Opendata, web and dolomites

DiSIEM SIGNED

Diversity Enhancements for SIEMs

Total Cost €

0

EC-Contrib. €

0

Partnership

0

Views

0

Project "DiSIEM" data sheet

The following table provides information about the project.

Coordinator
FCIENCIAS.ID - ASSOCIACAO PARA A INVESTIGACAO E DESENVOLVIMENTO DE CIENCIAS 

Organization address
address: CAMPO GRANDE, EDIFICIO C1, PISO 3
city: LISBON
postcode: 1749 016
website: http://www.fciencias-id.pt

contact info
title: n.a.
name: n.a.
surname: n.a.
function: n.a.
email: n.a.
telephone: n.a.
fax: n.a.

 Coordinator Country Portugal [PT]
 Project website http://disiem-project.eu
 Total cost 4˙020˙018 €
 EC max contribution 3˙445˙875 € (86%)
 Programme 1. H2020-EU.3.7. (Secure societies - Protecting freedom and security of Europe and its citizens)
 Code Call H2020-DS-2015-1
 Funding Scheme IA
 Starting year 2016
 Duration (year-month-day) from 2016-09-01   to  2019-08-31

 Partnership

Take a look of project's partnership.

# participants  country  role  EC contrib. [€] 
1    FCIENCIAS.ID - ASSOCIACAO PARA A INVESTIGACAO E DESENVOLVIMENTO DE CIENCIAS PT (LISBON) coordinator 619˙776.00
2    CITY UNIVERSITY OF LONDON UK (LONDON) participant 910˙376.00
3    FRAUNHOFER GESELLSCHAFT ZUR FOERDERUNG DER ANGEWANDTEN FORSCHUNG E.V. DE (MUNCHEN) participant 481˙770.00
4    AMADEUS IT GROUP SA ES (MADRID) participant 460˙110.00
5    ATOS SPAIN SA ES (MADRID) participant 415˙187.00
6    DIGITALMR LIMITED UK (LONDON) participant 257˙075.00
7    EDP - ENERGIAS DE PORTUGAL SA PT (LISBOA) participant 207˙294.00
8    FUNDACAO DA FACULDADE DE CIENCIAS DA UNIVERSIDADE DE LISBOA FP PT (LISBOA) participant 94˙285.00

Map

 Project objective

Security Information and Event Management (SIEM) systems are a fundamental component of the ubiquitous ICT infrastructures that form the backbone of our digital society. These systems are mostly used to monitor infrastructures using many types of sensors and tools and correlate the obtained events to discover possible threats (attacks, vulnerabilities, etc.) to the organization. The DiSIEM project aims to enhance existing SIEM systems with diversity-related technology. More specifically, we want to (1) enhance the quality of events collected using a diverse set of sensors and novel anomaly detectors, (2) add support for collecting infrastructure-related information from open-source intelligence data available on diverse sources from the internet, (3) create new ways for visualising the information collected in the SIEM and provide high-level security metrics and models for improving security-related decision project, and (4) allow the use of multiple storage clouds for secure long-term archival of the raw events feed to the SIEM. Given the high costs of deployment of SIEM infrastructures, all these enhancements will be developed in a SIEM-independent way, as extensions to currently available systems, and will be validated through the deployed in three large-scale production environments.

 Deliverables

List of deliverables.
Fully operating, integrated visualisation system with diverse SIEMs Demonstrators, pilots, prototypes 2019-11-22 11:55:30
Refinements of the models and metrics based on pilot deployments Documents, reports 2019-11-22 11:55:16
Results of the competition on machine learning for security Documents, reports 2019-11-22 11:55:33
Validation plan Documents, reports 2019-11-22 11:56:03
Early-stage prototypes Demonstrators, pilots, prototypes 2019-11-22 11:55:20
Security metrics and measurements Documents, reports 2019-07-26 12:03:16
Preliminary architecture and service model of infrastructure enhancements Documents, reports 2019-07-26 12:03:15
Visualisation system infrastructure and requirement analysis Documents, reports 2019-07-26 12:03:16
Probabilistic modelling of diversity for security and of security trends Documents, reports 2019-07-26 12:03:15
In-depth analysis of SIEMs extensibility Documents, reports 2019-07-26 12:03:15
Internal and external IT communication infrastructure Documents, reports 2019-07-26 12:03:15
Techniques and tools for OSINT-based threat analysis Documents, reports 2019-07-26 12:03:16
Data management plan Documents, reports 2019-07-26 12:03:15
Risk assessment plan Documents, reports 2019-07-26 12:03:16
OSINT data fusion and analysis architecture Documents, reports 2019-07-26 12:03:16
Reference architecture and integration plan Documents, reports 2019-07-26 12:03:16
Project quality plan Other 2019-07-26 12:03:15

Take a look to the deliverables list in detail:  detailed list of DiSIEM deliverables.

