cyber situational awareness for evolving computing environments

5 Januar 2024

Prof. Dr. Wolfgang Hommel, Professur für IT-Sicherheit von Software und Daten am Institut für Softwaretechnologie, Fakultät für Informatik und PD Dr. Corinna Schmitt, FI CODE haben mit dem Forschungsinstitut CODE das Projekt „Adapting cyber situational awareness for evolving computing environments (NEWSROOM)“ im Rahmen von European Defence Fund (EDF) bei der Europäischen Kommission eingeworben.

Laufzeit: 01.12.2023 bis 30.11.2026
Förderung: European Defence Fund (EDF) – Europäische Kommission

Cyberspace has become an increasingly contested military domain. To mitigate significant incidents with immediate consequences for both military and civil critical infrastructures, strategic cooperation among EU member states and allied countries in cyber defence is needed. The first step towards effective defence is to obtain situational awareness, which is the basis for any successful counteraction. In particular, cyber situational awareness (CSA) aims at providing all stakeholders and personnel of all levels and forces in the chain of command with accurate information about the current threat landscape, according to the individual needs of the users.

Building a CSA, especially in a cross-domain and cross-country fashion, is a complex task, requiring successful integration of research from different fields, including but not limited to data and CTI collection, collaborative and federated learning, attack behaviour classification, visualisation techniques, cryptogaphy for CTI sharing and trust, or deception technologies and digital twins. However, state of the art solutions do not provide a full integration of all necessary technologies and tools to offer a holistic CSA picture.

The main ambition of NEWSROOM is therefore to overcome the current limitations, by studying all relevant CSA aspects, and designing an integrated CSA platform combining data insights, collaborative intrusion detection for attack classification, and information and CTI sharing considering military standards regarding information security and confidentiality. Advanced visualisation concepts will allow for a mission-specific view at all levels of the command hierarchy. Following a co-creation approach involving all relevant stakeholders, NEWSROOM will identify relevant application scenarios for CSA technoligies in cyber defence, which will be validated in cyber range environments to enable realistic conditions for testing CSA solutions and processes, and training military staff.

Bild: © gettyimages/gorodenkoff