|Project Title||Artificial intelligence enabling automated DDoS detection and response in carrier IP networks|
|H2020 Topic List||DS-07-2017 Addressing Advanced Cyber Security Threats and Threat Actors|
|Role within the Consortium||* Project Partner|
|Type of activity||* Technology development|
|Project Description||The Internet & network security is exposed to security threats, all the time. Within the core IP infrastructure, the |
links have a limited capacity and can easily be flooded with malicious data causing denial of service, poor user
experience, revenue loss, customer churn, and operations headaches.
- The Internet is globally exposed to advanced malwares and security threat (e.g. Mirai, LuaBot), driven by
insecure IoT devices around the globe
- Malwares use standard encryption with the SSL protocol, malwares alike; meaning less visibility in network
- Static detection capabilities - e.g. in the popular SNORT, are easily bypassed since they are only implemented
afterwards (i.e. too late to draw attention!) when the attack is discovered months later
The RIA research proposal is to find statistical models and AI algorithms with the ability to learn and detect
normal and abnormal states dynamically based on real-time data: the data set is anonymous IP flows
properties: timestamp, application discovery, security certificates involved, anonymous source & destination,
timing properties, etc.
Please contact us if youre interested in this research area and how you wish to contribute to the consortium
We intend to involve in the research consortium, as end-user, a public Internet ISP to allow training & test
algorithms with real data and evaluating the impact on situation awareness & threat response capabilities.