Cyberattacks have become an important weapon of corporate wars and competition. Network attacks are used as a tool of choice in dirty competition and state-scale cyberwars. A steady growth in the number of DDoS attacks and the increase in their capacity and complexity have been observed over the last years.
The role of cyber warfare in political struggle, both internal and at the inter-state level, has been growing steadily. To protect, we Inoventica provide invGUARD, the solution offered by Inoventica Technologies.
System for monitoring, analyzing and protecting network infrastructure against denial of service (DoS) attacks
invGuard AI – Anomaly detection by patterns
A new mathematical algorithm for network attack detection has been developed in 2018. It is based on the detection of deviations in super-large volumes of traffic.
More than a dozen scientific articles have been published on this topic. 3 patents for inventions received.
When convert a sequence of attacking actions into phase space, a mathematical apparatus is used to construct a phase trajectory of attack, which is clearly different from the behavior of a regular user.
This allows to create attack templates (“Patterns”), and detect attacks using a differential mechanism.
- whole visibility of the network up to 5 Tbit/s with hundreds routers;
- high-speed attacks mitigation up to 20 Gbit/s per one invGUARD CS applicance;
- quality control of traffic flow to services, customers, uplinks and peers;
- managed services for subscribers;
- low cost of ownership.
- Collects and aggregates NetFlow data, SNMP and BGP routes from the network, applicances.
- Analyzes traffic by various views with TCP/IP stack and BGP routes information.
- Detects anomalies as an behavior of managed objects and signature-less malicious impacts to the network.
- Detects attacks such as DDoS-attacks: ICMP flood, TCP SYN flood, TCP Connection flood, UDP flood and 100+ other types of attacks.
- Generates 250+ different real-time and historical reports.
- Mitigates attacks carefully with BGP updates: Blackhole and FlowSpec.
- Cleans traffic from worms, zombies, botnets and other types of malicious impacts.
- Activates countermeasures to prevent malicious impacts: connections, amount of data, TCP Authorization, etc.
- Integrates in security monitoring centers via SNMP.
- Network routers supported: Juniper, Cisco, Huawei, etc.