The number of new attacks is growing every day. The time required to generate signatures for new attacks varies between days to months due to the enormous number of new attacks. The traditional approaches, such as customer side protection with static and dynamic analysis and anomaly detection are not sufficient for handling today’s new threats. Intelici AI-based technology computes a digital representation of a particular software object based on the traces of said object in the Internet traffic as observed by an ISP (or collection of ISPs), hereafter referred to as a footprint. Extracted carrier-level footprints allow us to follow the malware propagation patterns in the network. Early Identification of new malware by their footprint that shortens the detection time is a huge advantage compared to IDS products today. Unlike all state-of-the-art solutions, Intelici footprint representation is not inferred from the content of the traffic flows but rather from the source-destination network induced from the mere existence of the flows.
Intelici technology is used in three different hot topics segments:
- Malware detection system in the large-scale network.
- Disinformation detection in Social networks.
- Viral campaign detection in SMS and WhatsApp for Mobile operators
- Ability to detect and filter out only malicious traffic flowing into or from your network.
- Flexible detection engine with support for DoS/DDoS attack types: amplification (NTP, SNMP, SSDP, DNS, GRE, chargen and other), floods (UDP, TCP, ICMP), attacks on tcp protocol (syn, syn-ack, fin floods), attacks on IP protocol (fragmented packets) and other. Including support for multi-vector attacks.
- Very fast detection time: 1 second for sFlow 5 and port mirror mode and 5- 45 seconds for Netflow/IPFIX (depends in device model).
- Scalable up to Terabits (multiple existing deployments with 1+ Tbps of traffic).