Sharing and Automation for Privacy Preserving Attack Neutralization

Projektinformationen

SAPPAN

ID Finanzhilfevereinbarung: 833418

Projektwebsite

DOI

10.3030/833418

Projekt abgeschlossen

EK-Unterschriftsdatum 25 April 2019

Startdatum 1 Mai 2019

Enddatum 30 April 2022

Finanziert unter

INDUSTRIAL LEADERSHIP - Leadership in enabling and industrial technologies - Information and Communication Technologies (ICT)

Gesamtkosten

€ 4 700 053,39

EU-Beitrag

€ 4 175 070,00

4 175 070,00

524 983,39

Koordiniert durch

FRAUNHOFER GESELLSCHAFT ZUR FORDERUNG DER ANGEWANDTEN FORSCHUNG EV
Germany

CORDIS bietet Links zu öffentlichen Ergebnissen und Veröffentlichungen von HORIZONT-Projekten.

Links zu Ergebnissen und Veröffentlichungen von RP7-Projekten sowie Links zu einigen Typen spezifischer Ergebnisse wie Datensätzen und Software werden dynamisch von OpenAIRE abgerufen.

Leistungen

Visualisation requirements

Report of practitioners’ requirements with respect to visualisation.

Dissemination Plan and Reports at M12

A plan for the dissemination of project results with a detailed set of strategic actions for the whole duration of the project and beyond.

Approach for capturing incident response and recovery steps

Approach to involve humans and capture response and recovery steps in new environment and/or from existing tools.

Global model based on shared local models, first version

Techniques for federated learning of a global anomaly detection model based on sharing locally trained models

Exploitation plan and reports at M12

Plan for the commercial exploitation and technology transfer for the project, which will define the strategy followed by the consortium to take exploitable outcomes of the project to market.

Global model based on shared anonymised data, final version

Techniques for distributed learning of a global anomaly detection model based on shared anonymized data

Dissemination Plan and Reports at M24

A plan for the dissemination of project results with a detailed set of strategic actions for the whole duration of the project and beyond

Sharing response handling information, first version

Methods for sharing response handling information in a privacypreserving fashion

Vocabulary for incident data and response and recovery actions

Interoperable and standardised vocabulary to express knowledge captured from existing tools outside of SAPPAN and from within the project

Global model without sharing local models, final version

Techniques for federated learning of a global anomaly detection model from locally trained models in a privacy preserving fashion

High-impact use cases analysis

Define SAPPAN use-cases.

Global model based on shared local models, final version

Techniques for federated learning of a global anomaly detection model based on sharing locally trained models

Dissemination Plan and Reports at M3

A plan for the dissemination of project results with a detailed set of strategic actions for the whole duration of the project and beyond.

Report on Information and Presentation Materials at M12

Materials that will help presenting the project’s results to all interested stakeholders.

Report on Information and Presentation Materials at M24

Materials that will help presenting the projects results to all interested stakeholders

Global model without sharing local models, first version

Techniques for federated learning of a global anomaly detection model from locally trained models in a privacy preserving fashion

Report on Information and Presentation Materials at M36

Materials that will help presenting the projects results to all interested stakeholders

Global model based on shared anonymised data, first version

Techniques for distributed learning of a global anomaly detection model based on shared anonymized data

IP plan, reports and IPR issues at M12

Update of the plan for IP management, including the outcome of negotiation meetings to determine the percentage of effective contribution of each individual partner to each IPR object.

Dissemination Plan and Reports at M36

A plan for the dissemination of project results with a detailed set of strategic actions for the whole duration of the project and beyond

Sharing response handling information, final version

Methods for sharing response handling information in a privacypreserving fashion

Privacy requirements

Report of practitioners’ requirements with respect to privacy.

Demonstrator of visual support for designing detection models, initial version

Initial version of demonstrator for interactive detection model analysis building and visualisation of networkrelated data

SAPPAN dashboard, initial version

Prototypical development of dashboard integrating all visualisations that serves as enduser frontend

Demonstrator for visualisation support for distributed and federated learning

Demonstrator extending the Demonstrator of visual support for designing detection models with support for distributed and federated learning

SAPPAN demonstrator

SAPPAN system integrated from individual components

Demonstrator for tracking provenance in visual analyses, final version

Demonstrator that extends the Demonstrator of visual support for designing detection models with support for tracking the users activities and presenting them in an appropriate way to follow the analysis process

Demonstrator for tracking provenance in visual analyses, first version

SAPPAN dashboard, final version

Prototypical development of dashboard integrating all visualisations that serves as enduser frontend

Demonstrator for uncertainty visualisation

Demonstrator for visualisation of uncertainty inherent to machine learning techniques and induced by anonymisation

Demonstrator of visual support for designing detection models, final version

Final version of demonstrator for interactive detection model analysis building and visualisation of networkrelated data

Algorithm to automate recommended response and recovery actions without human operators, final version

Algorithm to use captured knowledge to perform actions automatically

Algorithm to automate recommended response and recovery actions without human operators, first version

Algorithm to use captured knowledge to perform actions automatically.

