VNET: Improving network cybersecurity with hybrid approaches

Network communication is under constant monitoring to detect any unexpected behavior (anomalies). This project focuses on anomaly detection, especially on the harmful anomalies caused by cybercriminals.

VNET as a provider of comprehensive telecommunications solutions strives to improve its monitoring, warning and protection capabilities for their clients. VNET is able to actively protect the clients from attacks such as DDoS and others; or they can  at least warn a client that something unusual (an anomaly) is happening with their computer, server, or subnet.

There are two basic approaches to detect such threats: 

  • by a signature based approach 
  • by detecting anomalous behavior in network traffic 

Both approaches have their advantages and disadvantages and may be combined in hybrid approaches. This is part of our expertise at KInIT. 

KInIT created a proposal for better data gathering from the research point of view with practical implications. The dataset will be created with focus on machine learning approaches with different sampling rates and attack visibility together with statistical analysis of a new dataset from the real network traffic. 

We are working on several models that will serve different needs of the whole solution, e.g.: filter known attacks, create network profiles, anomaly detection module. All modules have to cooperate with each other and they have to be prepared for use in production in VNET’s environment.

This project is a successor to our previous successful collaboration with VNET.

VNET_CTO

„Finding patterns and correlations in data are the key, not just for this project; rise of artificial intelligence will be another tectonic shift for the whole mankind.“

Vojtech Németh

VNET, CTO

Project team

Peter Pištek
Senior Researcher
Daniela Chudá
Expert Researcher
Dominik Macko
Expert Researcher
Peter Lacko
Expert Researcher
Kamil Burda
Junior Researcher
Patrik Goldschmidt
PhD Student