The basic principle in countermeasures against cyber attack is, based on a baseline analysis, to quickly and accurately understand the ongoing attack activities.
In 2003, with the advent of MSBlaster which was the largest infection at that time, the momentum of the need for a mechanism to grasp large-scale malware infections increased. While various other observation projects being launched in Japan and overseas, the NICTER*1 project launched in 2005.
Since 2005 up to date, NICTER has been conducting darknet*2 observations. By observing and analysing packets arriving the darknet, network incidents may be identified; bot-like behaviors of a host infected with a worm-type malware, backscatters from a server being attacked by syn-flooding, zero-day vulnerability of a embedded device being exploited, or server misconfigurations, etc. NICTER project also develops and operates DRDoS honeypot and low-interaction honeypot and shares data with collaborators and other security organization.
When NICTER project identifies a incident that may have significant impact to the related organization, we may directly contact the CSIRT of the organization, go through an ISP or security agencies such as IPA or JPCERT/CC and provide the result of our observation.
*1NICTER stands for Network Incident analysis Center for Tactical Emergency Response.
*2A darknet is a set of globally announced unused IP addresses. Because it is unused, packets should not arrive under the normal usage of the internet. However, in reality, a large number of packets arrive due to mainly cyber attacks.
The Cyber Security Laboratory uses cyber security technology to deal with clever and complex cyber attacks and unknown threats to the popular IoT. This is the research department of Cyber Security Research Institute, which conducts research and development.
Aggregate and analyze a large amount of information on diversified cyber attacks such as indiscriminate attacks and targeted attacks And research and development of technologies aiming at automation of cyber attack countermeasures. Furthermore, by applying R & D results to strengthen the organization's own cyber attack analysis capabilities, we will verify the technology and aim for the rapid spread of R & D results.
Please see the laboratory website.https://www.nict.go.jp/en/cyber/index.html
Please send inquiries to the following e-mail address.
Tested browsers : Safari/Chrome/Firefox/Edge
Mobile environment : Atlas/Cube/Stats may not work with touch screen. A PC is recommended to work with all functionalities.
The information contained in this site does not guarantee the accuracy or completeness. In addition, NICT does not take any responsibility for any actions performed by users using this site information.
Copyright © National Institute of Information and Communications Technology. All Rights Reserved.