Algorithm to recommend response and recovery actions to human operators, final version

Algorithm to use captured knowledge to recommend actions to human

Algorithm to recommend response and recovery actions to human operators, first version

Algorithm to use captured knowledge to recommend actions to human.

Project Website

A website for public dissemination of the progress and achievements.

Annotated data set

Semi-annotated dataset of cybersecurity data.

Veröffentlichungen

Laying Ground Truth in Network-based Software Fingerprinting

Autoren: Olav Lamberts
Veröffentlicht in: 2020
Herausgeber: RWTH Aachen University

Local Differential Privacy Preserving Intrusion Detection Systems

Autoren: Melanie Martini
Veröffentlicht in: 2020
Herausgeber: RWTH Aachen University

Graph-Based Analysis of IP Flows

Autoren: Aneta Jablunkova
Veröffentlicht in: 2021
Herausgeber: Masaryk University

A Study of Model Inversion Defenses in Deep Learning

Autoren: Benedikt Holmes
Veröffentlicht in: 2020
Herausgeber: RWTH Aachen University

Detecting Obfuscated Scripts With Machine Learning Techniques

Autoren: Mariam Pogosova
Veröffentlicht in: 2020
Herausgeber: Aalto University

Visual Correlation of Network Flows and Host-Based Data

Autoren: Carlos Moreno Sanchez
Veröffentlicht in: 2020
Herausgeber: University of Stuttgart

Applying Privacy Preserving Data Mining to Intrusion Detection Systems

Autoren: Clemens Frank
Veröffentlicht in: 2019
Herausgeber: RWTH Aachen University

Multiclass Classification of DGAs using Classical Machine Learning Approaches

Autoren: Nils Faerber
Veröffentlicht in: 2020
Herausgeber: RWTH Aachen University

Graph-based Anomaly Detection in Network Traffic

Autoren: Denisa Sramkova
Veröffentlicht in: 2021
Herausgeber: Masaryk University

Hardening of Domain Generation Algorithm Classifiers

Autoren: Mike Lorang
Veröffentlicht in: 2020
Herausgeber: RWTH University

Distributed and Automated Network Traffic Generation of Applications with a Graphical User Interface

Autoren: Paul Suetterlin
Veröffentlicht in: 2021
Herausgeber: RWTH Aachen University

DGA Detection on Encrypted DNS Traffic using Machine Learning

Autoren: Markus Baumgart
Veröffentlicht in: 2020
Herausgeber: RWTH Aachen University

Application Fingerprinting using Deep Learning based on Network Traffic

Autoren: Raoul Offizier
Veröffentlicht in: 2022
Herausgeber: RWTH Aachen University

Adversarial Attacks and Defenses on DGA classifiers

Autoren: Konstantin Kaulen
Veröffentlicht in: 2021
Herausgeber: RWTH Aachen University

Anonymization and Sharing of application-labeled Network Traces

Autoren: Alexander Loebel
Veröffentlicht in: 2022
Herausgeber: RWTH Aachen University

Software Specific Network Traffic Generation by Automation of the Graphical User Interface

Autoren: Frederik Basels
Veröffentlicht in: 2020
Herausgeber: RWTH Aachen University

Visual Comparison of Classifications from Different Machine Learning Models

Autoren: Komail Mohammadi
Veröffentlicht in: 2020
Herausgeber: University of Stuttgart

Application Fingerprinting based on System Events using Process Mining

Autoren: Nicolas Heinen
Veröffentlicht in: 2021
Herausgeber: RWTH Aachen University

Machine Learning for Phishing URL Detection

Autoren: Juraj Smeriga
Veröffentlicht in: 2020
Herausgeber: Masaryk University

A Condensation-based Anonymization Approach for Intrusion Detection

Autoren: Jonas Rülfing
Veröffentlicht in: 2020
Herausgeber: RWTH Aachen University

