X-CHECK: Detection of Security Incidents at Internet Exchange Points
Computer Systems and Telematics
German Federal Ministry of Education and Research (BMBF)
The overall goal of X-Check (Cross-Check) is to provide improved security for ICT-systems by leveraging data from Internet Exchange Points (IXP). X-Check designs and implements a system for the large-scale detection of (a) known security incidents and (b) novel, unconventional anomalies at central Internet nodes.
Objective: Detection and Protection with the Aid of Internet Exchange Points
The three main objectives are as follows:
- Threat analysis for public network access points.
- Scalable real-time analysis of network incidents at IXPs.
- Development of open-source tools for the detection of security incidents.
The X-Check software components will be designed and implemented to detect anomalies with a predictable, low latency. These components will scale dynamically for small as well as very large data sets and thus allow a resource-saving usage. Based on a preventive vulnerability and threat analysis new services for the route server infrastructure will be designed and implemented. Correlating event reports between several IXPs will improve the precision of the incident detection.
X-Check explicitly pursues the community-driven approach. Innovative solutions are developed considering real-world deployment scenarios. The intended objectives will be realized in close cooperation with the largest IXPs in Germany (DE-CIX and BCIX) and a well-established IT-security company (DFN-CERT). The solutions will be tested and refined during inter-regional field tests in Berlin, Frankfurt, Hamburg, and Munich.