 Publications

year authors and title journal last update
List of publications.
2019 Phong H. Nguyen, Rafael Henkin, Siming Chen, Natalia Andrienko, Gennady Andrienko, Olivier Thonnard, Cagatay Turkay
VASABI: Hierarchical User Profiles for Interactive Visual User Behaviour Analytics
published pages: 1-1, ISSN: 1077-2626, DOI: 10.1109/tvcg.2019.2934609
IEEE Transactions on Visualization and Computer Graphics 2019-12-17
2019 Ricardo Mendes, Tiago Oliveira, Vinicius Vielmo Cogo, Nuno Ferreira Neves, Alysson Neves Bessani
CHARON: A Secure Cloud-of-Clouds System for Storing and Sharing Big Data
published pages: 1-1, ISSN: 2168-7161, DOI: 10.1109/tcc.2019.2916856
IEEE Transactions on Cloud Computing 2019-12-17
2019 Yazdan Movahedi, Michel Cukier, Ambrose Andongabo, Ilir Gashi
Cluster-based vulnerability assessment of operating systems and web browsers
published pages: 139-160, ISSN: 0010-485X, DOI: 10.1007/s00607-018-0663-0
Computing 101/2 2019-12-17
2019 Yazdan Movahedi, Michel Cukier, Ilir Gashi
Vulnerability prediction capability: A comparison between vulnerability discovery models and neural network models
published pages: 101596, ISSN: 0167-4048, DOI: 10.1016/j.cose.2019.101596
Computers & Security 87 2019-12-17
2019 Phong H. Nguyen, Cagatay Turkay, Gennady Andrienko, Natalia Andrienko, Olivier Thonnard, Jihane Zouaoui
Understanding User Behaviour through Action Sequences: From the Usual to the Unusual
published pages: 2838-2852, ISSN: 1077-2626, DOI: 10.1109/TVCG.2018.2859969
IEEE Transactions on Visualization and Computer Graphics 25/9 2019-12-17
2019 Eduardo Viegas, Altair Santin, Alysson Bessani, Nuno Neves
BigFlow: Real-time and reliable anomaly-based intrusion detection for high-speed networks
published pages: 473-485, ISSN: 0167-739X, DOI: 10.1016/j.future.2018.09.051
Future Generation Computer Systems 93 2019-12-17
2018 Rui Azevedo
Leveraging OSINT to Improve Threat Intelligence Quality
published pages: , ISSN: , DOI:
Master Thesis 1 2019-12-17
2019 Miguel Garcia Tavares Henriques
Diverse Intrusion-tolerant Systems
published pages: , ISSN: , DOI:
PhD Thesis 1 2019-12-17
2019 Siming Chen, Natalia Andrienko, Gennady Andrienko, Linara Adilova, Jeremie Barlet, Joerg Kindermann, Phong Hai Nguyen, Olivier Thonnard, Cagatay Turkay
LDA Ensembles for Interactive Exploration and Categorization of Behaviors
published pages: 1-1, ISSN: 1077-2626, DOI: 10.1109/tvcg.2019.2904069
IEEE Transactions on Visualization and Computer Graphics 2019-12-17
2017 Alves, João Paulo Martins José Teixeira
Threat intelligence: using osint and security metrics to enhance siem capabilities
published pages: , ISSN: , DOI:
Master Thesis 1 2019-07-26
2017 João Alves, Ana Respício, Ivo Rosa, Pedro Rodrigues
Threat Intelligence – Improving SIEM cybercriminality awareness using information from IP blacklists
published pages: , ISSN: , DOI:
eCrime2017.EU – APWG.EU Symposium on Electronic Crime Research 2019-07-26
2017 Eunice Branco
Cyberthreat Discovery in Open Source Intelligence using Deep Learning Techniques
published pages: , ISSN: , DOI:
Master Thesis 1 2019-07-26
2017 Ivo Vacas
Geração Automática de Conhecimento para SDI extraído de OSINTs
published pages: , ISSN: , DOI:
Master Thesis 1 2019-07-26
2017 Phong H. Nguyen, Cagatay Turkay, Gennady Andrienko, Natalia Andrienko and Olivier Thonnard
A Visual Analytics Approach for User Behaviour Understanding through Action Sequence Analysis
published pages: , ISSN: , DOI: 10.2312/eurova.20171122
8th Int. EuroVis Workshop on Visual Analytics - EuroVA 2017 2019-07-26
2017 Luis M. Ferreira
A multi-level model for risk assessment in SIEM
published pages: , ISSN: , DOI:
Master Thesis 1 2019-07-26
2018 Marques, Pedro Daniel Magalhães
Assessment on the effectiveness of design diversity for network security and monitoring
published pages: , ISSN: , DOI:
Master Thesis 1 2019-09-05
2018 Osório, Ana Mafalda Silva
Threat detection in SIEM considering risk assessment
published pages: , ISSN: , DOI:
Master Thesis 1 2019-09-05
2018 Dionísio, Nuno Rafael Marques
Improving cyberthreat discovery in open source intelligence using deep learning techniques
published pages: , ISSN: , DOI:
Master Thesis 1 2019-09-05

Are you the coordinator (or a participant) of this project? Plaese send me more information about the "DISIEM" project.

For instance: the website url (it has not provided by EU-opendata yet), the logo, a more detailed description of the project (in plain text as a rtf file or a word file), some pictures (as picture files, not embedded into any word file), twitter account, linkedin page, etc.

Send me an  email (fabio@fabiodisconzi.com) and I put them in your project's page as son as possible.

Thanks. And then put a link of this page into your project's website.

The information about "DISIEM" are provided by the European Opendata Portal: CORDIS opendata.

More projects from the same programme (H2020-EU.3.7.)

IECEU (2015)

Improving the Effectiveness of the Capabilities (IEC) in EU conflict prevention

Read More  

EMYNOS (2015)

nExt generation eMergencY commuNicatiOnS

Read More  

SEREN 3 (2015)

Security Research NCP Network 3

Read More