SOC & Csirt Response to Attacks & Threats based on attack defence graphs Evaluation Systems

Informations projet

SOCCRATES

N° de convention de subvention: 833481

Site Web du projet

DOI

10.3030/833481

Projet clôturé

Date de signature de la CE 14 Août 2019

Date de début 1 Septembre 2019

Date de fin 31 Octobre 2022

Financé au titre de

INDUSTRIAL LEADERSHIP - Leadership in enabling and industrial technologies - Information and Communication Technologies (ICT)

Coût total

€ 5 930 713,75

Contribution de l’UE

€ 4 996 400,75

4 996 400,75

934 313,00

Coordonné par

NEDERLANDSE ORGANISATIE VOOR TOEGEPAST NATUURWETENSCHAPPELIJK ONDERZOEK TNO
Netherlands

CORDIS fournit des liens vers les livrables publics et les publications des projets HORIZON.

Les liens vers les livrables et les publications des projets du 7e PC, ainsi que les liens vers certains types de résultats spécifiques tels que les jeux de données et les logiciels, sont récupérés dynamiquement sur OpenAIRE .

Livrables

SOCCRATES white paper

High quality and attractive deliverable containing the SOCCRATES results and experiences in an easy accessible way suitable for policy makers and higher management of stakeholders It will be available online and in printed version

Pilot specification and plan

The specification of the pilots sites and detailed planning of the pilots

SOCCRATES testing and validation report

We present here the testing and validation of the SOCCRATES Platform describe the testing environment the tests and results we did and how they impacted the development of new versions of the platform The testing will be done in two iterations and a final evaluation of the pilots

Specification of the common ICT infrastructure reference meta model

Specification of the common reference meta model for describing ICT infrastructure including the concepts and structures of the reference model language

Intermediate report on dissemination and standardization activities

Contains the progress of dissemination activities and standardization activities

SOCCRATES Vision, Roadmap & Guidance for SOC

This deliverable will describe the vision and provide a roadmap with further developments of the SOCCRATES platform It will also provide guidance for deployment of the SOCCRATES platform and on utilization of the SOC CSIRT workforce in the near future

Definition of the business model structure, inputs and interfaces

Specification of the model for quantification of business impact, including the concepts and structures of the model language.

System Architecture & Interface Specification - Final version

This is the final version of the system architecture and interface specification It will describe all components of the full integrated version of the SOCCRATES platform interfaces and a description of how the platform is applied in each of the use cases

System Architecture & Interface Specification – Initial version

This deliverable describes the initial version of the system architecture and interface specification. It will include a detailed description of the components and the interfaces

Dissemination plan

Contains all plans of SOCCRATES for dissemination at events and to stakeholders

SOCCRATES Exploitation plan

Contains the plans for exploitation of the expected project results

SOCCRATES project handbook

A compact (online) handbook for participants in the project, that contains all SOCCRATES practical project information

Report on the Threat of Adversarial Examples on AI for Cyber Security

This deliverable will report on the outcomes from Task 43 on evaluating the potential threat of adversarial examples to AI approaches for cyber security

Evaluation and validation report

This deliverable describes the evaluation and validation outcome of the Impact Analyser and Response Planner component on the use cases and experimentation platforms of the SOCCRATES project

Data management plan

A plan in which the way data is handled in the project is described, including responsibilities and measures to protect data

Final report on dissemination and standardization activities

Contains the overview and results of all dissemination activities and standardization activities that have been undertaken in the SOCCRATES project

SOCCRATES platform best practices guide

Report with the lessons of the pilots described in a best practice guide

SOCCRATES use cases definition & pilot sites requirements

This deliverable will describe the use cases that are representative for the usage of the SOCCRATES platform. In addition, the pilot sites will be described and requirements for the deployment of the SOCCRATES platform at these pilot sites

Pilot evaluation report

Report with the evaluation results of the pilots

Business Logic Modelling and Impact Analyser & Response Planner - Final prototype

Final prototype of the Business Logic Modelling component and full version of Impact Analyser and Response Planner, including documentation

Threat Identification and Threat Trend prediction - Final Prototype

The final prototype of the AI-based algorithms for threat identification and trend prediction with an API, including documentation

AI-based Attack Detection to Detect Advanced Threats

Integrated AI-based attack detection methods to detect advanced threats, along with documentation

Threat Identification and Threat Trend prediction – Initial Prototype

An initial prototype of the AI-based algorithms for threat identification and trend prediction with an API, including documentation

Tactical Threat Intelligence for Attack Defence Graphs

A machine-readable format for detailed attack procedures that can be used to support ADG-based analysis integrated with the ACT platform and accompanying documentation.

