Proactive Risk Management through Improved Cyber Situational Awareness

Leistungen

This deliverable will summarise the dissemination efforts carried out during the entire project. It will build on the first version published the project mid-point. Especially, the list of the attended conferences, journal, magazine and conference publications will be given. The deliverable shall contain also the list of all other dissemination and marketing events and activities, including the distribution of marketing materials, cross-project cooperation and actions performed through the web channels.

Pilots Evaluation Report v2

This will contain results from both pilots as well as an evaluation of the overall pilot approach and results.

Summary of dissemination efforts v1

This deliverable will summarise the dissemination efforts carried out during the project up to month 24. Especially, the list of the attended conferences, journal, magazine and conference publications will be given. The deliverable shall contain also the list of all other dissemination and marketing events and activities, including the distribution of marketing materials, cross-project cooperation and actions performed through the web channels.

Specification of Context Awareness Model

This artefact contains the specification of the mission and constituency modeling approach and initial models. It is formulated as a report

PROTECTIVE Framework specification

This report specifies the design of the PROTECTIVE framework and describes the tools and technologies selected to form the base of the framework. It also specifies internal information exchange formats and any special frameworks services that will be needed

Threat intelligence sharing state-of-the-art and requirements

This artefact contains an in-depth SOTA analysis of TI sharing and TI communities. Furthermore, it provides the necessary specification of the PROTECTIVE XChange to be used in WP2. It is formulated as a report.

Pilots Evaluation Report v1

This deliverable will contain the results from the Pilot 1 with guidelines and updates for Pilot 2 .

Event correlation mechanisms report

This report will include the summary of meta-alert design and development of the event correlation mechanisms for various incoming data streams (T3.1 and T3.2). This report will serve as a basis for further work within WP3.

Updated Conceptual Model v2

The model developed in D2.2 will be further refined with feedback/experiences from Pilot 1 . This version of the model will delivered before the commencement of Pilot 2 to serve as an examplar to communicate how the PROTECTIVE system can be integrated into end-user, including SME MSSP, environments.

Updated Conceptual Model v1

The initial model described in D2.1 will be reified with feedback from the ongoing interaction with CSIRT end-users. This version of the model will be delivered before the commencement of Pilot 1 to serve as an examplar to communicate how the PROTECTIVE system can be integrated into end-user environments.

Requirements Capture, Specification, Architectural Design and Model

This deliverable contains a full requirements capture and specification outlined, including whole model and architectural design. An initial design of the workflow (including architecture and ) based on existing common practices and literature. It will also describe the specific and detailed measures to address data protection principles related to collection, storage, usage, retention and deletion of personal data.

Meta-alerts ranking and prioritisation mechanisms report

Here the overview of the undertaken research regarding decision support techniques: multi criteria decision analysis, preference learning and machine learning will be described with appropriate argumentation supporting selection.

Website and Dissemination Material v1

This deliverable will be the first version of the website and other dissemination material such as flyers etc.

Website and Dissemination Material v2

Materials and in particular the project website will be constantly updated including information about dissemination activities to be carried out by the consortium and public deliverables.

Context Awareness Platform v3

This is the final releases of the context awareness components for delivery to system integration. It provides support for Pilot 2.

CSA Visualisation v2

This is the second and final release of the CSA visualisation dashboard. It is aimed at Pilot 2.

Threat intelligence community v3

This contains the final release of the PROTECTIVE XChange. It provides the second version of TI Trust and TI Admin. It consists of software artefacts.

PROTECTIVE System – v3

This is the third release of the integrated and validated PROTECTIVE system. It contains enhanced and extra functionality for Pilot 2 .

Correlation and Prioritisation Platform Component v3

This is the final release of the correlation and prioritisation components aimed at Pilot 2. It consists of software artefacts

PROTECTIVE System - v4

This is the final release of the integrated and validated PROTECTIVE system. It contains the verified functionality following completion of Pilot 2.

Veröffentlichungen

Mission-Centric Risk Assessment to Improve Cyber Situational Awareness

Autoren: F. R. L. Silva, P. Jacob
Veröffentlicht in: Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES 2018, Ausgabe 2018, 2018, Seite(n) 1-8, ISBN 9781-450364485
Herausgeber: ACM Press
DOI: 10.1145/3230833.3233281

Access Control Policy Enforcement for Zero-Trust-Networking

Autoren: Romans Vanickis, Paul Jacob, Sohelia Dehghanzadeh, Brian Lee
Veröffentlicht in: 2018 29th Irish Signals and Systems Conference (ISSC), Ausgabe 2018, 2018, Seite(n) 1-6, ISBN 978-1-5386-6046-1
Herausgeber: IEEE
DOI: 10.1109/issc.2018.8585365

