Cyber threats are on the Internet – TDI’s Threat Meter can find them.

TDI’s Threat Meter is a novel mechanism for evaluating the trends in and magnitude of major cybersecurity areas such as malware, spam, and terrorism threat across the broad spectrum of the Internet and the dark web. Threat Meter’s methodology is partially based upon the principles of compressibility and Kolmogorov complexity. TDI developed this powerful data-mining mechanism to extract information from the index of major search engines such as Google, Yahoo, MSN and others. This novel method can be used as an alternative to existing techniques for security threat and spam monitoring such as SANS Internet Threat Level, Symantec Internet Threat Meter and others. In addition, TDI Threat Meter predictions are augmented by the opinion of potentially billions of people around the world, captured in the corpus of major search engines. Consequently, the results it produces are likely to be statistically significant.

The concepts of compressibility and Kolmogorov complexity can also be applied to the areas of intrusion detection, spam classification, and classification of unknown malware. The advantage is this approach is not signature-based and can detect malicious activity and traffic or malware of an unknown nature. Our tests of Threat Meter over the years indicate a high level of correct malware/spam classification with a very low level of false positives. TDI can also develop Threat Meter modules that can easily be integrated into almost all enterprise products for intrusion detection (IDS/IPS), spam filtering, and malware protection.