Daedalus catches cyber-attacks realtime

Jun 20, 2012 by Nancy Owano report

(Phys.org) -- Japan's National Institute of Information and Communications Technology (NICT) has developed a national cyber-attack alert system that can render network attacks as visible in realtime. The system, announced earlier this month and showcased at Interop Tokyo 2012, is called Daedalus, standing for Direct Alert Environment for Darknet and Livenet Unified Security. The system views computers for any suspicious activity and if it spots an attack it can visualize its progression as it moves through the network. It sees how data flows through the network and looks for inconsistencies.

Where administrators may have to comb through hundreds of lines of server logs to isolate a problem, the Daedalus system can reveal where attackers are focusing their of packets, as a stream of arrows moving along iridescent lines.

This video is not supported by your browser at this time.

According to a NICT video on DigInfo TV, “the sphere in the center represents the Internet, and the circles moving around it represent networks under observation. The state of an attack is shown using 3-D graphics, and can be viewed from any perspective.”

Today's cyber-attacks represent an assortment of malware via USB memory stick, mail attachments, and zero-day exploits. Daedalus can act as an alert system for the cyber-attacks; it can see if a USB flash drive with a virus infects a machine, for example. Daedalus can identify and isolate the malignant traffic on-screen, sending an email to support staff and displaying a red alert through its user interface.

Further descriptions of an attack showing up realtime are provided in the video demo:”The blue part in this organization shows IP addresses that are used, and the black part shows addresses that are not used. This character indicates an alert. When you click on the alert, a message showing the cause appears. In this case, only two packets have been sent. But because the packets go from an address that's used to an address that's not used, this indicates that a virus is starting to spread within the organization." The system sends out an alert, saying, 'This IP address of yours is spreading a virus using this protocol at this time'."

Daedalus is designed to be used together with conventional systems, to improve security within organizations. "We previously created a system called nicter for observing cyber-attacks. We also built an observation network in , called the Darknet Observation Network, to cover IP addresses not used in nicter,” said a NICT source in the video.

The nicter is a system for early detection and in-depth analysis of cyber-attacks. That word stands for Network Incident Analysis Center for Tactical Emergency Response.

NICT is to provide Daedalus free of charge to educational institutions where nicter sensors can be installed. NICT will also transfer access to the system to Clwit, a company described as a Tokyo-based business providing Internet security countermeasures. According to reports, Clwit will develop it into the product, SiteVisor.

Explore further: MIT groups develop smartphone system THAW that allows for direct interaction between devices

More information:
via Diginfo

Related Stories

Cyber attack on Seoul's Unification Ministry

Aug 09, 2011

The South Korean ministry which handles relations with North Korea has been targeted by hackers in the latest of a series of online attacks on government and corporate websites, an official said Tuesday.

Recommended for you

Who drives Alibaba's Taobao traffic—buyers or sellers?

21 hours ago

As Chinese e-commerce firm Alibaba prepares for what could be the biggest IPO in history, University of Michigan professor Puneet Manchanda dug into its Taobao website data to help solve a lingering chicken-and-egg question.

Computerized emotion detector

Sep 16, 2014

Face recognition software measures various parameters in a mug shot, such as the distance between the person's eyes, the height from lip to top of their nose and various other metrics and then compares it with photos of people ...

Cutting the cloud computing carbon cost

Sep 12, 2014

Cloud computing involves displacing data storage and processing from the user's computer on to remote servers. It can provide users with more storage space and computing power that they can then access from anywhere in the ...

Teaching computers the nuances of human conversation

Sep 12, 2014

Computer scientists have successfully developed programs to recognize spoken language, as in automated phone systems that respond to voice prompts and voice-activated assistants like Apple's Siri.

User comments : 5

Adjust slider to filter visible comments by rank

Display comments: newest first

antialias_physorg
3 / 5 (2) Jun 20, 2012
Damn that looks slick. Seems like they watched a lot of "Ghost in the Shell" before designing the GUI. I like it.
Musashi
not rated yet Jun 20, 2012
My thoughts exactly.
technodiss
not rated yet Jun 20, 2012
that's what i like to see; more sci-fi in my sci-nonfi.
so what happens when you network these systems together?
Alcedine
5 / 5 (1) Jun 21, 2012
I've a sneaky suspicion that this has been marketed as a useful visualization tool via afterthought, and actually started out as some guy setting out to make cyberspace look like what he thinks cyberspace should look like.

(I agree with him on that, by the way.)
jimsworldsandiego
not rated yet Jun 21, 2012
Really impressive. If this could be set up on a web hosting company's network management server (before the router) this would would change the world (at least my world).