Attacks on information systems have grown exponentially in volume and in sophistication. While there are many security systems and ‘honeypots’ designed to harvest or trap the malware and study its behaviour, still it is very difficult to detect and identify the advanced malwares that are stealthy in nature and causing more serious damage. The traditional ‘honeypot’ systems that are traps set to detect attempts at unauthorised use of information systems, do not identify or do not have the capability to attract and detect advanced threats.
The primary goal of Advance Threat Analysis Platform (ATAP) is to be able to capture the malware that is not captured by the traditional threat collection systems, and to learn how to better protect against those threats. The Advanced Threat Collection Platform (ATCP) uses information systems which truly mimic production like information systems and networks to harvest advanced malwares.
Advanced simulation of real time systems and user behaviour will help in studying the behaviour of cybercrime activities ranging from automated scanning and malwares to sophisticated hacking. The attack footprint will be collected and analysed using various tools, including Stealthy Monitoring and Forensic Tools, Network Monitors, Flow Analysers and SIEM Tools. Gathered intelligence can effectively be used for gaining in-depth understanding of the malware and malicious activities.
