Japanese boffins plumb darknet for cyber attack alerts

DAEDALUS system monitors unused IP addresses


Japanese boffins at the National Institute of Information and Communications Technology (NICT) have been showing off a new real-time alert system designed to help security teams spot and visualise cyber attacks more effectively.

The DAEDALUS (Direct Alert Environment for Darknet And Livenet Unified Security) system has been in the making for several years, and detects threats via large-scale monitoring of the internet’s unused IP addresses, which NICT calls the ‘darknet’.

Here’s an explanation from a 2009 research paper:

We propose a novel application of large-scale darknet monitoring that significantly contributes to the security of live networks. In contrast to the conventional method, wherein the packets received from the outside are observed, we employ a large-scale distributed darknet that consists of several organisations that mutually observe the malicious packets transmitted from the inside of the organisations. Based on this approach, we have developed an alert system called DAEDALUS.

DAEDALUS is able to alert security teams when an active IP address in the organisation is trying to send packets to an unused IP address on the darknet – a sure sign that a virus is beginning to spread internally.

The real whizz-bangery is in the 3-D user interface which represents this data.

Users are presented with a giant blue globe at the centre of the screen representing the internet, with a series of circles suspended around it in orbit – these are the networks under observation, as pictured below.

NICT's Daedelus security scanner

Each circle displays in blue the proportion of the network containing active IP addresses and in black those that are not used.

Alerts are also displayed and can be clicked through to present more information, for example on which IP address they are spreading from, the time and type of threat.

NICT currently monitors 190,000 IP addresses in Japan but the potential for use internationally is obvious.

The technology will be made available for free to Japanese universities, but local tech firm Clwit is the big winner as it will reportedly be given commercial access to the tool to wrap into a new product dubbed SiteVisor.

Check out the video courtesy of Japanese tech site DigInfo. ®


Keep Reading

Fujitsu re-orgs Fujitsu Japan by making more parts of Fujitsu Fujitsu

Domestic companies to be mashed together in the service of digital transformation, 5G and cloud

Fujitsu, Japan strong-Arm their way to the top with world's fastest-known super: 415-PFLOPS Fugaku

That big Arm news you were all expecting today, right?

You don't have to go home, but you can't stay here. Fujitsu tells 80,000 of its Japan employees: From now on, you work remotely

Announces plans to close 50% of its Japanese office space by close of 2022

UK taxman waves through £168.8m Fujitsu contract because no one else can hold up 30-year-old infrastructure

What's another three years amid project delays and Brexit uncertainty?

Don't be fooled, experts warn, America's anti-child-abuse EARN IT Act could burn encryption to the ground

Wait, a proposed law tackling the sexual abuse of kids and they name it... the EARN IT Act? Seriously?

Hundreds charged in internet's biggest child-abuse swap-shop site bust: IP addy leak led cops to sys-op's home

23 kids saved, alleged scumbag-in-chief already in jail

What the world needs now is socially-distant robots, says Japan

Takes its domestic standard for human/robot interactions to the ISO to get moving machines working with humans in hospitals and beyond

Five Eyes nations plus Japan, India call for Big Tech to bake backdoors into everything

Or as they put it: ‘Embed the safety of the public in system designs … facilitating the investigation and prosecution of offences’

Biting the hand that feeds IT © 1998–2020