Fourth Paradigm Institute, a data sciences and translational research laboratory under the Council of Scientific and Industrial Research (CSIR), is anchoring a GoI-backed cyberspace surveillance project to generate threat intelligence.
The Bengaluru-based CSIR-4PI has successfully presented a proof of concept on the network telescope project to the Ministry of Electronics and Information Technology (MeitY), and earlier this week received the go-ahead for the Rs 3-crore project.
Network telescope systems facilitate the monitoring and recording of malicious internet traffic and are critical to strategic surveillance.
V Anil Kumar, Chief Scientist at CSIR-4PI, said the project was designed exclusively for security inference and would help agencies that work in strategic domains gather intelligence on evolving threats of cyber attacks. “We are starting this as an R&D project. The intel gathered will be passed on to those who make policy decisions with respect to the Indian cyberspace and used for their strategic planning,” Kumar told DH.
He said the threat intelligence gathered could have an extensive range of applications — from estimating the number of malware-infected devices to predicting the regions from where cyber attacks are likely to originate.
Tracking IBR
The idea, Kumar said, is to generate threat intelligence by processing internet background radiation (IBR), a form of traffic that takes shape when an infected device propagates the infection to other devices and tries to expand the attack network.
“IBR is, essentially, data of a unique nature. Capturing, analysing and processing this data help in generating wide-ranging information (about the attack),” he said.
There are alternative approaches to breach-proofing, like the defences put up by honeypot systems that “pose” as potential targets for hackers and then, deflect their attacks. “Generating cyber threat intelligence, even if through multiple mechanisms, has minimal overlapping. All these efforts can only add to the overall perspective,” Kumar said.
CSIR-4PI has been working on the indigenous development of cyberspace surveillance technology with funding from MeitY and in collaboration with agencies including the Computer Emergency Response Team India and the National Cyber Coordination Centre. The institute also has plans to partner with MeitY in developing a national framework for cyber threat intelligence, Kumar said.