A Privacy-Preserving Machine Learning Approach for DGA Detection

Autoren: Tim Amelung
Veröffentlicht in: 2021
Herausgeber: RWTH Aachen University

Utilizing Adverserial Attacks for Iterative Hardening of DGA Classifiers

Autoren: Nils Eberhardt
Veröffentlicht in: 2020
Herausgeber: RWTH Aachen University

Application of Process Mining in Software Fingerprinting

Autoren: Christian van Sloun
Veröffentlicht in: 2020
Herausgeber: RWTH Aachen University

Machine Learning based Handling of Cyber Security Incidents

Autoren: Marc Burian
Veröffentlicht in: 2019
Herausgeber: RWTH Aachen University

Detection of new DGAs in the Multiclass DGA classification setting

Autoren: Justus von Brandt
Veröffentlicht in: 2022
Herausgeber: RWTH Aachen University

Process for Automated Threat Response to Phishing

Autoren: Michal Čech
Veröffentlicht in: 2021
Herausgeber: Masaryk University

Predictive methods in cyber defense: Current experience and research challenges

Autoren: Martin Husák; Václav Bartoš; Pavol Sokol; Andrej Gajdoš
Veröffentlicht in: Future Generation Computer Systems, Ausgabe 115, 2021, Seite(n) 517-530, ISSN 0167-739X
Herausgeber: Elsevier BV
DOI: 10.1016/j.future.2020.10.006

From Collaboration to Automation: A Proof of Concept for Improved Incident Response

Autoren: Lasse Nitz, Martin Zadnik, Mehdi Akbari Gurabi, Mischa Obrecht, Avikarsha Mandal
Veröffentlicht in: ERCIM News, Ausgabe 129, 2022, Seite(n) 31-32, ISSN 0926-4981
Herausgeber: ERCIM EEIG
DOI: 10.24406/publica-146

Towards Privacy-Preserving Sharing of Cyber Threat Intelligence for Effective Response and Recovery

Autoren: Lasse Nitz, Mehdi Akbari Gurabi, Avikarsha Mandal, Benjamin Heitmann
Veröffentlicht in: ERCIM News, Ausgabe 126, 2021, Seite(n) 33-34, ISSN 0926-4981
Herausgeber: ERCIM EEIG

Host Behavior in Computer Network: One-Year Study

Autoren: Tomas Jirsik; Petr Velan
Veröffentlicht in: IEEE Transactions on Network and Service Management, Ausgabe 18, 2021, Seite(n) 822-838, ISSN 1932-4537
Herausgeber: Institute of Electrical and Electronics Engineers
DOI: 10.1109/tnsm.2020.3036528

Interpretable Visualizations of Deep Neural Networks for DomainGeneration Algorithm Detection

Autoren: Becker, Franziska; Drichel, Arthur; Müller, Christoph; Ertl, Thomas
Veröffentlicht in: 2020 IEEE Symposium on Visualization for Cyber Security (VizSec), 2020
Herausgeber: IEEE
DOI: 10.1109/vizsec51108.2020.00010

First Step Towards EXPLAINable DGA Multiclass Classification

Autoren: Arthur Drichel; Nils Faerber; Ulrike Meyer
Veröffentlicht in: ARES 2021: The 16th International Conference on Availability, Reliability and Security, 2021
Herausgeber: ACM
DOI: 10.1145/3465481.3465749

DoH Insight - detecting DNS over HTTPS by machine learning

Autoren: Dmitrii Vekshin, Karel Hynek, Tomas Cejka
Veröffentlicht in: Proceedings of the 15th International Conference on Availability, Reliability and Security, 2020, Seite(n) 1-8, ISBN 9781450388337
Herausgeber: ACM
DOI: 10.1145/3407023.3409192

Privacy Illusion: Beware of Unpadded DoH

Autoren: Karel Hynek, Tomas Cejka
Veröffentlicht in: IEEE IEMCON 2020, 2020
Herausgeber: IEEE

Finding Phish in a Haystack: A Pipeline for Phishing Classification on Certificate Transparency Logs

Autoren: Arthur Drichel; Vincent Drury; Justus von Brandt; Ulrike Meyer
Veröffentlicht in: ARES 2021: The 16th International Conference on Availability, Reliability and Security, 2021
Herausgeber: ACM
DOI: 10.1145/3465481.3470111

Sharing FANCI Features: A Privacy Analysis of Feature Extraction for DGA Detection

Autoren: Benedikt Holmes; Arthur Drichel; Ulrike Meyer
Veröffentlicht in: The Sixth International Conference on Cyber-Technologies and Cyber-Systems CYBER 2021, 2021
Herausgeber: IARIA