An Ethics Framework for Research into Heterogeneous Systems

Autoren: J. Happa, J.R.C. Nurse, M. Goldsmith, S. Creese, R. Williams
Veröffentlicht in: Living in the Internet of Things: Cybersecurity of the IoT - 2018, 2018, Seite(n) 26 (8 pp.)-26 (8 pp.), ISBN 978-1-78561-843-7
Herausgeber: Institution of Engineering and Technology
DOI: 10.1049/cp.2018.0026

PROTECTIVE: A European-wide NREN Cyber Threat Intelligence Sharing Platform - lessons learnt to date

Autoren: Jassim Happa
Veröffentlicht in: OASIS Borderless Cyber Conference & FIRST Technical Symposium, 2017
Herausgeber: OASIS/FIRST

Defending against Probe-Response Attacks

Autoren: Emmanouil Vasilomanolakis, Noorulla Sharief, Max Muhlhauser
Veröffentlicht in: 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Ausgabe 2017, 2017, Seite(n) 1046-1051, ISBN 978-3-901882-89-0
Herausgeber: IEEE
DOI: 10.23919/INM.2017.7987436

On probe-response attacks in Collaborative Intrusion Detection Systems

Autoren: Emmanouil Vasilomanolakis, Michael Stahn, Carlos Garcia Cordero, Max Muhlhauser
Veröffentlicht in: 2016 IEEE Conference on Communications and Network Security (CNS), Ausgabe 2016, 2016, Seite(n) 279-286, ISBN 978-1-5090-3065-1
Herausgeber: IEEE
DOI: 10.1109/CNS.2016.7860495

Towards Trust-Aware Collaborative Intrusion Detection: Challenges and Solutions

Autoren: Emmanouil Vasilomanolakis, Sheikh Mahbub Habib, Pavlos Milaszewicz, Rabee Sohail Malik, Max Mühlhäuser
Veröffentlicht in: IFIP WG 11.11 International Conference on Trust Management, Ausgabe 2017, 2017, Seite(n) 94-109
Herausgeber: Springer International Publishing
DOI: 10.1007/978-3-319-59171-1_8

Towards Blockchain-Based Collaborative Intrusion Detection Systems

Autoren: Nikolaos Alexopoulos, Emmanouil Vasilomanolakis, Natalia Reka Ivanko, Max Mühlhäuser
Veröffentlicht in: International Conference on Critical Information Infrastructures Security, Ausgabe 2017, 2017, Seite(n) to appear
Herausgeber: Springer-Verlag

Situational Awareness based Risk-adaptable Access Control in Enterprise Networks

Autoren: Brian Lee and Roman Vanickis and Franklin Rogelio and Paul Jacob
Veröffentlicht in: Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security, IoTBDS 2017, Porto, Portugal, April 24-26, 2017, Ausgabe 2017, 2017, Seite(n) 400--405, ISBN 978-989-758-245-5
Herausgeber: SciTePress
DOI: 10.5220/0006363404000405

Sphinx : a Colluder-Resistant Trust Mechanism for Collaborative Intrusion Detection

Autoren: Carlos Garcia Cordero, Giulia Traverso, Mehrdad Nojoumian, Sheikh Mahbub Habib, Max Muhlhauser, Johannes Buchmann, Emmanouil Vasilomanolakis
Veröffentlicht in: IEEE Access, Ausgabe 6, 2018, Seite(n) 72427-72438, ISSN 2169-3536
Herausgeber: Institute of Electrical and Electronics Engineers Inc.
DOI: 10.1109/access.2018.2880297

Network entity characterization and attack prediction

Autoren: Vaclav Bartos, Martin Zadnik, Sheikh Mahbub Habib, Emmanouil Vasilomanolakis
Veröffentlicht in: Future Generation Computer Systems, Ausgabe 97, 2019, Seite(n) 674-686, ISSN 0167-739X
Herausgeber: Elsevier BV
DOI: 10.1016/j.future.2019.03.016

Next Generation P2P Botnets: Monitoring Under Adverse Conditions

Autoren: Leon Böck, Emmanouil Vasilomanolakis, Max Mühlhäuser, Shankar Karuppayah
Veröffentlicht in: Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Heraklion, Crete, Greece, September 10-12, 2018, Proceedings, Ausgabe 11050, 2018, Seite(n) 511-531, ISBN 978-3-030-00469-9
Herausgeber: Springer International Publishing
DOI: 10.1007/978-3-030-00470-5_24

Run-Time Monitoring of Data-Handling Violations

Autoren: Jassim Happa, Nick Moffat, Michael Goldsmith, Sadie Creese
Veröffentlicht in: Computer Security - ESORICS 2018 International Workshops, CyberICPS 2018 and SECPRE 2018, Barcelona, Spain, September 6–7, 2018, Revised Selected Papers, Ausgabe 11387, 2019, Seite(n) 213-232, ISBN 978-3-030-12785-5
Herausgeber: Springer International Publishing
DOI: 10.1007/978-3-030-12786-2_13

Leistungen

Veröffentlichungen

Diese Seite teilen

Herunterladen