IPANEMA

The objective of this project is to create dynamic patterns for the detection of advanced and targeted cyber-attacks. To this end, the normal traffic of a network will be modeled by the application of automatic learning to certain characteristics of the traffic, in order to detect abnormal behaviors.   One of the results of the project is to feed CARMEN, which is the only national and European product for the defense against APTs.   Most traditional techniques for detecting cyber-attacks are based on rules or on the detection of static signatures (patterns) of attacks previously observed in the network traffic of an organization. However, modern attacks are usually individual and tailored, which is why they are not usually detected by existing signatures.   During the project, functional prototypes of a series of traffic analyzers will be developed and evaluated in real traffic captured by the existing products and services of S2 Grupo. After the execution of the project, these analyzers will become additional modules for these products, for example as plugins for the CARMEN product (The objective of this project is to create dynamic patterns for the detection of cyber-attacks, for which the normal traffic of a network will be modeled through the application of automatic learning to certain traffic characteristics, in order to detect abnormal behavior.   During the project, functional prototypes of a series of traffic analyzers will be developed and evaluated in real traffic captured by the existing products and services of S2 Grupo. After the execution of the project, these analyzers will become additional modules for these products, for example as analyzers for the product CARMEN.   SMEs R&D Program File number: IMIDTA/2016/48