Reaction after Detection
|Project Coordinator||Project Consortium|
EADS DS SA
|EADS DS SA, FR||Telindus, LU|
|Thales Communication, FR||CRP Henri Tudor, LU|
|Alcatel, FR||Soluciones Globales Internet S.A., ES|
|France Telecom R&D, FR||Univ. Politecnica de Madrid, ES|
|Exaprotect Technology, FR||Univ. Politecnica de Valencia, ES|
|GET ENST Bretagne, FR||Innovae, ES|
This is a “Celtic” project;
|Project Key Information|
|End date||Budget (total)||Effort (total)||Project-ID|
|Q4/2006||Q2/2009||9.1 MEuro||81.5 PY||CP3-011|
|Due to the widespread use and increased reliance on telecommunication and information systems, the global Internet has become an attractive vehicle for service delivery. Voice-over-IP (VoIP), multimedia and presence as well as access to information represent an important value to network operators and information providers, relying heavily on IP-based networks and dense interconnectivity. Unfortunately, this has also increased the interest of malicious entities for IP-based attacks, as shown by the large number of published vulnerabilities and publicized successful compromises of large entities.To take into account the evolution of threats from manual to automated, from small scale to large scale, from fun to profit, it is now vital to provide innovative solutions to react quickly and efficiently to an attack. The RED project will define and design solutions in order to enhance the detection/reaction process by providing means to enhance the detection diagnosis, to allow a fast reaction through automated and/or computer aided counter measures, and to support policy-based reaction. The overall objective of RED is thus to improve the overall resilience of IP networks to attacks and help telecommunication and service providers to maintain sufficient quality of service and respect service level agreements.
In particular, the RED architecture ensures both accuracy of the reaction mechanism (it provides an appropriate counter-measure against the threats detected) and efficiency of the propagation of the reaction (to ensure that the threat is handled as rapidly as possible). The architecture will include policy statements guaranteeing compliance with legal constraints and operational objectives such as service level agreements.
The major output of RED project is the development of a security console integrating the different techniques in a unique management console with all the suited interfaces to the different components and with a useable interface. Intelligent functions are based on computer-assisted tools, tasked with the automated deployment of security policies and the launch of automated and efficient countermeasures.
|Improved reaction after attack; process with enhanced detection diagnostics and implementing fast reaction through computer aided counter measures|