Skip to main content
European Commission logo
polski polski
CORDIS - Wyniki badań wspieranych przez UE
CORDIS
CORDIS Web 30th anniversary CORDIS Web 30th anniversary

Diversity Enhancements for SIEMs

Rezultaty

Reference architecture and integration plan

This deliverable documents the DiSIEM reference architecture and how the contributions devised in work packages 3-5 will be integrated in existing SIEM systems. This report will be the main results from T2.2 and T2.3.

Validation plan

Definition of the methodology and criteria for validating the components considering the different environments provided by EDP, Amadeus and ATOS. This deliverable will be the main result of T7.1.

Preliminary architecture and service model of infrastructure enhancements

This deliverable presents a detailed description of the design and underlying assumptions of the components developed in the work package. This represents the partial results of T6.1, T6.2 and T6.3.

Probabilistic modelling of diversity for security and of security trends

This deliverable presents a detailed analysis of developed, evaluation and validation of the probabilistic models in T3.2. This deliverable will be the main result of task T3.2.

Refinements of the models and metrics based on pilot deployments

This deliverable presents the updates and refinements of the models and metrics defined in D3.1 and D3.2 based on feedback received from deployments in WP7. This deliverable will be the main result of task T3.3.

Internal and external IT communication infrastructure

The external IT communication infrastructure constitutes a guideline for communication of the DiSIEM project to external target groups including conferences, marketing measures and communication channels. Furthermore this deliverable constitutes the launch of the internal DiSIEM communication infrastructure including the establishment of mailing lists, an internal file repository (with version control), and the project website. This deliverable is marked with nature “DEC” and will be accompanied by a small written report outlining its structure and purpose in order to justify the achievement of this deliverable. This deliverable will be a first initial result of T8.1.

Data management plan

This deliverable will establish the main elements of the data management policy that will be used by the applications with regard to all the datasets that will be gathered, generated and used by the project. Such datasets are fundamental for the DiSIEM project, as most of its components aim to extract useful information from big data (collected events, open-source intelligence, etc.) The data management plan is not a fixed document, but evolves during the lifespan of the project. More developed versions of the plan can therefore be included as additional deliverables at later stages. According to the Guidelines on Data Management in H2020, the data management plan should address data set reference and name, data set description, standards and metadata, data sharing and archiving and preservation (including storage and backup) on a dataset by dataset basis and should reflect the current status of reflection within the consortium about the data that will be produced.

Visualisation system infrastructure and requirement analysis

This report includes results that will inform and enable later stages of visualisation related developments. This deliverable will be the main result of task T5.1

Techniques and tools for OSINT-based threat analysis

This deliverable presents an in-depth analysis of the security-related OSINT data sources and how the information from these sources can be extracted, including a description of tools and methods that can be employed for this. It will also contain some initial study of the models and techniques that can be used to process OSINT data for predicting threats against a given organisation. This deliverable will report the main results of T4.1 and some preliminary results of T4.2.

OSINT data fusion and analysis architecture

This deliverable describes the machine learning techniques and tools used to analyse the OSINT information to identify security-related trends and predict threats to the managed infrastructure. This includes detailed models and algorithms to be implemented on OSINT-based threat predictors. This deliverable will be the main result of T4.2.

Results of the competition on machine learning for security

This will report the results of the two iterations of the threat prediction machine learning competition that will be organized by the consortium and sponsored by the project. This document should report everything about the competition, including technical details about the wining algorithms and what was learned at the end.

In-depth analysis of SIEMs extensibility

This deliverable will present an indepth analysis of the state of the art in SIEM systems, with particular focus on how such systems can be extended with custom connectors and new event visualisation tools. D2.1 will be the main result from T2.1.

Risk assessment plan

The Risk assessment plan will include a Critical Path Analysis (CPA) of the main project activities, identifying risk points, and procedures to deal with them. This deliverable is also a result from T9.1.

Security metrics and measurements

This deliverable presents a detailed analysis of the reviewed security metrics and defines the metrics that we plan to integrate in the SIEMs. This deliverable will be the main result of task T3.1

Project quality plan

"The project quality plan (the project handbook) constitutes a set of project templates, explanations on the project management process, review process, quality checks, meeting organisation, which is communicated to all partners. This deliverable is marked with nature ""OTHER"" (software, technical diagram, etc.) and will be accompanied by a small written report outlining its structure and purpose in order to justify the achievements of the deliverable. This is a result from T9.1."

Fully operating, integrated visualisation system with diverse SIEMs

This deliverable will encompass all the visualisation related modules that work in harmony with the underlying systems and fulfill all the functionalities required. This deliverable will be the main result of task T5.2, T5.3 and T5.4.

Early-stage prototypes

The prototype will provide the proof-of-concept and will be later used in evaluation activities. Also, interactive visualisation system where the visualisations are operating in a linked, expendable fashion. This deliverable will be the main result of tasks T5.2 and T5.3.

