Unified Threat Intelligence on Targeted Attacks
The center explored novel techniques for threat intelligence on targeted attacks on different layers. Together they form a unified methodology for the detection and mitigation of this new class of threats.
The center aims at developing threat intelligence methodologies that observe the system as a whole and apply formal modeling in conjuncture with the collection, processing, comparison, and analysis of system state information.
Its research topics are:
- Formal methods: Next to extracting various attack indicators, we aim to develop a universal model for describing malicious behavior.
- Behavioral analysis: Our applied work focuses on behavioral analysis of IT system activity and malicious software on API call level.
- Data mining: Anomaly detection and threat response is enabled by data mining procedures utilizing a multitude of algorithms.
- Honeypot & kernel monitoring: We use honeypot and kernel monitoring technology to tempt attackers and learn about APT behavior.
SBA leads the External Module Container Technology and Advanced Targeted Attacks of JRC TARGET.
Related News & Events
TARGET is funded by the Christian Doppler Forschungsgesellschaft (CDG) and a number of industry partners.