Analysing cyber threat information (CTI) provides organisations with valuable intelligence about which of their systems are being attacked, and who is attacking them. If organisations could pool their CTI then it is quite likely that other, possibly low level, distributed attacks would be identified. But organisations are not usually willing to share their CTI because of the confidential and private information that it contains. If organisations could be re-assured that the sharing would have minimal consequences, according to their risk and trust profiles, then this should be beneficial to the them and the entire community. The EC H2020 C3ISP project is enabling organisations to share their CTI by allowing them to specify Data Sharing Agreements (DSAs), and by enforcing these DSAs either on the organisation's own premises or in a trusted third party service provider, prior to the analysis. This talk will described the various technologies that comprise the C3ISP infrastructure, and how they can be distributed and integrated in order to allow organisations to share their CTI in a trustworthy manner. The 4 validating pilot projects, involving CERTs, ISPs, multinationals and SMEs will also be briefly described.
Rogério de Lemos is a senior lecturer in the School of Computing at the University of Kent since 1999. In 2009, he was an invited assistant professor at the University of Coimbra in Portugal. Previously to joining Kent, he was a Senior Research Associate at the Centre for Software Reliability (CSR) at the University of Newcastle upon Tyne. His research interests are on software engineering for self-adaptive systems, architecting dependable and secure systems, insider threats, and resilient AI.
Cornwallis South West,
University of Kent,
DetailsOpen to everyone, especially those interested in cyber security research,
Contact: Jason R.C. Nurse