NetShield - DDoS Detection

Competence Center: Security
Contact: Prof. Dr. Sahin Albayrak, Dipl.-Inf. Aubrey-Derrick Schmidt
Partner: Deutsche Telekom Laboratories, T-Systems GmbH, Ben Gurion University of the Negev
Funded by: Deutsche Telekom AG


DDoS Detection is a project of Deutsche Telekom Laboratories supported by DAI-Labor. The objective of this project is to develop a smartphone monitoring framework capable of detecting malicious code on mobile devices and to initiate appropriate counteractive measures.

Smart-phones are monitored by installing a Monitoring Agent on the devices that is constantly sending information about the device state to the detection framework located on a central server. The detection framework consists of various detection units that analyze all incoming data looking for patterns of abnormal device behavior.

To identify these patterns each detection unit uses dynamic and modern classification algorithms particularly effective in recognizing a certain subset of threats. Once a threat is detected the user of the infected smart-phone will be informed and further counteractive measures might be initiated.
The DDoS Detection framework additionally offers a web based interface to security ex-perts providing an easy graphical access to all available data and tools for supervising and continuously improving the framework.