Unwired security
New wireless technologies such as Wi-Fi–enabled networks, radio frequency identification (RFID) and the advent of 4G networks are demanding more security in connectivity than ever before. The EU-funded project 'Security management in multi-radio networks' (Securinet) worked on a system that interconnects clients and services in a very secure manner. It designed a Multi-Radio enabled Distributed Security Operation Centre (MR-DSOC) to detect intrusions in order to prevent single points of failure and address the needs of cooperative networks today. At its onset, the project documented security attacks and categorised them based on their temporal interdependencies. From this it derived appropriate distributed intrusion detection protocols which parse events as closely as possible to the device that generates them in order to minimise data communication. Detection of intrusions then takes place based on these parsed events by analysing them and identifying a pattern that represents an intrusion attempt. Developed and tested on a wireless-enabled network, this novel intrusion system also boasts an anomaly detector that identifies patterns in events which do not conform to expected behaviour. The technology employs a powerful tool for automatically categorising a system activity called a Kohonen map. The project successfully developed a viable prototype anomaly detection system which minimised the time and memory required for the automatic training phase and anomaly detection. The resulting MR-DSOC is poised to become highly effective in deterring malicious intruders and enhancing security.
