Bitdefender’s Network Traffic Security Analytics (NTSA) solution can now also recognize attacks that use DNS and FTP services. This is possible because of the fact that the NTSA solution now includes machine learning algorithms for this purpose.
Bitdefender NTSA is a solution that allows companies to quickly recognize advanced threats in the network. The solution analyzes network traffic to detect attacks that traditional solutions fail to recognize.
NTSA uses semi-monitored machine learning to identify threats, key patterns, and trends in running data streams. These capabilities have now been expanded with new algorithms specifically designed for attacks using DNS and FTP services.
Phishing and redirection
Bitdefender itself states that this type of attack is on the rise. For example, cybercriminals are trying to steal information by diverting unsuspecting users and their legitimate network traffic to a rogue website managed by the hacker himself. DNS services are also used for DNS-specific malware, DDoS attacks and DNS tunneling.
However, FTP still causes problems. FTP is a relatively old way of distributing data and has been causing known security problems for some time now. Although these are known problems, they keep occuring. In addition, more and more devices are outside the field of vision and control of the IT department, which makes it more difficult to identify risks.
The new algorithms in NTSA detect such attacks. They cover the entire bandwidth, including the devices that are connected to the network. The algorithms, therefore, scan for attacks with DNS and FTP services in order to recognise them.
Bitdefender has multiple components within its NTSA solution. The latest component is IntelliTriage, which was unveiled in May this year. Among other things, IntelliTriage offers automated triage alerts, allowing for faster response times.
In addition, IntelliTriage helps to detect advanced attacks through machine learning. This, too, should shorten incident detection times and reduce business risk.