This paper introduces ZADIG XDR, an innovative Extended Detection and Response system designed to enhance real-time anomaly detection, response, and prevention. Using advanced artificial intelligence and machine learning techniques, the system is able to evaluate anomalous events and predict their recurrence. ZADIG XDR's modular architecture allows for extensive customization, supporting targeted and effective protection. The system's efficient proprietary data ingestion pipeline, based on multiple tools such as Zeek, Kafka, Logstash, ElasticSearch, and a fork of LoudML: ZADIG AI, maintained by bitCorp, automates data collection, processing, and storage, ensuring seamless integration of multiple sources for in-depth security analysis. ZADIG XDR's robustness and flexibility in detecting anomalies and mitigating advanced cyber threats are then demonstrated through a simulation of multiple attack scenarios: Man-in-the-Middle, Denial of Service, and Scanning attacks.

ZADIG: A novel Extended Detection and Response System

Faramondi L.;Guarino S.;Setola R.;
2024-01-01

Abstract

This paper introduces ZADIG XDR, an innovative Extended Detection and Response system designed to enhance real-time anomaly detection, response, and prevention. Using advanced artificial intelligence and machine learning techniques, the system is able to evaluate anomalous events and predict their recurrence. ZADIG XDR's modular architecture allows for extensive customization, supporting targeted and effective protection. The system's efficient proprietary data ingestion pipeline, based on multiple tools such as Zeek, Kafka, Logstash, ElasticSearch, and a fork of LoudML: ZADIG AI, maintained by bitCorp, automates data collection, processing, and storage, ensuring seamless integration of multiple sources for in-depth security analysis. ZADIG XDR's robustness and flexibility in detecting anomalies and mitigating advanced cyber threats are then demonstrated through a simulation of multiple attack scenarios: Man-in-the-Middle, Denial of Service, and Scanning attacks.
2024
Anomaly Detection; Artificial Intelligence; Cybersecurity; Extended Detection and Response; Machine Learning
File in questo prodotto:
File Dimensione Formato  
ZADIG_A_novel_Extended_Detection_and_Response_System.pdf

non disponibili

Tipologia: Versione Editoriale (PDF)
Licenza: Copyright dell'editore
Dimensione 405.53 kB
Formato Adobe PDF
405.53 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12610/83025
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? 0
social impact