When speaking in terms of cybersecurity, recent developments in Artificial Intelligence, are becoming key aspects as a central mandatory technological improvement to cybersecurity. AI is key in spotting the suspicious status within a system. TOSHI project combines recent Linux kernel technologies such as eBPF/XDP, that are now reaching their maturity, with AI/ML-based techniques to analyze events and detect anomalies. These two main pillars have not been integrated in any product to enforce host security and their unique combination has the potential to address a constantly growing security market.
In the security market, operators, verticals (e.g. Industry 4.0) and customers (e.g. SMIs) are moving from proprietary solutions to devices and hosts based on Linux, demanding for solutions such as TOSHI, that greatly reduces the attack surface by intercepting threats at the very beginning and minimize the necessity of human intervention. Enhancing security detection and countermeasures, reducing (1) downtimes, (2) threat detection times (>10% for both) and (3) the intervention of security experts.
TOSHI inside_redBorder deployment on client’s linux based servers allows a midway deployment with minimal impact on the applications running. Gives an additional source of rules on real time based with the advantages of ML, eBPF and the polycubed framework (Toshi inside technologies and engines) and a combination with the ones already present/stored in redBorder engine. Gives full visualization on complete dashboard, historical and real time. Friendly and fully configurable. The resulting platform is an answer to customers to be able to protect them from current and future types of threats. The Innovalia Association as business champion, developed key business activities within the project, such as business plan, and communication and dissemination plan. Also, the Innovalia Association participated in the development of a broker for communication between the TOSHI engines and redBorder (the cybersecurity tool from the Innovalia Group). The Innovalia Association also worked in the development and the provision of the visualization interface and complete dashboard for the solution. Other partners from the project were Universidad Politécnica de Madrid (UPM) who was the project leader and coordinator, the Politecnico di Torino, Fondazione Bruno Kessler and Telefónica.
With TOSHI inside_redBorder we developed a motto: Secure more with less: the importance of a quick response
THE ROLE OF THE INNOVALIA ASSOCIATION
Innovalia participates in defining usage cases and state-of-the-art. Innovalia manages the actions in terms of dissemination and the extrapolation of results, contributing its experience and knowledge in these tasks.
THE PROJECT
Total system shields
Start / End : 01/2020 – 12/2020