Proactive Risk Management through Improved Cyber Situational Awareness

Livrables

This deliverable will summarise the dissemination efforts carried out during the entire project. It will build on the first version published the project mid-point. Especially, the list of the attended conferences, journal, magazine and conference publications will be given. The deliverable shall contain also the list of all other dissemination and marketing events and activities, including the distribution of marketing materials, cross-project cooperation and actions performed through the web channels.

Pilots Evaluation Report v2

This will contain results from both pilots as well as an evaluation of the overall pilot approach and results.

Summary of dissemination efforts v1

This deliverable will summarise the dissemination efforts carried out during the project up to month 24. Especially, the list of the attended conferences, journal, magazine and conference publications will be given. The deliverable shall contain also the list of all other dissemination and marketing events and activities, including the distribution of marketing materials, cross-project cooperation and actions performed through the web channels.

Specification of Context Awareness Model

This artefact contains the specification of the mission and constituency modeling approach and initial models. It is formulated as a report

PROTECTIVE Framework specification

This report specifies the design of the PROTECTIVE framework and describes the tools and technologies selected to form the base of the framework. It also specifies internal information exchange formats and any special frameworks services that will be needed

Threat intelligence sharing state-of-the-art and requirements

This artefact contains an in-depth SOTA analysis of TI sharing and TI communities. Furthermore, it provides the necessary specification of the PROTECTIVE XChange to be used in WP2. It is formulated as a report.

Pilots Evaluation Report v1

This deliverable will contain the results from the Pilot 1 with guidelines and updates for Pilot 2 .

Event correlation mechanisms report

This report will include the summary of meta-alert design and development of the event correlation mechanisms for various incoming data streams (T3.1 and T3.2). This report will serve as a basis for further work within WP3.

Updated Conceptual Model v2

The model developed in D2.2 will be further refined with feedback/experiences from Pilot 1 . This version of the model will delivered before the commencement of Pilot 2 to serve as an examplar to communicate how the PROTECTIVE system can be integrated into end-user, including SME MSSP, environments.

Updated Conceptual Model v1

The initial model described in D2.1 will be reified with feedback from the ongoing interaction with CSIRT end-users. This version of the model will be delivered before the commencement of Pilot 1 to serve as an examplar to communicate how the PROTECTIVE system can be integrated into end-user environments.

Requirements Capture, Specification, Architectural Design and Model

This deliverable contains a full requirements capture and specification outlined, including whole model and architectural design. An initial design of the workflow (including architecture and ) based on existing common practices and literature. It will also describe the specific and detailed measures to address data protection principles related to collection, storage, usage, retention and deletion of personal data.

Meta-alerts ranking and prioritisation mechanisms report

Here the overview of the undertaken research regarding decision support techniques: multi criteria decision analysis, preference learning and machine learning will be described with appropriate argumentation supporting selection.

Website and Dissemination Material v1

This deliverable will be the first version of the website and other dissemination material such as flyers etc.

Website and Dissemination Material v2

Materials and in particular the project website will be constantly updated including information about dissemination activities to be carried out by the consortium and public deliverables.

Context Awareness Platform v3

This is the final releases of the context awareness components for delivery to system integration. It provides support for Pilot 2.

CSA Visualisation v2

This is the second and final release of the CSA visualisation dashboard. It is aimed at Pilot 2.

Threat intelligence community v3

This contains the final release of the PROTECTIVE XChange. It provides the second version of TI Trust and TI Admin. It consists of software artefacts.

PROTECTIVE System – v3

This is the third release of the integrated and validated PROTECTIVE system. It contains enhanced and extra functionality for Pilot 2 .

Correlation and Prioritisation Platform Component v3

This is the final release of the correlation and prioritisation components aimed at Pilot 2. It consists of software artefacts

PROTECTIVE System - v4

This is the final release of the integrated and validated PROTECTIVE system. It contains the verified functionality following completion of Pilot 2.

Publications

Mission-Centric Risk Assessment to Improve Cyber Situational Awareness

Auteurs: F. R. L. Silva, P. Jacob
Publié dans: Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES 2018, Numéro 2018, 2018, Page(s) 1-8, ISBN 9781-450364485
Éditeur: ACM Press
DOI: 10.1145/3230833.3233281

Access Control Policy Enforcement for Zero-Trust-Networking

Auteurs: Romans Vanickis, Paul Jacob, Sohelia Dehghanzadeh, Brian Lee
Publié dans: 2018 29th Irish Signals and Systems Conference (ISSC), Numéro 2018, 2018, Page(s) 1-6, ISBN 978-1-5386-6046-1
Éditeur: IEEE
DOI: 10.1109/issc.2018.8585365

