NetSTAR today announced malware detection capability enhancements based on research conducted by Yokohama National University in Japan. These new capabilities, based on data generated by the university, improve NetSTAR’s malware categorization for its award-winning inCompass® internet categorization and threat intelligence solution.
Associate Professor Katsunari Yoshioka, faculty of Environment and Information Sciences, Division of Social Environment and Information/ the Institute of Advanced Sciences at Yokohama National University, has developed a complex honeypot system using both real devices and emulated network services to observe malware attacks. The research results have been achieved by "Web-based Attack Response with Practical and Deployable Research InitiatiVE (WarpDrive)", the Commissioned Research of National Institute of Information and Communications Technology (NICT). Conventional honeypot systems cannot detect all threats because of the complexity of attack patterns, and because the emergence of short-lived malware has increased the number of threats. By observing these combinations, it is possible to detect unauthorized requests that were previously difficult to observe with a conventional system, and to provide more extensive and immediate threat countermeasure data.
The honeypot production environment uses multiple internet-enabled devices and a large number of IP addresses to detect device-based attacks. And the virtual environment allows for observations of attacks on ports other than well-known ports, by generating traffic against a large number of such ports and capturing the responses to the traffic communication. These honeypot systems allow researchers to observe short-lived attacks via Telnet and HTTP, malware downloads, and commands executed over dangerous remote connections. Botnet-related attacks are increasing; the honeypot systems allow researchers to identify IP addresses associated with botnet attacks.
Daniel Ashby, Sr. Vice President of NetSTAR, explains “Through the work of Associate Professor Yoshioka of Yokohama National University, NetSTAR is leveraging threat countermeasure data based on the honeypot systems that he has developed. We have multiple servers processing the honeypot system data, categorizing associated IPs as malicious, and updating our global inCompass® database so that our technology and telco partners have up-to-date visibility into these security vulnerabilities.” Mr. Ashby continued by explaining “our OEM partners use this intelligence to power their web filtering solutions, enhance their threat information capabilities, and create new network policies around internet-enabled devices. These enhanced malware detection capabilities will benefit all of our partners.”
NetSTAR is the global leader in internet categorization and security solutions for the OEM market. We categorize billions of URLs, domains, and IP addresses, and give our technology and telco partners visibility into the dynamic internet landscape. With our telemetry data from over one billion endpoints, our proprietary categorization technologies, and our partnerships with internet, security and adtech industry leaders, we provide unparalleled URL categorization and threat intelligence.
Yokohama National University is a Japanese national university founded in 1949. YNU provides students with a practical education utilizing the wide expertise of its faculty and facilitates engagement with the global community. YNU’s strength in the academic research of practical application sciences leads to high-impact publications and contributes to international scientific research and the global society. For more information, please see: https://www.ynu.ac.jp/english/.