|
Tuesday, April 10, 2007
R Jai Krishna
NEW DELHI: The Centre for Development of Advanced Computing (CDAC) has developed a statistical anomaly detection system – Netra, a tool which enables in detecting new attacks for which signatures are yet to be developed.
Disclosing this to CyberMedia News here, officials of CDAC’s Bangalore center said that Netra learns the normalcy of the network traffic and then identifies the intrusions based on the abnormal behavior in the network traffic.
“Netra when operated in the learning phase profiles the network traffic and arrives at the base-line normal behavior of the network. During the detection phase Netra carries-out statistical analysis to detect anomalous traffic behavior whereby identifying the intrusions,” they said.
“The significant feature of Netra is the automatic traffic learning and detection of flooding attacks. Even the novel type of attacks can be detected using traffic variation and Netra identifies the abnormal traffic in the network. It has a configurable profiling and detection periods,” the CDAC officials added.
The tool is embedded with Netra Agent constituting of a packet collector, protocol decoder, statistical analyzer, flood detector and management console. The Netra Manager contains a traffic meter which is built based on protocols and traffic and a report generator, which can churn out data, either daily or weekly, based on the users' requirement.
© CyberMedia News
|
