The research activity focusses on researching methods, tools and algorithms to collect and analyze security threats. Closely followed by research on mitigation methodologies with emphasis on automation for incident notification and handling in the multi-domain environment.
Focus of research:
- Detecting new threats by Honeypot deployment, filling lists of C&C botnet servers
- Detecting malicious traffic based on fractal geometry anomaly detection algorithms
- Collecting information about anomalous behaviour in a centralized information-database system
- Establish a standard format for notifying about security related issues
- Studying automated methods to notify about problems over Geant multi-domain services
- Research automated methods to open security incidents in a multi-domain environment
- Research on existing and new features of network devices and protocols to support anomaly and malware detection and mitigation.