Cybersecurity: data, information and risk (CIBERDINE)
Funded by: Comunidad Autónoma de Madrid. CIBERDINE. S2013/ICE-3095
Research Groups: COSEC –Coordinador– (Universidad Carlos III de Madrid); AIDA (Universidad Autónoma de Madrid), GICSI (Consejo Superior de Investigaciones Científicas).
Associates Companies and Institution: Mando Conjunto de la Ciberdefensa (MCCD); Centro Universitario de la Guardia Civil (CUGC); Centro Criptológico Nacional/Centro Nacional de Inteligencia (CCN/CNI); Instituto Nacional de Ciberseguridad (INCIBE); Grupo Banco Santander; Epoche & Espri.
This project aims at strengthening our capabilities to prevent, detect, and respond to cyberattacks by developing techniques that improve situational awareness and cater for a dynamic threat management. To do so, we propose an interdisciplinary research program that tackles three important challenges in cybersecurity research.
Firstly, interdependences among networks and information systems are forcing us to adopt cooperative strategies where entities of a very different nature exchange information about vulnerabilities, threats, actors, tactics, ongoing incidents, countermeasures, etc. However, organizations are extremely reluctant to openly share such information. This calls for models and technologies that facilitate sharing by determining what to share, when, with whom, as well as reasoning about the repercussions of sharing confidential data. Secondly, an improved defense capability requires a deeper and more intelligent analysis of all events that take place in the network. This requires to adapt, and develop where necessary, Big Data technologies to analyze massive amounts of securityrelated information.
Finally, an effective threat management system needs to put in context available information, automatically derive dynamic risk levels for all systems, and support decisions about the selection and deployment of optimal countermeasures.