Project description
Secure, dependable and trusted Infrastructures
The aim of WOMBAT is to provide new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens.
Why Research in Emerging Security Threats?
Today, combating cyber-crime becomes harder and harder. This is acknowledged by several recent articles from major anti-virus companies that confirm that cyber-crime scene is becoming increasingly more organized and more consolidated.
Several initiatives exist today that offer information and data that support this theory. However, the information they provide cannot be used by the research community to identify, understand and eventually defeat the cyber threats we are facing. The reasons are twofold:
- First, due to privacy or confidentiality issues, most of these sources are not allowed to share the detailed information they hold.
- Second, as a result of the lack of publicly available information, no framework exists to rigorously investigate emerging attacks using different data sources and viewpoints.
Why WOMBAT?
WOMBAT aims at providing new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens. To reach this goal, the project is structured around three main objectives (see figure):
- Real time gathering of a diverse set of security related raw data: WOMBAT will take advantage of existing sources of information controlled by some of the partners, such as the Deepsight threat management system managed by Symantec, the worldwide distributed honeypot system operated by Eurecom, the nationwide early warning system in use by CERT Polska or the largest malware collection in the world accumulated by Hispasec. WOMBAT will also join efforts with other players in the field and explore how their dataset can be used, in order to obtain a global view of the observed phenomena. Also, some new types of sensors will be considered, especially in the domain of client-based honeypots. An important effort will be devoted to ensure interoperability among these various sources.
- Data enrichment by means of various analysis techniques: As the sole observation of a phenomenon does not suffice to reveal its cause(s), other elements surrounding or characterizing it must be formalized and taken into account. WOMBAT will develop new techniques to characterize the observed attacks, the collected malware, etc. This will lead to the semi-automatic generation of metadata associated with the raw data collected.
- Threats Analysis: WOMBAT will build upon the recognized expertise of several of its partners in correlating the data and metadata related to various events in order to identify the root cause(s) of a group of intrusions. This will make it possible to generate models of harmless, yet malicious, activities. As a result, the project will not only be able to raise alerts more accurately when new situations emerge but, more importantly, it will offer support during the decision making process for countermeasures selection. These models will help security actors to derive sound rationales for their security investments.
The WOMBAT project aims at providing new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens. To reach this goal, the proposal includes three key workpackages: (i) real time gathering of a diverse set of security related raw data, (ii) enrichment of this input by means of various analysis techniques, and (iii) root cause identification and understanding of the phenomena under scrutiny. The acquired datasets and knowledge will be shared with all interested security actors (ISPs, CERTs, security vendors,etc.), enabling them to make sound security investment decisions and to focus on the most dangerous activities first. Special care will also be devoted to impact the level of confidence of the European citizens in the net economy by leveraging computer security awareness in Europe thanks to the gained expertise.
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.
You need to log in or register to use this function
We are sorry... an unexpected error occurred during execution.
You need to be authenticated. Your session might have expired.
Thank you for your feedback. You will soon receive an email to confirm the submission. If you have selected to be notified about the reporting status, you will also be contacted when the reporting status will change.
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
FP7-ICT-2007-1
See other projects for this call
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Coordinator
92130 Issy Les Moulineaux
France
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.