Research Networking test beds Keeping a watchful eye on cyber crime
Taking to heart the premise that you must know your enemies before you can defeat them, European researchers have created an innovative system to monitor computer viruses and cyber attacks on the internet.
The platform, which uses sensors deployed in different countries to passively track internet traffic on a large scale, is helping researchers understand the threats internet users face.
The information gathered by the system can then be used to develop new tools to protect citizens, companies and governments from viruses and attacks. Overall, it will help to make the internet a safer place.
Developed by researchers in the Lobster project, the system is the first of its kind in Europe and one of only three similar endeavours in the world.
An international network of sensors
Sensors set up at 50 locations in 10 countries monitor and analyse internet traffic to detect all manner of cyber mischief, from viruses and worms being propagated between home computers to attacks by hackers on the networks of companies and public organisations.
The sensors are capable of monitoring traffic from more than two million computers at the same time on networks with a cumulative capacity of up to 25 gigabits per second – about 25,000 times the speed of most home broadband connections.
Complex algorithms are used to weed out malicious internet traffic from normal traffic picked up by the sensors. The system is even capable of detecting so-called polymorphic attacks in which hackers send malicious code masquerading as innocent-looking web traffic.
One attack every 30 seconds
Since the project began in October 2004, the network of sensors has detected close to one million cyber attacks – an average of one attack every 30 seconds. On some occasions, the sensors identified attacks as frequently as once every two seconds.
The researchers found that attacks come from all over the world, with 70% originating from and targeting computers within the same network, suggesting the existence of large numbers of compromised computers on private and public networks.
A testbed for network security
The project’s findings are already helping researchers in developing new methods to fight cyber crime.
The system provides a kind of test bed for internet security organisations and researchers to try out new techniques on a large scale for tasks such as traffic characterisation, attack detection and quality-of-service monitoring.
Stopping the cyber plague
With hackers continually increasing the scale and sophistication of attacks, internet monitoring will undoubtedly become ever more important in order to detect vulnerabilities and weaknesses in network security.
Researchers hope that the Lobster project’s results and related initiatives will help to stop or even reverse the trend toward increasing levels of cyber crime, which by some estimates have led to one in every four computers worldwide being compromised at a cost to citizens, companies and governments of hundreds of billions of euros each year.
Call for proposal
See other projects for this call
Funding SchemeSSA - Specific Support Action
SL6 8XB Maidenhead-berkshire
CB2 1NT Cambridge