Amazon Web Services (AWS) has unveiled a new large-scale security system designed to keep its cloud services secure.
The Mithra system uses an internal neural network graph model with 3.5 billion nodes and 48 billion edges to spot and rank the trustworthiness of domains and identify potential threats.
Considering a single AWS region can see up to 200 trillion DNS requests in one day, the size of this monster security system is no surprise, and it can detect 182,000 new malicious domains per day.
Monster Mithra
Once Mithra identifies a domain queried within AWS, it will assign it a trustworthiness score, removing the need to rely on third parties. Not only does this remove potential supply chain threats, it also helps AWS maintain a high-quality list of malicious domains to observe, and therefore observe cybercriminal behavior.
The massive neural network graph (which AWS says could be one of the largest in existence) detects malicious domains with a high level of accuracy, and can even predict malicious domains days, weeks and months before they appear on the threat feeds of third party security providers.
Mithra can therefore provide a constantly updated list of malicious domain names for security providers to monitor and block. The list can also be supplied to third party threat feeds in order to reduce false positives, and Mithra’s detection of millions of security events per day can be used by AWS security analysts for investigations and additional context.
The notifications provided by Mithra to organizations of a potential cyber attack from a malicious domain include recommendations on response, such as checking security logs for activity from specific domains and blocking them, and moving infrastructure behind a firewall.
“We are encouraged by how our efforts to share our threat intelligence have helped customers and other organizations be more secure, and we are committed to finding even more ways to help,” Amazon Chief Information Security Officer CJ Moses said in a blog post announcing the launch.