VNET: Anomaly detection for improving network cybersecurity
People and companies use computers for extended communication, part of which can be highly sensitive and may also be stored in computers or on servers.
This may be interesting for cyber criminals. They want to get this information itself or just to get access to computers to use them for different kinds of cyber criminal activities, such as attacks. Their methods are becoming increasingly sophisticated in order to remain undetected as long as possible.
VNET as a provider of comprehensive telecommunications solutions strives to improve its monitoring, warning and protection capabilities for its clients. VNET is able to actively protect its clients from attacks such as DDoS and others; or it may at least warn a client that something unusual (an anomaly) is happening with their computer, server, or subnet.
There are two basic approaches to detect such threats: either there is a signature of known attacks from the past or we can detect anomalous behavior in network traffic. The second approach can detect new kinds of anomalies (possible attacks) but it needs to use methods of artificial intelligence. This is part of our expertise.
KInIT provides analysis of existing methods for anomaly detection on network communication. We will analyse and recommend suitable datasets which provide suitable features for testing chosen methods. These methods may be used in real-world situations. In further stages of the cooperation, we will provide recommendations for building VNET’s own dataset for model testing. In the last part of the project KInIT will propose use of methods for anomaly detection in VNET’s environment.
„Finding patterns and correlations in data are the key, not just for this project; rise of artificial intelligence will be another tectonic shift for the whole mankind.“
Lead and Researcher