A new Josef Ressel Center (JR Center) devoted to IT security commenced operations at the University of Applied Sciences St. Pölten (FH St. Pölten). The focus of the Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks (TARGET) is on the unified recognition of targeted attacks.
As the university explained in a press release, malware programs usually rely on mass dissemination in the networked information society. Some software is intentionally infiltrated into companies. Examples are the computer worm Stuxnet found in Iranian atomic power plants in 2010, or the spyware “Regin” found in Vienna in the fall of 2014.
"IT attacks can comprise a serious threat to companies, and therefore require an effective protective mechanism in this area“, said Reinhold Mitterlehner, Federal Minister of Science, Research and Economy. "We want to carry out research about which marks are left in the network by targeted IT attacks on companies and how these can be identified“, according to Sebastian Schrittwieser, Head of the JR Center.
Targeted attacks are usually first recognized by conventional antivirus programs when they have already done damage. For this reason, the center will make use of new methods to uncover malware. The basis for this is the behavior of the malware. In some places a file is created, a program started or an external link is established, all of which are activities which can also be carried out by harmless software. “The issue is several thousand commands each of which is neutral, but are very suspicious in their interaction“, according to Paul Tavolato, research associate at the Institute for IT Security Research at (http://www.fhstp.ac.at/forschung).