The UK based Global Cyber Alliance (GCA) has launched the Automated IoT Defence Ecosystem (AIDE), billed as a first-of-its-kind cyber security development platform for IoT products that will enable small businesses, manufacturers, service providers and individuals to identify vulnerabilities, mitigate risks and secure IoT devices.
GCA says AIDE will automatically collect IoT attack data through honeypot farms located around the world, virtual IoT devices located on simulated networks, and ProxyPots, custom IoT honeypots developed by GCA.
It will offer capabilities for data collection, analysis and automated defence on a scale not previously attained, according to GCA.
AIDE aggregates attack data into an analysis platform available to companies, academia, non-profits and other entities to study IoT attack signatures and patterns.
In exchange for access to the data, researchers are required to share any algorithms developed to help AIDE generate additional information products.
Additionally, GCA says, the analysis platform will be used to generate data feeds that will be made widely available throughout the cyber security ecosystem to enable IoT attack mitigation.
GCA says a ProxyPot is capable of replicating one IoT device across multiple IP addresses and physical locations to identify global attack risks quickly, efficiently and accurately.
“Together, the AIDE and ProxyPot platforms allow for organisations and individuals to have greater visibility into the types and scale of threats facing the IoT devices deployed into various environments, including smart cities and other smart ecosystems.”
GCA is also working with Attivo Networks — which provides a deception platform to detect inside-the-network intrusions in networks, public and private data centres, industrial control systems, SCADA, IoT and PoS environments — to build a SCADA honeypot farm to collect threat intelligence on attacks targeting industrial control systems.
Attivo Networks’ cofounder and vice president of product management Marc Feghali said, by creating customised decoys that blend in with production connected devices, organisations would be able to quickly detect attackers, engage them, capture their attack methods, derive their attack signature and divert them away from real IoT infrastructure.
