This project aims at developing a new generation of attack and network anomaly detection system. Three software results will be developed. a) Behavioural analysis applied on application layer (L7) data with the goal to detect threats and attack on this level. b) System for reputation databases will consolidate the processing of external feeds, clean data, assess data from the viewpoint of relevance to the network entity or organization, and correlate with other detected events. c) Artificial intelligence for knowledge derivation will implement automation and support of user activities in the system. Based on user behaviour the system will adapt to given etwork, services and applications which will reciprocally lead to improvement of detection results.
The project TH04010073 is solved with the financial support of TACR.