Intera

Intelligente Analyse von Cyberangriffen auf IT-Infrastrukturen

Intelligent Analysis of Cyber Attacks on IT Infrastructures

The IntErA framework is a further development of the anomaly-based approach from the previous project SecMonet into a hybrid, self-learning and thus extremely flexible intrusion detection system.

In the first step, already known anomalies are detected by pattern matching with the least possible effort. Unknown attacks are taken into account by anomaly detection in a second step and stored in an adaptive pattern database in the form of anomaly signatures.

This hybrid approach combines the advantages of anomaly detection with the advantages of pattern-based approaches and thus enables optimal protection even against previously undisclosed vulnerabilities. The scalability of the framework is supported, among other things, by parallelisation and distribution of the system components in the network to be monitored.

Cooperation partner

IT-Security@Work GmbH (ISW)
University of Kassel
EDAG Engineering GmbH

Project team

Projektleitung

Prof. Dr. Ulrich Bühler

Applied Mathematics, Cryptography, IT Security

u.buehler(at)cs.hs-fulda.de Profile

Keywords:
Anomaly detection, Big Data, Attack signature generation, Pattern recognition, Network security, Distributed systems.

Funding:
Federal Ministry of Education and Research(BMBF)

Website:
IntErA

Project duration:
01.06.2014 - 31.12.2017