Software system "Security Locator"

E-mail Print PDF

"Security Locator" is a network behavior analysis system, developed at LLC "Laboratory of network technologies" to facilitate network operations and security. Software system "Security Locator" performs continuous monitoring and anomaly detection in TCP/IP networks, and visualization of obtained operation data and analysis results.

Multiple areas of application are considered including research and real-life environment testing of new methods, network audit and security control, educational process and reinforcement of practical skills in network technologies. It is possible because of the distributed architecture, the modular structure and the configuration ability of the software system that provide a number of configurable solutions with an extendable set of analysis techniques and reporting forms.

Currently "Security Locator" is a full-functional prototype system and is under operational testing in several working networks of different scales. The software implementation is based on Java2 J2EE and Apache Tomcat, involving JSF, JSP & Servlets (Web user interface), JPA and XML-RPC technologies. The network sensors are implemented in C for OS Windows and Linux.

The main task of ongoing operational testing of “SECURITY LOCATOR” is to estimate the efficiency of the developed anomaly detection techniques and the overall system performance for various configurations and deployment schemes under real-life heterogeneous network environments. The primary results prove validity of the approach, particularly in control of network servers, when detailed analysis of detected deviations from the normal state helped to discover complex network attacks at an early stage. Detected malicious activity examples included scans, open “backdoors”, password cracking and unauthorized access attempts, and etc. Deployment of the system and analysis of network traffic improved visibility and security of network infrastructure, and provided necessary information for adequate protective measures.

Last Updated on Sunday, 12 April 2009 16:32  

Search in site