AWS Unveils Monster Security System to Protect Itself from Threats
Amazon Web Services (AWS) has unveiled a new large-scale security system designed to keep its cloud services safe.
The Mithra system uses an internal neural network graph model with 3.5 billion nodes and 48 billion edges to determine and rank the trustworthiness of domains and identify potential threats.
Considering that a single AWS region can process up to 200 trillion DNS requests per day, the size of this massive security system is no surprise. It can detect 182,000 new malicious domains per day.
MonsterMithra
Once Mithra identifies a domain being queried within AWS, it assigns a trust score, eliminating the need to rely on third parties. Not only does this remove potential threats to the supply chain, it also helps AWS maintain a high-quality list of malicious domains to observe, and thus observe cybercriminal behavior.
The massive neural network graph (which AWS claims could be one of the largest in the world) detects malicious domains with a high degree of accuracy, and can even predict malicious domains days, weeks, and months before they appear in third-party security providers’ threat feeds.
Mithra can therefore provide a constantly updated list of malicious domain names for security providers to monitor and block. The list can also be supplied to third-party threat feeds to reduce false positives, and Mithra’s detection of millions of security events per day can be used by AWS security analysts for investigations and additional context.
The notifications that Mithra sends to organizations about a possible cyber attack from a malicious domain contain recommendations on how to respond. For example, you can check security logs for activity from specific domains and block them. You can also place the infrastructure behind a firewall.
“We’re pleased with how our efforts to share our threat intelligence have helped customers and other organizations stay safer, and we’re committed to finding even more ways to help,” said CJ Moses, Amazon’s chief information security officer, in a blog post announcing the launch.