
A DDoS attack often comprises hundreds or thousands of computers working in concert to bring a site down by flooding the bandwidth or resources of the site’s servers.
The Diadem Firewall, created by boffins at the University of Tuebingen in Germany, uses both hardware and software at the edge of a provider's network rather than inside it.
Using intrusion prevention and data filtering technologies it detects any unusual behaviour before choosing a preset course of action based on policies.
For instance, when rogue activity is detected the firewall can cut off any computers that suddenly start to consume a massive amount of bandwidth.
The creators of Diadem say that it could be especially useful to ISPs that share resources with other ISPs.
The project began in 2004 with funding from the EU’s Information Society Technologies, and companies supporting the research include IBM, Imperial College London, France Telecom and Polish Telecom.