Final version of the SOCCRATES Platform

We present here the final version of the SOCCRATES Platform, how we fulfil the requirements identified at the beginning of the project, user manuals for installation, deployment and use together with examples with scenarios.

Final ADG based Attack prototypes

Final prototype versions of Infrastructure Modelling component and full version of Attack Defence Graph Analyser & Course of Action Generator

Business Logic Modelling and Impact Analyser & Response Planner - Initial prototype

An initial prototype of the Business Logic Modelling component and basic version of Impact Analyser and Response Planner, including documentation.

Initial ADG based Attack prototypes

Initial prototype versions of Infrastructure Modelling component and basic version of Attack Defence Graph analyser, along with documentation. The components will be limited towards application scenarios relevant for the first pilot iteration.

Initial version of the SOCCRATES Platform Orchestration, Reconfiguration and Front-end

This deliverable presents the initial version of the orchestration and integration component, reconfiguration component and web front-end component. We describe the communications they provide, functionalities they cover, plan for evaluation and integration in the SOCCRATES Platform.

Initial version of the SOCCRATES Platform

This deliverable describes the integration environment and initial version of the SOCCRATES Platform (first and second prototype). We include here also the plan for releases and requirements to be fulfilled.

SOCCRATES community platform

Online communication platform to communicate with and inform the SOCCRATES stakeholder group on progress of the project and relevant events

SOCCRATES public website

The project website (easy accessible) that contains actual information regarding the project and its events and where deliverables can be downloaded

Publications

Mapping Cyber Threat Intelligence to Probabilistic Attack Graphs

Auteurs: Andreas Gylling; Mathias Ekstedt; Zeeshan Afzal; Per Eliasson
Publié dans: 2021 IEEE International Conference on Cyber Security and Resilience (CSR), 2021
Éditeur: IEEE
DOI: 10.1109/csr51186.2021.9527970

Subverting Network Intrusion Detection: Crafting Adversarial Examples Accounting for Domain-Specific Constraints

Auteurs: Martin Teuffenbach, Ewa Piatkowska, Paul Smith
Publié dans: nternational IFIP Cross Domain (CD) Conference for Machine Learning & Knowledge Extraction (MAKE) 2020, Numéro August 25 2020, 2020, Page(s) 301-320
Éditeur: Springer
DOI: 10.1007/978-3-030-57321-8_17

AI-based detection of DNS misuse for network security

Auteurs: Irina Chiscop Francesca Soro Paul Smith
Publié dans: NativeNi '22: Proceedings of the 1st International Workshop on Native Network Intelligence, Numéro December 2022, 2022, Page(s) Pages 27–32
Éditeur: ACM digital library
DOI: 10.1145/3565009.3569523

Security Countermeasures Selection Using theMeta Attack Language and ProbabilisticAttack Graphs

Auteurs: WOJCIECH WIDEŁ, PREETAM MUKHERJEE, AND MATHIAS EKSTEDT
Publié dans: IEEE Access, Numéro Volume 10, 2021, Page(s) 89645 - 89662, ISSN 2169-3536
Éditeur: Institute of Electrical and Electronics Engineers Inc.
DOI: 10.1109/access.2022.3200601

An Attack Simulation Language for the IT Domain

Auteurs: Sotirios Katsikeas, Simon Hacks, Pontus Johnson, Mathias Ekstedt, Robert Lagerström, Joar Jacobsson, Max Wällstedt, Per Eliasson
Publié dans: Graphical Models for Security - 7th International Workshop, GraMSec 2020, Boston, MA, USA, June 22, 2020, Revised Selected Papers, Numéro 12419, 2020, Page(s) 67-86, ISBN 978-3-030-62229-9
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-62230-5_4

Recherche de données OpenAIRE...

Livrables

Publications

Partager cette page Partager cette page sur les réseaux sociaux

Télécharger Télécharger le contenu de la page