Towards Evaluating Quality of Datasets for Network Traffic Domain

Autoren: D. Soukup, P. Tisovčík, K. Hynek and T. Čejka
Veröffentlicht in: 17th International Conference on Network and Service Management (CNSM), 2021
Herausgeber: IEEE
DOI: 10.23919/cnsm52442.2021.9615601

A Study on Collaborative Machine Learning for DGA Detection

Autoren: Arthur Drichel; Benedikt Holmes; Justus von Brandt; Ulrike Meyer
Veröffentlicht in: Proceedings of the 3rd Workshop on Cyber-Security Arms Race (CYSARM ’21), 2021
Herausgeber: ACM
DOI: 10.1145/3474374.3486915

On the Integration of Course of Action Playbooks into Shareable Cyber Threat Intelligence

Autoren: V. Mavroeidis, P. Eis, M. Zadnik, M. Caselli and B. Jordan
Veröffentlicht in: IEEE International Conference on Big Data (Big Data), 2021, Seite(n) 2104-2108
Herausgeber: IEEE
DOI: 10.1109/bigdata52589.2021.9671893

Analyzing the real-world applicability of DGA classifiers

Autoren: Arthur Drichel, Ulrike Meyer, Samuel Schüppen, Dominik Teubert
Veröffentlicht in: Proceedings of the 15th International Conference on Availability, Reliability and Security, 2020, Seite(n) 1-11, ISBN 9781450388337
Herausgeber: ACM
DOI: 10.1145/3407023.3407030

Making use of NXt to nothing - the effect of class imbalances on DGA detection classifiers

Autoren: Arthur Drichel, Ulrike Meyer, Samuel Schüppen, Dominik Teubert
Veröffentlicht in: Proceedings of the 15th International Conference on Availability, Reliability and Security, 2020, Seite(n) 1-9, ISBN 9781450388337
Herausgeber: ACM
DOI: 10.1145/3407023.3409190

Towards Inference of DDoS Mitigation Rules

Autoren: Martin Zadnik
Veröffentlicht in: IEEE/IFIP Network Operations and Management Symposium, 2022, Seite(n) 1-5
Herausgeber: IEEE

Detection of https brute-force attacks with packet-level feature set

Autoren: LUXEMBURK, Jan; HYNEK, Karel; ČEJKA, Tomáš
Veröffentlicht in: 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC), Ausgabe 11, 2021, Seite(n) 0114-0122
Herausgeber: IEEE
DOI: 10.1109/ccwc51732.2021.9375998

GRANEF: Utilization of a Graph Database for Network Forensics

Autoren: Milan Cermak, Denisa Sramkova
Veröffentlicht in: 18th International Conference on Security and Cryptography (SECRYPT 2021), Ausgabe 6. - 8. 7. 2021, 2021, Seite(n) 785-790, ISBN 978-989-758-524-1
Herausgeber: SCITEPRESS
DOI: 10.5220/0010581807850790

VITALflow: Visual Interactive Traffic Analysis with NetFlow

Autoren: Tina Tremell, Jochen Kögell, Florian Jauernigl, Sebastian Meierl, Dennis Thom, Franziska Becker, Christoph Müller, Steffen Koch
Veröffentlicht in: 7th International Workshop on Analytics for Network and Service Management (ANNET 2022), 2022
Herausgeber: IEEE

Towards Privacy-Preserving Classification-as-a-Service for DGA Detection

Autoren: Arthur Drichel; Mehdi Akbari Gurabi; Tim Amelung; Ulrike Meyer
Veröffentlicht in: 18th International Conference on Privacy, Security and Trust (PST), 2021
Herausgeber: IEEE
DOI: 10.1109/pst52912.2021.9647755

Large Scale Measurement on the Adoption of Encrypted DNS

Autoren: García, Sebastián; Hynek, Karel; Vekshin, Dmtrii; Čejka, Tomáš; Wasicek, Armin
Veröffentlicht in: 2021
Herausgeber: arXiv
DOI: 10.48550/arxiv.2107.04436

Leveraging Machine Learning for DGA Detection

Autoren: Drichel, Arthur
Veröffentlicht in: International Workshop on Next Generation Security Operations Centers, NG-SOC 2020, , 2020-08-25 - 2020-08-25, 2020
Herausgeber: RWTH Aachen University

Suche nach OpenAIRE-Daten ...

Leistungen

Veröffentlichungen

Diese Seite teilen Diese Seite in sozialen Netzwerken teilen

Herunterladen Den Inhalt der Seite herunterladen