The CDG asks for your consent: We would like to process your pseudonymised data about the use of the website for analysis purposes in order to understand how visitors use our website so that we can make it even better and more intuitive. We use the open-source software Matomo for this purpose. By clicking on "accept all" you can give us your consent for this. You can revoke your consent at any time with effect for the future. You can withdraw your consent at any time by clicking the button "Customise cookie settings" and unchecking the "Analyse" box. The legality of the processing carried out up to that point is not affected by the cancellation.
Without your consent, we will only process your data to the extent technically necessary to display the website to you. Information on the required data processing and the technically required cookies can be found after clicking on the "Settings" button under "Required cookies" and in our privacy policy.
JR Centre for Unified Threat Intelligence on Targeted Attacks
Head of research unit
Commercial Partner
IKARUS Security Software GmbH, SEC Consult Unternehmensberatung GmbH, Cybertrap Software GmbH, LG NEXERA Business Solutions AG
Duration
01.04.2015 - 31.03.2020
Thematic Cluster
Mathematics, Computer Sciences, Electronic Engineering
IT infrastructures and networks of even smaller companies are exposed to a variety of threats. The JR Centre is developing a methodology for the holistic detection of targeted attacks at system and software level.
Until recently, both research and industry have focused almost entirely on the detection and prevention of large-scale, mostly untargeted threats, based on the assumption that a malicious programme threatens thousands or even millions of systems. Once its malware signature has been identified, it is recognised and eliminated by anti-virus scanners on all other infected systems.
In recent years, however, threats have developed that are strongly focussed on one target and have various underlying motives. Often these potentially dangerous attacks are used for espionage or sabotage and are led by experts. Today's protective measures are not effective against targeted attacks and so they often remain completely undetected for several months and sometimes even years.
The mission of the JR Centre TARGET is to research novel techniques for threat analysis of targeted attacks. Module 1 focusses on the system level. While today's malware detection systems analyse individual files independently of each other and the underlying system, the JR Centre is developing methods that look at the system as a whole and enable a significantly better understanding of past and current system states.
The second Module looks at the software level. Intentionally added hidden functionality as well as conventional vulnerabilities are playing an increasingly important role in targeted attacks as a starting point for attacks. Today's programme code analysis techniques often provide poor protection against these attacks. Therefore, new methods for identifying hidden functionality in software are being developed. There are also plans to investigate the suitability of the concept of honeypots (servers that are specially installed upstream of the actual server to recognise attacks) for detecting attacks on previously unknown vulnerabilities (zero-day exploits).
The combination of the two modules results in a methodology for the holistic detection of targeted attacks. The research results will serve as the basis for future innovative product developments in the field of information security.
Christian Doppler Forschungsgesellschaft
Boltzmanngasse 20/1/3 | 1090 Wien | Tel: +43 1 5042205 | Fax: +43 1 5042205-20 | office@cdg.ac.at
© 2020 Christian Doppler Forschungsgesellschaft