ROS is responsible for paying any and all taxes with regard to this grant.
A Distributed Denial-of-Service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of one or more target systems, oftentimes web servers. There are an increasingly frequent threat to the service providers and enterprises. The largest DDoS attacks are beyond the capabilities of most to defend against, due to the extremely high capital costs of attack mitigation services and/or infrastructure, as well as the relative lack of expertise in the problem domain.
The goal of this project is to build an Open Source Anti-DDoS Solution which will detect and mitigate such attacks. Radically Open Security BV and NBIP/NaWas wish to cooperate on this project as both have the necessary background and capabilities to build such a solution.
These costs are estimated using a rate of 60 euro/hour, including the project management overhead.
We will start by getting the basic infrastructure in place and develop a working real-time netflow collector, with debug output. At this point most of our effort with be directed towards design, since it's important to get the architecture right so it can support all the planned modules and their interactions.
- document the overall architecture, €1500
- develop the core platform, €1500
- project setup and packaging, €1000
- a working netflow collector, €3000
7 000 EUR
For phase two we will add the web-UI, for basic reporting of the raw data, browsing historical data and controlling the collection.
- a historic repository for netflow data, €1000
- GUI control engine, €1500
- basic reporting via the web-ui €1500
4 000 EUR
The final phase in this proposal is about where we use the tools from phase 2 to discover signatures of various varieties of DDOS attacks. Results from the flow-detection engine and these signatures will power the smart evaluation engine, which can combine events from multiple sources to detect attacks and generate alarms.
- a basic flow detection engine, €1000
- a basic evaluation engine, €1500
- email alarms module, €500
- discover DDOS signatures, €1000
4 000 EUR