NEC Corporation is does building out its artificial intelligence (AI) portfolio – the company has announced the development of AI based “system operations-visualization and anomaly-analysis technology” which detects unknown cyber-attacks against social infrastructure and enterprise systems.
The new technology is said to learn (through machine learning) the normal state of OS-level operations (program start-up, file access, communications, etc.) for entire ICT systems, including PCs and servers. It then carries out real-time comparisons and analysis of current operations in the system’s normal state and automatically isolates particular points that deviate from the normal state by using system operation tools and Software-Defined Networking (SDN).
The Japanese It major company asserts to encrypt a detailed knowledge of the system behavior to identify possible extent of damage 90% faster than the time required in traditional scrutiny. Accurate anomaly detection and quick specification of damaged areas by the new technology minimize the damage from cyber-attacks and enable recovery without stopping an entire user-system.
“It is remarkably difficult for current cyber-attack countermeasures, which are carried out based on known attack methods, to protect systems against unknown attacks. The new technology, which is based only on subtle changes observed in OS-level behavior as a consequence of attacks, rather than on the attack methods, enables an innovative approach to deal with completely new cyber-attacks,” said Motoo Nishihara General Manager, Cloud System Research Laboratories, NEC Corporation.
Additionally, NEC conducted trials of the technology on its in-house ICT system said to detect all simulated attacks. Improvising next-step, NEC will carry out trials on systems serving critical infrastructure, such as power plants and factories, aiming to commercialize the technology by the end of FY2016.