Project description
Advanced data analysis and machine learning to better manage cyberattacks
The EU-funded SAPPAN project seeks to introduce a privacy-preserving sharing and automation platform to facilitate efficient response to and recovery from cyberattacks. It will develop a cyberthreat intelligence system to assist security and IT personnel within and across organisations in timely responding to threats. The SAPPAN platform will allow its users to exchange experiences and expertise about intrusion detection and enable sharing of knowledge about response and recovery actions. Users' privacy and confidentiality will be respected throughout the design of the platform. Global public institutions and multinational companies wishing to improve their situational awareness by sharing cybersecurity intelligence stand to benefit. SMEs will also be able to take advantage of SAPPAN innovations by outsourcing intrusion detection.
Objective
SAPPAN aims to develop a platform for sharing and automation to enable privacy preserving and efficient response and recovery utilizing advanced data analysis and machine learning. SAPPAN will provide a cyber threat intelligence system that decreases the effort required by a security analyst to find optimal responses to and ways to recover from an attack. SAPPAN will enable this within a single organization as well as across organisations through novel models for privacy-preserving data processing and sharing. It will enable utilizing external experts for intrusion detection and sharing of knowledge on response and recovery actions while respecting the privacy and confidentiality requirements of individuals and organizations. SAPPAN will enable a European level perspective on advanced cyber security threats detection, response, and recovery making four key contributions that go beyond existing approaches: (1) privacy-preserving aggregation and data analytics including advanced client-side abstractions; (2) federated threat detection based on sharing of anonymised data and sharing of trained machine learning models; (3) standardisation of knowledge in the context of incident response and recovery to enable reuse and sharing; (4) visual, interactive support for Security Operation Center operators. SAPPAN aims to provide solutions for public international institutions and multinational companies who want to enrich their Situational Awareness by sharing cyber security intelligence as well as solutions for small and midsize companies enabling them to outsource intrusion detection. SAPPAN will be demonstrated in the relevant environments of 2 multinational companies, 1 National Research and Education Network (NREN) and 2 Computer Security Incident Response Teams (CSIRT). The consortium consists of 1 NREN, 3 multinational companies, 3 universities and 1 research institute so as to maximise the technical and societal impact, the dissemination and uptake of the results.
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.
- social sciences sociology industrial relations automation
- natural sciences computer and information sciences artificial intelligence machine learning
- natural sciences computer and information sciences computer security
- natural sciences computer and information sciences data science data processing
You need to log in or register to use this function
We are sorry... an unexpected error occurred during execution.
You need to be authenticated. Your session might have expired.
Thank you for your feedback. You will soon receive an email to confirm the submission. If you have selected to be notified about the reporting status, you will also be contacted when the reporting status will change.
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
-
H2020-EU.2.1.1. - INDUSTRIAL LEADERSHIP - Leadership in enabling and industrial technologies - Information and Communication Technologies (ICT)
MAIN PROGRAMME
See all projects funded under this programme
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
IA - Innovation action
See all projects funded under this funding scheme
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
(opens in new window) H2020-SU-ICT-2018-2020
See all projects funded under this callCoordinator
Net EU financial contribution. The sum of money that the participant receives, deducted by the EU contribution to its linked third party. It considers the distribution of the EU financial contribution between direct beneficiaries of the project and other types of participants, like third-party participants.
80686 MUNCHEN
Germany
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.