Skip to main content

An Intelligent System for Preventing and Detecting Attacks in Open Networks

Objective

SecureNet II is the follow-up of RACE project R2057 SecureNet. The previous project, R2057, demonstrated the feasibility of jointly using expert systems, knowledge engineering and neural network technologies for developing an integrated system for detecting, classifying and neutralising malicious attacks in open network environments, in real time. The main objective of SecureNet II is to develop such an integrated system, within a specific demonstration environment similar to an IBC network. The project aims at developing the prototype of a real-world system which will later be taken to production stage by the consortium's industrial partners and will be commercially exploited.
The feasibility has been demonstrated of jointly using expert systems, knowledge engineering and neural network technologies for developing an integrated system for detecting, classifying and neutralising malicious attacks in open network environments, in real time. Such an integrated system has been partially developed within a specific demonstration environment similar to an integrated broadband communication (IBC) network. The technical work has followed 3 main parallel activity paths:
Development of components;
System integration;
IBC interfacing.
A system integration task was performed in an online fashion, in parallel with the main development tasks, in the form of building a demonstrator. Characterization of attacks has been achieved. Definition of the architecture has been completed. Specification and design and partial implementation of system modules has been carried out. Demonstration environment has been selected and a platform set up. Experimentation plans are now fully defined.
Technical Approach

The technical work will follow three main parallel activity paths, as follows:

- Development of SecureNet components.
- System integration.
- IBC interfacing.

The project has a duration of two years. A system integration task is performed in an on-line fashion, in parallel with the main development tasks, in the form of building a demonstrator. By the end of the project, this demonstrator will have reached the status of a research prototype, capable of demonstrating SecureNet's functions in a specific environment.

All development tasks follow the cycle specifications-design-implementation-testing, with the implementation phase being conceived as a continuous rather than a one-shot effort. The project will also build a network simulator, re-using components available from work within other international projects. This simulator will be used for all experimentation.

Apart from straight development of SecureNet's components, the project will also explore additional novel techniques which may enhance the system's capabilities, namely intent specification modelling and secure distributed computations. The former will eventually lead to a component complementary to the detection module of SecureNet, which will be able to prevent rather than simply detect attacks, whereas the latter will allow SecureNet to establish some means of communication even when the underlying network has been infected.

Key Issues

- IBC security environment.
- Lack of security awareness.
- Modelling of attacks against IBC networks.
- Development of an integrated system for IBC network security.
- Demonstration of the system's functions in a real-world environment.

Expected Impact

- Demonstration of an integrated system for IBC security.
- Increased awareness of the IT and the IBC communities on the need for security in IBC networks.

Coordinator

EXPERTNET
Address
25Th Matiou 28
11562 Holargos
Greece

Participants (5)

Centre National d'Études des Télécommunications (CNET)
France
Teltec
Ireland
UNIVERSITY OF OULU
Finland
UNIVERSITY OF VIENNA
Austria
Address
Dr. Karl-lueger Ring 1
Universität Bremen
Germany
Address

28335 Bremen