Switzerland

Back to Search

International Partner Search

Research & Development Request

H2020: Research partners sought for the project ENTRUST, a new generation network security system.

Country of Origin: Turkey
Reference Number: RDTR20170407001
Publication Date: 10 April 2017

Summary

A Turkish company in ICT sector located in Istanbul, is working on data processing, data security with various vertical applications.

Acronymed  as "Entrust" under the program call Addressing Advanced Cyber Security Threats and Threat Actors - DS-07-2017, the project is about targeting the issue of  "Digital security in the presence of evolved threats, encrypted traffic, and possible insider attacks".
The company is looking for partners under research cooperation.

Description

Network security evolved from access lists to firewalls to intrusion detection systems (IDS).  



The proposed technique shall first look into Data Sources such as Applications, Users and Network Equipment.  Applications can generate event logs, application activity logs, emails and database activity.  Users can generate transactions, act with certain behaviours, have user activity and have social activity.  Network equipment can generate data such as those from security devices, other types of network activity, server and host logs, syslogs, configuration data and threat information.

Data emerging from such sources will then be stored & processed.



Here it is possible to envisage a hot-warm-cold data selection, large scale machine learning, distributed infrastructure and big data capabilities.

Next, analysis will be performed using predictive and decision modelling and transaction analysis.



Finally, a proposal shall be made for the incident management.

There is no common log format across the industry and proposal of a common log format may also be considered as an innovative aspect of this work.

 

Research cooperation partners are sought as such; as part of the research collaboration, the focus on research collaboration is to analyse the alarms, other events, logs, and data traffic that emerges from layers 2 through to 7 of the network based on OSI model, run big data analysis and machine learning methods on them the big data obtained. The storage, handling or the data is challenging. 



Another challenge is that there is no existing standard for the logs generated across a variety of vendors whose equipments are used in today's data networks, making it a need for work for standardisation. 



The official deadline for the call is 24.08.2017 and duration of the pproject is 156 weeks. Latest EOI can be made until 24.07.2017.

Advantages and Innovations

Existing security methods address certain aspect of security problem, resulting in the following disadvantages:



Threat assumed to be from outside, rather than inside; making the system ineffective against a Trojan horse or an infected user from inside.



SSL-encrypted malicious activity raises no direct alarm in IDS.

Also, known backdoors in leading non-EU manufacturers

Proposed solution provides:

-An evolved security system that can address ‘evolved risks' currently undetectable by the IDS systems

   -Machine learning ideas incorporated

   -Kills threats from outside and inside

   -Detects extended list of network activities such as an abnormally high number of MX lookup local email addresses, or DDOS.

-A common log format for use in network equipment

-A European security system with zero backdoors

   -Higher security of systems and personal information

-Worldwide network security and information security markets nearing $10b and $100b in size, respectively

   -With 2-digit year-on-year growth

   -Governments, data centres, corporates, SMEs can be beneficiaries.

Requested partner

Type of Partner;



- A Vendor that have security products like firewall, intrusion detection system, intrusion prevention system or log analysis (security information and event management) SIEM system. The developments that are planned to take place within the research part of the project will eventually need to be implemented at a lower level programming language such as C or Python, where a vendor expertise and assistance with usecases will also be needed.



Role of Partner;



The developments that are planned to take place within the research part of the project will eventually need to be implemented at a lower level programming language such as C or Python, where a vendor expertise and assistance with usecases will also be needed.

Cooperation offer is closed for requests
Enterprise Europe Network Switzerland
Impressum | Terms Of Use