Recognising IT Attack Patterns at an Early Stage
Josef Ressel Center Researches Holistic Method to Improve Understanding of and Defence against Cyber Attacks
From 2015 to 2020, the Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks (TARGET) at the St. Pölten UAS conducted research on new techniques for the fast and secure detection of targeted attacks on companies’ IT systems. In this context, the researchers developed entirely new methods to recognise attack patterns automatically and at an early stage, and to suggest targeted countermeasures.
Fast Recognition and Understanding of IT Attacks
Attacks can be classified according to their type and phase as well as the systems under attack. The researchers at TARGET have developed innovative methods to classify and describe potential attacks that help categorise these attacks faster and take appropriate countermeasures early on.
“Our novel technology can detect targeted attacks on computer systems faster, for example during the first phase of breaking into the IT system when no real harm has been done yet. In this way, we can, for instance, counteract industrial espionage or sabotage better”, explains Peter Kieseberg, Head of the Institute of IT Security Research at the St. Pölten UAS.
Outlook: Further Research & Implementation of Results
Even after the end of the project, the researchers continue to work on improving the recognition of IT attacks. “We are currently working on the systematic modelling of attacks and the best defence mechanisms for each context”, reveals Kieseberg. “Furthermore, our company partners are already working on implementing our research results in their software products.”
About the Josef Ressel Center TARGET
The Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks (TARGET) was launched at the St. Pölten University of Applied Sciences in 2015. Based on simulated attacks on servers, researchers developed methods to protect companies against targeted IT attacks in future. In 2017, the centre was expanded to include a new module to investigate so-called OS-level virtualisations – a technology of the IT sector that features a number of server services running simultaneously on one physical server and operating system.
The UAS’ company partners in the centre were CyberTrap, SEC Consult, IKARUS Security Software, and LG Nexera Business Solutions. SBA Research was the scientific partner in an external module of the centre which was financed by the Federal Ministry of Education, Science and Research with a budget of approx. 1.6 million EUR over a term of five years.