Finished Project

RED

Reaction after Detection

Project Coordinator Project Consortium
Christophe Ponchel
EADS DS SA
France
e-mail: christophe.ponchel<at>eads.com
EADS DS SA, FR Telindus, LU
Thales Communication, FR CRP Henri Tudor, LU
Alcatel, FR Soluciones Globales Internet S.A., ES
France Telecom R&D, FR Univ. Politecnica de Madrid, ES
Exaprotect Technology, FR Univ. Politecnica de Valencia, ES
GET ENST Bretagne, FR Innovae, ES

This is a “Celtic” project;

Project Key Information

Start date

End date Budget (total) Effort (total) Project-ID
Q4/2006 Q2/2009 9.1 MEuro 81.5 PY CP3-011
Abstract
Due to the widespread use and increased reliance on telecommunication and information systems, the global Internet has become an attractive vehicle for service delivery. Voice-over-IP (VoIP), multimedia and presence as well as access to information represent an important value to network operators and information providers, relying heavily on IP-based networks and dense interconnectivity. Unfortunately, this has also increased the interest of malicious entities for IP-based attacks, as shown by the large number of published vulnerabilities and publicized successful compromises of large entities.To take into account the evolution of threats from manual to automated, from small scale to large scale, from fun to profit, it is now vital to provide innovative solutions to react quickly and efficiently to an attack. The RED project will define and design solutions in order to enhance the detection/reaction process by providing means to enhance the detection diagnosis, to allow a fast reaction through automated and/or computer aided counter measures, and to support policy-based reaction. The overall objective of RED is thus to improve the overall resilience of IP networks to attacks and help telecommunication and service providers to maintain sufficient quality of service and respect service level agreements.

In particular, the RED architecture ensures both accuracy of the reaction mechanism (it provides an appropriate counter-measure against the threats detected) and efficiency of the propagation of the reaction (to ensure that the threat is handled as rapidly as possible). The architecture will include policy statements guaranteeing compliance with legal constraints and operational objectives such as service level agreements.

The major output of RED project is the development of a security console integrating the different techniques in a unique management console with all the suited interfaces to the different components and with a useable interface. Intelligent functions are based on computer-assisted tools, tasked with the automated deployment of security policies and the launch of automated and efficient countermeasures.

Focus areas
Improved reaction after attack; process with enhanced detection diagnostics and implementing fast reaction through computer aided counter measures
Expected outcome
  • Improved diagnostics
    – Better classification of alerts coming from different sectors.
    – Identification of elaborated incidents allowing appropriate reaction.
  • Attack reaction
    – The mission of the reaction tool is to apply automated or manual (but computer aided) countermeasures to insure the system resilience.
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt