Motivation

With growing dependence on the so-called critical information infrastructures, the need to protect them against cyber attacks increases. Currently, some tools for network traffic monitoring and attacks´ detection exist, but their full potential has not been reached yet.

In the CRUSOE project, we aim to get applicated those tools which ensure situation awareness into critical information infrastructure protection area. The situational awareness enables perceiving security situation in continuity, thereby members of CSIRT teams can fastly orientate in the situation and choose an optimal strategy with regard to ongoing cyber attacks. Security teams are able to consider impacts on infrastructure´s functionality and eliminate wrong solutions which do not reflect the situation in context.

Situational awareness includes three conditionally related parts: perception, understanding, projection. Without the complex perception of the situation in time and in place, one could not fully understand it. Also, without understanding, its development cannot be projected. Situational awareness guarantees conscious decision-making and reactions.

Technology and specifics

• Effective system architecture, which holds situational awareness about protected network
  The system reflects the past and the future state of the protected network, and in accordance with the principles of the situation awareness, it guides security teams in choosing the optimal strategy for using reactive precautions. The main objective is supplanting the fastest solution with the most effective one.

• Tools supporting conversance of security teams
  Researched tools help CSIRT teams to orientate in current situation fastly, with regard to ongoing cyber attack, appearances of vulnerabilities, requirements for confidence, availability and integrity of critical information infrastructures.

IDENTIFICATION CODE

VI20172020070

PROVIDER