Cybersecurity specialists at the Georgia Tech Research Institute have developed a system that uses big data to aggregate threat information that seeks to forewarn organizations of an impending attack.
According to GTRI, BlackForest works by tapping into various sources online to gather data and comparing these to other information and historical data to predict patterns or connect events that may indicate cybercriminal activity.
These could include monitoring comments on websites such as hacker forums and other sites where malware authors congregate, analyzing code posted online by known bad actors requesting for comment, or staying alert for proprietary information suddenly appearing on the Internet.
“BlackForest is on the cutting edge of anticipating attacks that may be coming,†said Christopher Smoak, research scientist at GTRI’s emerging threats and countermeasures division, said July 23.
“This can drive development of a threat picture that may provide pre-attack information to organizations that may not even know they are being targeted,†he added.
The research institute said the open source system can also help conduct post-mortems such as source and method of attack, valuable input that targeted businesses can use to better secure their networks.