The Evolution of the CRUSOE Toolset: Enhancing Decision Support in Network Security Management

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F24%3A00137384" target="_blank" >RIV/00216224:14610/24:00137384 - isvavai.cz</a>

Výsledek na webu

<a href="https://opendl.ifip-tc6.org/db/conf/cnsm/cnsm2024/1571059474.pdf" target="_blank" >https://opendl.ifip-tc6.org/db/conf/cnsm/cnsm2024/1571059474.pdf</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.23919/CNSM62983.2024.10814288" target="_blank" >10.23919/CNSM62983.2024.10814288</a>

Jazyk výsledku

angličtina

Název v původním jazyce

The Evolution of the CRUSOE Toolset: Enhancing Decision Support in Network Security Management

Popis výsledku v původním jazyce

This demo paper presents the recent development of the CRUSOE toolset. CRUSOE enables cyber situational awareness and provides decision support for network security management. The first public version from 2021 used a combination of active and passive network monitoring to enumerate cyber assets and discover their vulnerabilities, visualize the collected data in a dashboard, conduct a risk assessment to recommend the most resilient infrastructure configuration, and facilitate attack mitigation. It also used novel approaches, such as a graph database for storing the data on cyber assets, which essentially became a knowledge graph for network security management. In the recent development, we managed to automate the deployment of CRUSOE via Ansible and Docker. Further, we implemented additional recommender systems and attack impact assessment capabilities and their visualizations. Finally, several sample datasets were created to facilitate the demonstration of the toolset and to enable testing it without one's data.

Název v anglickém jazyce

The Evolution of the CRUSOE Toolset: Enhancing Decision Support in Network Security Management

Popis výsledku anglicky

This demo paper presents the recent development of the CRUSOE toolset. CRUSOE enables cyber situational awareness and provides decision support for network security management. The first public version from 2021 used a combination of active and passive network monitoring to enumerate cyber assets and discover their vulnerabilities, visualize the collected data in a dashboard, conduct a risk assessment to recommend the most resilient infrastructure configuration, and facilitate attack mitigation. It also used novel approaches, such as a graph database for storing the data on cyber assets, which essentially became a knowledge graph for network security management. In the recent development, we managed to automate the deployment of CRUSOE via Ansible and Docker. Further, we implemented additional recommender systems and attack impact assessment capabilities and their visualizations. Finally, several sample datasets were created to facilitate the demonstration of the toolset and to enable testing it without one's data.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

<a href="/cs/project/EH22_010%2F0003229" target="_blank" >EH22_010/0003229: MSCAfellow5_MUNI</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

2024 20th International Conference on Network and Service Management (CNSM)

ISBN

9798331505158

ISSN

2165-9605

e-ISSN

—

Počet stran výsledku

3

Strana od-do

1-3

Název nakladatele

IEEE

Místo vydání

New York, NY

Místo konání akce

Prague

Datum konání akce

28. 10. 2024

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

001414325200004