Services > Security

INTELLIGENT IDENTIFICATION OF INTRUSION

The Data Mining has been mainly associated to optimization of marketing campaigns, fraud detection, prediction of production or demand, etc. However, the Data Mining applications go beyond these areas, being useful in practically any area. Implementing the Data Mining on the “technical datum” can help us to establish rules and predict possible risks in cyber-security, as well as prevent intrusive attacks.

In particular, within the domain of cyber-security, in accordance to historical data of systems files (such as the logs files) and having identified the attacks occurred, it is possible to create a model, using the CRISP-DM methodology described below, in order to identify attacks in the exploitation context. Thus, it would be possible to alert on time of real threats of every sort, and especially, of the APTs -Advanced Persistent Threats- increasingly frequent. These are the hardest to identify, unless tools of the Business Analytics type are used, such as dVelox, which is part of our service.

The CRISP-DM methodology is an analysis standard based on the following phases:

  • 1.Understanding of Business: To understand the clients’ cyber-security risks and the goals to achieve.
  • 2.Understanding of Data: To identify the existing technical datum and its usefulness.
  • 3.Preparation of Datum: To obtain the minable or dataset view that enables us to build our model.
  • 4.Modeling: To implement the data mining techniques.
  • 5.Evaluation: To determine if the models created are useful when preventing cyber-security attacks.
  • 6.Unfolding: If the models show predictive capability for the proposed objective, the corresponding rules are implemented.

dVelox is a platform for the Predictive Analysis in the decision making of the business context. It is the first commercial platform of Data Mining (Advanced Analytics) developed 100% in Spain. A first implementation was performed in 2005. Since that version, dVelox has evolved in its utilization in predictive projects in which mathematicians, computer scientists and business experts have intervened in order to include their knowledge in a tool.

dVelox has been successfully used in a large number of predictive analysis projects that have generated efficient models for the intelligent identification of the intrusion.