Gary Milo, founder and managing director of Webscreen Technology, was working as a computer security consultant when he first heard about the denial of service (DoS) attack on Yahoo in February 2000.
It occurred to him that ecommerce companies needed a filtering mechanism that could sort ‘good’ traffic from ‘bad’ traffic before it reached web servers.
DoS attacks involve a hacker remotely commandeering a number of personal computers and servers across the world and directing them to flood their target with fake requests for data. This overwhelms the target and prevents bona fide users from accessing the site.
Two years after the Yahoo attack and Webscreen is now ready with its first web traffic filtering product, called Charm.
“Every time a user contacts the web site, it keeps track of what they do, builds up a profile of them and gives them a ‘Charm value’,” says Milo. If the Charm value is less than the ‘Charm threshold’, which is determined by the owner of the web site, the system simply filters out traffic from that user. Even if an attack comes straight away from a user, the system can decide whether to ignore the traffic in as little as five seconds, claims Milo.
The beta system is currently being tested by two high-profile US banks and further products are planned for Internet service providers (ISPs) to filter both incoming traffic from customers, as well as between each other.
Webscreen’s technology is capable of handling up to two million users at a time and only slows traffic “as much as a router would” says Milo. The company is also looking at developing vertical applications for mobile phone systems and video streaming technology.
The current funding – just $1.4 million (€1.6m) from Saffron Hill Ventures in the UK and East River Ventures in the US – will keep the company going until the middle of the year, when it will seek a second round of funding.
But although Milo says that major network hardware vendors do not have competing products, he still has to demonstrate that Webscreen’s technology will work in practice. There is also a risk for Webscreen that network hardware vendors such as Cisco and Intel will build in such capabilities to their core products.