Publikacje

A Visual Analytics Approach for User Behaviour Understanding through Action Sequence Analysis

Autorzy: Phong H. Nguyen, Cagatay Turkay, Gennady Andrienko, Natalia Andrienko and Olivier Thonnard
Opublikowane w: 8th Int. EuroVis Workshop on Visual Analytics - EuroVA 2017, 2017
Wydawca: Eurographics DL
DOI: 10.2312/eurova.20171122

A Resilient Stream Learning Intrusion Detection Mechanism for Real-Time Analysis of Network Traffic

Autorzy: Eduardo Viegas, Altair Santin, Nuno Neves, Alysson Bessani, Vilmar Abreu
Opublikowane w: GLOBECOM 2017 - 2017 IEEE Global Communications Conference, 2017, Strona(/y) 1-6, ISBN 978-1-5090-5019-2
Wydawca: IEEE
DOI: 10.1109/GLOCOM.2017.8254495

Threat Intelligence – Improving SIEM cybercriminality awareness using information from IP blacklists

Autorzy: João Alves, Ana Respício, Ivo Rosa, Pedro Rodrigues
Opublikowane w: eCrime2017.EU – APWG.EU Symposium on Electronic Crime Research, 2017
Wydawca: APWG.EU

Lazarus - Automatic Management of Diversity in BFT Systems

Autorzy: Miguel Garcia, Alysson Bessani, Nuno Neves
Opublikowane w: Proceedings of the 20th International Middleware Conference on - Middleware '19, 2019, Strona(/y) 241-254, ISBN 9781-450370097
Wydawca: ACM Press
DOI: 10.1145/3361525.3361550

Cyberthreat Detection from Twitter using Deep Neural Networks

Autorzy: Nuno Dionisio, Fernando Alves, Pedro M. Ferreira, Alysson Bessani
Opublikowane w: 2019 International Joint Conference on Neural Networks (IJCNN), 2019, Strona(/y) 1-8, ISBN 978-1-7281-1985-4
Wydawca: IEEE
DOI: 10.1109/ijcnn.2019.8852475

PURE: Generating Quality Threat Intelligence by Clustering and Correlating OSINT

Autorzy: Rui Azevedo, Iberia Medeiros, Alysson Bessani
Opublikowane w: 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2019, Strona(/y) 483-490, ISBN 978-1-7281-2777-4
Wydawca: IEEE
DOI: 10.1109/trustcom/bigdatase.2019.00071

User Behavior Map: Visual Exploration for Cyber Security Session Data

Autorzy: Siming Chen, Shuai Chen, Natalia Andrienko, Gennady Andrienko, Phong H. Nguyen, Cagatay Turkay, Olivier Thonnard, Xiaoru Yuan
Opublikowane w: 2018 IEEE Symposium on Visualization for Cyber Security (VizSec), 2018, Strona(/y) 1-4, ISBN 978-1-5386-8194-7
Wydawca: IEEE
DOI: 10.1109/vizsec.2018.8709223

Detecting Malicious Web Scraping Activity: A Study with Diverse Detectors

Autorzy: Pedro Marques, Zayani Dabbabi, Miruna-Mihaela Mironescu, Olivier Thonnard, Alysson Bessani, Frances Buontempo, Ilir Gashi
Opublikowane w: 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC), 2018, Strona(/y) 269-278, ISBN 978-1-5386-5700-3
Wydawca: IEEE
DOI: 10.1109/prdc.2018.00049

Detecting Network Threats using OSINT Knowledge-Based IDS

Autorzy: Ivo Vacas, Iberia Medeiros, Nuno Neves
Opublikowane w: 2018 14th European Dependable Computing Conference (EDCC), 2018, Strona(/y) 128-135, ISBN 978-1-5386-8060-5
Wydawca: IEEE
DOI: 10.1109/edcc.2018.00031

FlowHacker: Detecting Unknown Network Attacks in Big Traffic Data Using Network Flows

Autorzy: Luis Sacramento, Iberia Medeiros, Joao Bota, Miguel Correia
Opublikowane w: 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2018, Strona(/y) 567-572, ISBN 978-1-5386-4388-4
Wydawca: IEEE
DOI: 10.1109/trustcom/bigdatase.2018.00086

Geração Automática de Conhecimento para SDI extraído de OSINTs

Autorzy: Ivo Vacas
Opublikowane w: Master Thesis, Numer 1, 2017
Wydawca: Faculdade de Ciências Universidade de Lisboa

Threat intelligence: using osint and security metrics to enhance siem capabilities

Autorzy: Alves, João Paulo Martins José Teixeira
Opublikowane w: Master Thesis, Numer 1, 2017
Wydawca: Faculdade de Ciências Universidade de Lisboa

Cyberthreat Discovery in Open Source Intelligence using Deep Learning Techniques

Autorzy: Eunice Branco
Opublikowane w: Master Thesis, Numer 1, 2017
Wydawca: Faculdade de Ciências Universidade de Lisboa

A multi-level model for risk assessment in SIEM

Autorzy: Luis M. Ferreira
Opublikowane w: Master Thesis, Numer 1, 2017
Wydawca: Faculdade de Ciências Universidade de Lisboa

Assessment on the effectiveness of design diversity for network security and monitoring

