In order to protect research data and user information of universities and federal institutions, researchers from Mathematics and Statics Institute of the University of São Paulo (IME-USP) coordinate a working group to develop an Early Warning System (EWS).
The tool monitors suspicions malicious activity and detects security incidents. "Provocative messages, theft information and network intrusions to obtain information or passwords are some examples of malicious activities that we aim to avoid with this system", explains Daniel Macêdo, coordinator of the study.
The project manager from the Federal Technological University of Paraná (UTFPR, in Portuguese) and associate researcher Wagner Monteverde stresses that the major difference of this system is that the same architecture can be used in the future for several applications. “Specifically in this work group, we are working with cyber safety, but in the future, the same logical can be used to prevent phenomena from other areas”. Another highlight is that the system and the pattern created will support the inclusion of any open data source, such as social networks, blogs, IRC, news feeds, among other.
On system premise, is a key-word list, regularly used in malicious messages, which the tool provides to gather information resulting from date source. EWS trigger alerts in situations involving risk patterns to unleash reactive mechanism to prevent or reduce the damage caused by the attack.
The group is composed by professors and graduate students of UTFPR, technicians of the Federal University of Bahia (UFBA) and by the Point of Presence of RNP at the State of Bahia (PoP-BA). The project is funded by the Brazilian National Research and Educational Network (RNP). Currently, a system pilot version is being used by institutions as USP, UFBA, the RNP's Service Center of Security Incidents (CAIS), the Federal Policy and the Data Processing Company of the State of Amazonas (Prodam).
Photo: professor Daniel Macêdo at the Workshop RNP 2016, held in the city of Salvador.