In January 2010 KÜRT Zrt., in the framework of the GOP-2009-1.1.1 grant program, won support for developing the prototype for a “Confidentiality-guaranteed, distributed data collection, real-time log analysis and automatic intervention system”. The aim of the project is to develop a prototype of a data collection and real-time log analysis system – with parameters superior to those of currently available log analysis systems – by using the results of applied research conducted previously.
For IT-based industries and corporations, increasing emphasis is being placed on applying solutions that ensure the protection of data and IT systems, and log analysis is one such solution.
Current log analysis systems are static “dumb” systems that are based on monitoring the frequency of events (incidents) as well as the combined occurrence of certain pre-defined events; indeed, these alerts – since they are not based on real-time systems – only become evident days or even weeks later, which makes it significantly more difficult, and in many cases impossible, to intervene in good time and prevent damage from occurring.
An additional problem is that the log analysis is based on the recording of event reports (logs) and their subsequent examination, which represents a serious, often irreconcilable conflict between the company and the log analyst. The reason for this is that the logs contain extremely sensitive data in relation to the architecture of the network, the users, and the business activities involved (e.g. in banking systems, the data of bankcard or internet banking transactions), and so it not possible to forward this kind of sensitive data to external parties.
In this project we are implementing an entirely novel concept for solving these problems, which, owing to its distributed operation and its real-time processing capability based on innovative mathematical algorithms, could revolutionize the practice of log analysis.
In the course of the project, we will conduct a significant quantity of scientific and research work in the field of log analysis. If the research results and the testing of the theory through prototypes bear out our initial hypotheses, then later, within the context of a product development project, the new log analysis system can be developed and brought to market, together with its broad selection of related services.
The project has been made possible with the support of the European Union and the co-financing of the European Regional Development Fund.
KÜRT Információbiztonsági és Adatmentő Zrt.
H-2040 Budaörs, Szabadság út. 301.
MAG – Magyar Gazdaságfejlesztési Központ Zrt.
1139 Budapest, Váci út 83.
Project reference code:
National Development Agency
Hungarian Economic Development Centre