AIDE

GCA’s Automated IoT Defence Ecosystem (AIDE) enables automated collection, analysis, distribution, and display of attacks on IoT devices and a means to implement distributed defense of these devices including in small office or manufacturing and home environments.

GCA AIDE Desktop Dashboard Mockup

What AIDE Does

Collection

The AIDE platform automatically collects IoT attack data through three methods:

  • Honeyfarms located around the world, including a GCA honeyfarm with over 1,200 devices and data feeds from partners;
  • Virtual IoT devices located on simulated networks; and
  • ProxyPots that can be distributed around the world and will be backed by real and virtual IoT devices.

Analysis

AIDE aggregates attack data into an analysis platform that is available to companies, academia, nonprofits, and other entities to study IoT attack signatures and patterns. In exchange for access to the data, researchers will be required to share any algorithms developed to help AIDE generate additional information products.

Additionally, the analysis platform will be used to generate data feeds available to GCA partners and the security community. These feeds will be made widely available throughout the cybersecurity ecosystem to enable IoT attack mitigation.

Distribution

Data feeds are made available throughout the cybersecurity ecosystem to enable mitigation of IoT attacks.

Display

AIDE offers a real-time visualization of high-level results at GCAaide.org.

Distributed Defense

The output from the AIDE platform can be used by different entities in different ways, however, the outputs are designed to allow automated defense.

AIDE Full Color Logo

GCA will work specifically to develop a free or low-cost way for small office or manufacturing and home environments to participate in automated defense. Specifically, this includes an edge router/policy enforcement point that mitigates attacks within the local environment using the “Manufacturer Usage Description” standard for IoT devices that support that standard. Real-time threat feeds, such as Quad9 and/or data from the AIDE platform, protect legacy IoT devices and general-purpose devices. A means will be deployed so that when the router identifies an attack or compromise, mitigation to limit the attack and any further compromises can be put in place in real time.

GCA dashboard with AIDE and graphs

GCA Global Cyber Alliance Newsletter Cover Images

Get the Latest News & Info

Keep up to date with GCA. Subscribe to our newsletter to receive the latest updates, insights, and announcements from GCA.

By contacting us, you consent to your data being stored outside the EEA. If you have questions on GDPR and how GCA handles your data, please email our Chief Legal & Administrative Officer at GDPR@globalcyberalliance.org.