Autorzy: Marques, Pedro Daniel Magalhães
Opublikowane w: Master Thesis, Numer 1, 2018
Wydawca: Faculdade de Ciências Universidade de Lisboa

Threat detection in SIEM considering risk assessment

Autorzy: Osório, Ana Mafalda Silva
Opublikowane w: Master Thesis, Numer 1, 2018
Wydawca: Faculdade de Ciências Universidade de Lisboa

Improving cyberthreat discovery in open source intelligence using deep learning techniques

Autorzy: Dionísio, Nuno Rafael Marques
Opublikowane w: Master Thesis, Numer 1, 2018
Wydawca: Faculdade de Ciências Universidade de Lisboa

Leveraging OSINT to Improve Threat Intelligence Quality

Autorzy: Rui Azevedo
Opublikowane w: Master Thesis, Numer 1, 2018
Wydawca: Faculdade de Ciências da Universidade de Lisboa

Diverse Intrusion-tolerant Systems

Autorzy: Miguel Garcia Tavares Henriques
Opublikowane w: PhD Thesis, Numer 1, 2019
Wydawca: Faculdade de Ciências da Universidade de Lisboa

Understanding User Behaviour through Action Sequences: From the Usual to the Unusual

Autorzy: Phong H. Nguyen, Cagatay Turkay, Gennady Andrienko, Natalia Andrienko, Olivier Thonnard, Jihane Zouaoui
Opublikowane w: IEEE Transactions on Visualization and Computer Graphics, Numer 25/9, 2019, Strona(/y) 2838-2852, ISSN 1077-2626
Wydawca: Institute of Electrical and Electronics Engineers
DOI: 10.1109/TVCG.2018.2859969

Vulnerability prediction capability: A comparison between vulnerability discovery models and neural network models

Autorzy: Yazdan Movahedi, Michel Cukier, Ilir Gashi
Opublikowane w: Computers & Security, Numer 87, 2019, Strona(/y) 101596, ISSN 0167-4048
Wydawca: Pergamon Press Ltd.
DOI: 10.1016/j.cose.2019.101596

VASABI: Hierarchical User Profiles for Interactive Visual User Behaviour Analytics

Autorzy: Phong H. Nguyen, Rafael Henkin, Siming Chen, Natalia Andrienko, Gennady Andrienko, Olivier Thonnard, Cagatay Turkay
Opublikowane w: IEEE Transactions on Visualization and Computer Graphics, 2019, Strona(/y) 1-1, ISSN 1077-2626
Wydawca: Institute of Electrical and Electronics Engineers
DOI: 10.1109/tvcg.2019.2934609

CHARON: A Secure Cloud-of-Clouds System for Storing and Sharing Big Data

Autorzy: Ricardo Mendes, Tiago Oliveira, Vinicius Vielmo Cogo, Nuno Ferreira Neves, Alysson Neves Bessani
Opublikowane w: IEEE Transactions on Cloud Computing, 2019, Strona(/y) 1-1, ISSN 2168-7161
Wydawca: Institute of Electrical and Electronics Engineers Inc.
DOI: 10.1109/tcc.2019.2916856

BigFlow: Real-time and reliable anomaly-based intrusion detection for high-speed networks

Autorzy: Eduardo Viegas, Altair Santin, Alysson Bessani, Nuno Neves
Opublikowane w: Future Generation Computer Systems, Numer 93, 2019, Strona(/y) 473-485, ISSN 0167-739X
Wydawca: Elsevier BV
DOI: 10.1016/j.future.2018.09.051

Cluster-based vulnerability assessment of operating systems and web browsers

Autorzy: Yazdan Movahedi, Michel Cukier, Ambrose Andongabo, Ilir Gashi
Opublikowane w: Computing, Numer 101/2, 2019, Strona(/y) 139-160, ISSN 0010-485X
Wydawca: Springer Verlag
DOI: 10.1007/s00607-018-0663-0

LDA Ensembles for Interactive Exploration and Categorization of Behaviors

Autorzy: Siming Chen, Natalia Andrienko, Gennady Andrienko, Linara Adilova, Jeremie Barlet, Joerg Kindermann, Phong Hai Nguyen, Olivier Thonnard, Cagatay Turkay
Opublikowane w: IEEE Transactions on Visualization and Computer Graphics, 2019, Strona(/y) 1-1, ISSN 1077-2626
Wydawca: Institute of Electrical and Electronics Engineers
DOI: 10.1109/tvcg.2019.2904069

Diversity in Open Source Intrusion Detection Systems

Autorzy: Hafizul Asad, Ilir Gashi
Opublikowane w: Developments in Language Theory - 22nd International Conference, DLT 2018, Tokyo, Japan, September 10-14, 2018, Proceedings, Numer 11088, 2018, Strona(/y) 267-281, ISBN 978-3-319-98653-1
Wydawca: Springer International Publishing
DOI: 10.1007/978-3-319-99130-6_18

Wyszukiwanie danych OpenAIRE...

Podczas wyszukiwania danych OpenAIRE wystąpił błąd

Brak wyników