NEC has developed system operations-visualisation and anomaly-analysis technology that uses artificial intelligence (AI) to automatically detect unknown cyberattacks against social infrastructure and enterprise systems.
The development is part of its focus on Solutions for Society, under such NEC is pursuing advanced technologies that enhance cybersecurity.
The new technology learns, through machine learning, the normal state of operating system (OS) processes such as program startup, file access, and communications. It then carries out real-time comparisons and analysis of current operations in the system's normal state and automatically isolates activities that deviate from the normal state by using system operation tools and software-defined networking (SDN).
The system can identify the extent of damage 90% faster than in conventional manual investigation. Accurate anomaly detection and quick specification of damaged areas by the new technology minimise the damage from cyber-attacks and enable recovery without stopping an entire system.
"It is remarkably difficult for current cyberattack countermeasures, which are carried out based on known attack methods, to protect systems against unknown attacks. The new technology, which is based only on subtle changes observed in OS-level behaviour as a consequence of attacks, rather than on the attack methods, enables an innovative approach to deal with completely new cyberattacks," said Motoo Nishihara General Manager, Cloud System Research Laboratories, NEC Corporation.
NEC conducted trials of the technology on its in-house ICT system and found that it was able to detect all simulated attacks. Going forward, NEC will carry out trials on systems serving critical infrastructure, such as power plants and factories, aiming to commercialise the technology by the end of FY2016.
The development is part of its focus on Solutions for Society, under such NEC is pursuing advanced technologies that enhance cybersecurity.
The new technology learns, through machine learning, the normal state of operating system (OS) processes such as program startup, file access, and communications. It then carries out real-time comparisons and analysis of current operations in the system's normal state and automatically isolates activities that deviate from the normal state by using system operation tools and software-defined networking (SDN).
The system can identify the extent of damage 90% faster than in conventional manual investigation. Accurate anomaly detection and quick specification of damaged areas by the new technology minimise the damage from cyber-attacks and enable recovery without stopping an entire system.
"It is remarkably difficult for current cyberattack countermeasures, which are carried out based on known attack methods, to protect systems against unknown attacks. The new technology, which is based only on subtle changes observed in OS-level behaviour as a consequence of attacks, rather than on the attack methods, enables an innovative approach to deal with completely new cyberattacks," said Motoo Nishihara General Manager, Cloud System Research Laboratories, NEC Corporation.
NEC conducted trials of the technology on its in-house ICT system and found that it was able to detect all simulated attacks. Going forward, NEC will carry out trials on systems serving critical infrastructure, such as power plants and factories, aiming to commercialise the technology by the end of FY2016.
posted from Bloggeroid
No comments:
Post a Comment