An Ethics Framework for Research into Heterogeneous Systems

Auteurs: J. Happa, J.R.C. Nurse, M. Goldsmith, S. Creese, R. Williams
Publié dans: Living in the Internet of Things: Cybersecurity of the IoT - 2018, 2018, Page(s) 26 (8 pp.)-26 (8 pp.), ISBN 978-1-78561-843-7
Éditeur: Institution of Engineering and Technology
DOI: 10.1049/cp.2018.0026

PROTECTIVE: A European-wide NREN Cyber Threat Intelligence Sharing Platform - lessons learnt to date

Auteurs: Jassim Happa
Publié dans: OASIS Borderless Cyber Conference & FIRST Technical Symposium, 2017
Éditeur: OASIS/FIRST

Defending against Probe-Response Attacks

Auteurs: Emmanouil Vasilomanolakis, Noorulla Sharief, Max Muhlhauser
Publié dans: 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Numéro 2017, 2017, Page(s) 1046-1051, ISBN 978-3-901882-89-0
Éditeur: IEEE
DOI: 10.23919/INM.2017.7987436

On probe-response attacks in Collaborative Intrusion Detection Systems

Auteurs: Emmanouil Vasilomanolakis, Michael Stahn, Carlos Garcia Cordero, Max Muhlhauser
Publié dans: 2016 IEEE Conference on Communications and Network Security (CNS), Numéro 2016, 2016, Page(s) 279-286, ISBN 978-1-5090-3065-1
Éditeur: IEEE
DOI: 10.1109/CNS.2016.7860495

Towards Trust-Aware Collaborative Intrusion Detection: Challenges and Solutions

Auteurs: Emmanouil Vasilomanolakis, Sheikh Mahbub Habib, Pavlos Milaszewicz, Rabee Sohail Malik, Max Mühlhäuser
Publié dans: IFIP WG 11.11 International Conference on Trust Management, Numéro 2017, 2017, Page(s) 94-109
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-319-59171-1_8

Towards Blockchain-Based Collaborative Intrusion Detection Systems

Auteurs: Nikolaos Alexopoulos, Emmanouil Vasilomanolakis, Natalia Reka Ivanko, Max Mühlhäuser
Publié dans: International Conference on Critical Information Infrastructures Security, Numéro 2017, 2017, Page(s) to appear
Éditeur: Springer-Verlag

Situational Awareness based Risk-adaptable Access Control in Enterprise Networks

Auteurs: Brian Lee and Roman Vanickis and Franklin Rogelio and Paul Jacob
Publié dans: Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security, IoTBDS 2017, Porto, Portugal, April 24-26, 2017, Numéro 2017, 2017, Page(s) 400--405, ISBN 978-989-758-245-5
Éditeur: SciTePress
DOI: 10.5220/0006363404000405

Sphinx : a Colluder-Resistant Trust Mechanism for Collaborative Intrusion Detection

Auteurs: Carlos Garcia Cordero, Giulia Traverso, Mehrdad Nojoumian, Sheikh Mahbub Habib, Max Muhlhauser, Johannes Buchmann, Emmanouil Vasilomanolakis
Publié dans: IEEE Access, Numéro 6, 2018, Page(s) 72427-72438, ISSN 2169-3536
Éditeur: Institute of Electrical and Electronics Engineers Inc.
DOI: 10.1109/access.2018.2880297

Network entity characterization and attack prediction

Auteurs: Vaclav Bartos, Martin Zadnik, Sheikh Mahbub Habib, Emmanouil Vasilomanolakis
Publié dans: Future Generation Computer Systems, Numéro 97, 2019, Page(s) 674-686, ISSN 0167-739X
Éditeur: Elsevier BV
DOI: 10.1016/j.future.2019.03.016

Next Generation P2P Botnets: Monitoring Under Adverse Conditions

Auteurs: Leon Böck, Emmanouil Vasilomanolakis, Max Mühlhäuser, Shankar Karuppayah
Publié dans: Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Heraklion, Crete, Greece, September 10-12, 2018, Proceedings, Numéro 11050, 2018, Page(s) 511-531, ISBN 978-3-030-00469-9
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-00470-5_24

Run-Time Monitoring of Data-Handling Violations

Auteurs: Jassim Happa, Nick Moffat, Michael Goldsmith, Sadie Creese
Publié dans: Computer Security - ESORICS 2018 International Workshops, CyberICPS 2018 and SECPRE 2018, Barcelona, Spain, September 6–7, 2018, Revised Selected Papers, Numéro 11387, 2019, Page(s) 213-232, ISBN 978-3-030-12785-5
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-12786-2_13

Livrables

Publications

Partager cette page

Télécharger