The technology is capable of detecting any "extracurricular" activities, either malicious or benign, thus facilitating the detection of targeted attacks at their very early stages.
Timely detection and elimination of advanced malware is a pressing concern to even the most modern computer network system. Consequently, intrusion detection is a very active area of research that continually evolves to combat malware.
The objective of this technology is to provide defense mechanisms for cyber physical computer systems that will successfully address the threat of targeted attacks. It operates as a security software deployed within a critical infrastructure industrial computer network interacting with other industrial networks, business intelligence networks, or consumer systems. The system automatically extracts a library of functionalities fully describing normal operation of the network and hosts within the network. The resultant Customized Normalcy Profile is then utilized as the major component of an anomaly based Intrusion Detection Sys-tem.
The technology is capable of detecting "low and slow" targeted attacks at the earliest stages of their deployment, manifesting themselves as "extracurricular" activities of the system processes, observed as anomalous functionalities. The technology is ideally suited for the deployment within limited access government/industrial networks running a fixed number of approved applications. It is suitable for immediate deployment within a Industrial Control Systems/SCADA type environment for the detection of cyber attacks and/or any unauthorized activity.
Creation of individual defenses for systems that could be targeted by information attack
Capable of detecting any "extracurricular" activities, either malicious or benign
Seamlessly upgraded normalcy profile
Development of customized normalcy profiles is for limited access computer networks, running approved, legitimate applications that include computer networks providing service for power plants, power grid, various government facilities, etc.
Provides the basis for the creation of individual defences for systems that could be targeted by specially designed information attack
Capable of detecting any "extracurricular" activities, either malicious or benign, thus facilitating the detection of targeted attacks at their very early stages
Addresses approved changes in the protected environment by seamlessly upgrading the normalcy profile
Patent strategy is currently under evaluation.