Further, a detailed knowledge of the system behavior makes it possible to identify the extent of damage 90% faster than the time required in conventional manual investigation. Accurate anomaly detection and quick specification of damaged areas by the new technology minimize the damage from cyber-attacks and enable recovery without stopping an entire user-system.
"It is remarkably difficult for current cyber-attack countermeasures, which are carried out based on known attack methods, to protect systems against unknown attacks. The new technology, which is based only on subtle changes observed in OS-level behavior as a consequence of attacks, rather than on the attack methods, enables an innovative approach to deal with completely new cyber-attacks," said Motoo Nishihara General Manager, Cloud System Research Laboratories, NEC Corporation.
NEC conducted trials of the technology on its in-house ICT system and found that it was able to detect all simulated attacks. Going forward, NEC will carry out trials on systems serving critical infrastructure, such as power plants and factories, aiming to commercialize the technology by the end of FY2016.