ARAKIS-GOV is a joint undertaking implemented by ABW’s Telecommunications and IT Security Department and the CERT Polska Team operating within NASK. It is based on an earlier project known as ARAKIS (Aggregation, Analysis and Classification of Network Incidents) worked out by CERT Polska. ARAKIS is a unique early warning system, which automatically detects and describes new network security threats. The task is performed with the use of innovative algorithms taking advantage of learning machines’ techniques. The system allows for processing of considerable amounts of data with a low false alarm ratio. The design of the algorithms makes ARAKIS capable of detecting threats irrespective of their continuous evolution.

ARAKIS-GOV protects telecommunications and IT networks, supplementing the operation of standard network protection systems such as firewalls, anti-virus software or break-in detection systems. Due to its specific character it is used in conjunction with the aforementioned safety measures. The system’s unique nature consists in the fact that it monitors the content of information exchanged by the protected institution via the Internet. System probes are installed outside the protected local area network of the institution, on the Internet side of the connection.

ARAKIS-GOV users are provided with information on new (global) threats appearing in the Internet, inter alia newly detected, self-propagating worms, new attack types, occurring from a large number of locations, network traffic trends at individual ports and activity trends for viruses disseminated via e-mail.

ARAKIS-GOV is also considered a source of information on local threats related to the specific, protected location, including information on the lack of up-to-date virus vaccines, on infected LAN computers, on a non-secure configuration of edge firewall systems, or on attempts to scan the internal address space, both from the Internet and form the local network.

The system’s sensors are currently installed in over 60 central level offices, as well as governmental agencies and local governments. Participation in the ARAKIS-GOV project is free of charge.

----------------------------------

Information on the authors of the ARAKIS-GOV project

 NASK (Research and Academic Computer Network) is a research and development entity conducting scientific and implementation activity in the field of tele-IT services and ICT security systems. In 1991 NASK connected Poland to the Internet, and then took an active part in laying the foundation for the network infrastructure used by the academic community, administration and the business sector. It was within NASK’s structure that Poland’s first network threat response team - CERT Polska – was appointed. Its tasks include, inter alia, registration, reaction to and classification of incidents posing a threat to the network security. The ARAKIS system is one of the results of research and implementation activities conducted by CERT Polska.

ABW (Internal Security Agency) is an entity established to protect the constitutional order of the Republic of Poland. Its tasks include protecting the state against actions that may pose a threat to independence or constitutional order of Poland, hinder the functioning of the state’s structures or endanger its crucial interests. The Agency is responsible, inter alia, for ensuring protection of the state’s key systems and IT networks. In February 2008 a Governmental Computer Incident Response Team CERT.GOV.PL was established within the structure of ABW’s Tele-IT Security Department. One of the Team’s tasks is to continue implementation of the ARAKIS-GOV system and to exercise daily supervision over its operation.