Amazon Web Services (AWS) has introduced a new large-scale security system designed to keep its cloud services safe.
The Mithra system uses an internal neural network graph model with 3.5 billion nodes and 48 billion edges to detect and classify the trustworthiness of domains and identify potential threats.
Considering that a single AWS region can receive up to 200 trillion DNS requests in a day, the size of this monstrous security system is no surprise, as it can detect 182,000 new malicious domains per day.
Monster Mitra
Once Mithra identifies a queried domain on AWS, it assigns a trust score to it, eliminating the need to rely on third parties. Not only does this eliminate potential supply chain threats, but it also helps AWS maintain a high-quality list of malicious domains to watch and, therefore, monitor cybercriminal behavior.
The massive neural network graph (which AWS says could be one of the largest in existence) detects malicious domains with a high level of accuracy and can even predict malicious domains days, weeks, and months before they appear in third-party security vendors’ threat feeds.
Mithra can therefore provide a constantly updated list of malicious domain names for security vendors to monitor and block. The list can also be provided to third-party threat feeds to reduce false positives, and Mithra’s detection of millions of security events per day can be used by AWS security analysts for investigations and additional context.
Notifications provided by Mithra to organizations about a potential cyberattack from a malicious domain include recommendations on response, such as checking security logs for activity from specific domains and blocking them, and moving infrastructure behind a firewall.
“We're encouraged by how our efforts to share our threat intelligence have helped customers and other organizations stay safer, and we're committed to finding even more ways to help,” Amazon Chief Information Security Officer CJ Moses said in a blog post announcing the launch.
