Register | Lost your password?

Support

Lorem ipsum dolor sit amet:

24h / 365days

We offer support for our customers

Mon - Fri 8:00am - 5:00pm (GMT +1)

Get in touch

Cybersteel Inc.
376-293 City Road, Suite 600
San Francisco, CA 94102

Have any questions?
+44 1234 567 890

Drop us a line
info@yourdomain.com

About us

Lorem ipsum dolor sit amet, consectetuer adipiscing elit.

Aenean commodo ligula eget dolor. Aenean massa. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Donec quam felis, ultricies nec.

PROJECT

Intrusion detection via multi-dimensional analysis of security data streams

The processes employed by modern businesses, and consequently their economic success, increasingly hinge upon IT-systems, which in turn are increasingly hard to defend against security risks. On the one hand high interconnectivity grants suppliers with the opportunity to implement more efficient process chains, on the other it introduces complex dependencies and new attack vectors. Meanwhile, the last decade has seen the rise of highly organized, professional, financially motivated attackers, threatening businesses with a multitude of criminal methods.

Furthermore, the growing integration of classic information technology (IT) and operational technology (OT) creates risks of its own. These call for an increased emphasis on logging and monitoring, in addition to classic methods like firewalls and malware protection, as businesses need to assume that

1. adversaries will bypass perimeter protection and that

2. deployed malware may not be detected.

Any intrusion can only be detected through unusual behaviour of systems or applications, as well as anomalous network communication. Detecting these anomalies usually requires the aggregation of data stemming from different systems in a centralized system for correlation and analysis. This gives rise to new challenges due to the large volume of data involved. Furthermore, the development of algorithms performing the analysis is hindered by the poor availability of concurrent annotated datasets required to train and evaluate them.

In today’s IT landscape multiple tools are already being used to detect attacks, weaknesses and undesired behaviour in computer systems and networks. Signature-based methods search for the occurrence of predefined negative behaviour. Anomaly-based methods, however, build a model of normal behaviour in order to find irregularities in new data. These irregularities tend to correspond to unwanted behaviour. The structure of the data, like attributes, metrics and aggregations, from which this model is built, needs to be defined a priori. This is problematic, since it limits the analysis to finding only the anomalies that are visible in that exact structure, while missing others.

This is why the objective of this project is to develop advanced concepts for automatic aggregation and analysis of network data related to information security. In addition to covering all possible data structures to detect a variety of anomalies, automatic aggregation directly yields the view of the data that best displays anomalies. As the aggregations are generated automatically, the configuration of the system is simplified.

One of the major concerns when constructing these concepts will be efficiency, since regular hardware needs to be sufficient for supporting the resulting system. Horizontal scalability will enable the system to grow alongside an expanding IT infrastructure. Another concern is the presentation of results, which is of increased importance in automated systems. On the one hand, the results and any information explaining their classification needs to be shared with other Monitoring- and SIEM-Systems (Security and Information Management) in a structured format (Indicator of Compromise). On the other, they need to be communicated to human Security Analysts, who perform manual analysis and need to react to malicious behaviour. This necessitates proper visualization of all relevant information.

PARTNERS

Project Partners

Open Source. Open Solutions. Open Strategies. The mission of the Bremen-based IT system integrator and software house is to provide, optimize, secure and support innovative open source software solutions. Among the main priorities are security applications and monitoring systems, which can be implemented and continuously developed in customer centred projects using various products (SIEM systems, IDS, firewalls, VPN, Nagios, etc.). In addition to providing consulting, system management and software development, research projects are conducted in association with both national and international partners.

www.decoit.de

rt-solutions.de GmbH is a consulting firm which was founded in 2000 by scientists and entrepreneurs with the goal of realising performant and secure IT processes and infrastructures as a basis for effective business processes. rt-solutions.de provides consulting to leading international businesses in all questions regarding information security and data privacy. The core business of the firm are developing and operating security management systems and technological security measures, as well as auditing complex IT environments and conducting forensic investigations to analyse and solve security breaches.

rt-solutions.de

The research group Trust@HsH has been operating in the areas of trusted computing, network security and mobile security since 2006. Various BMBF-funded research projects were conducted within these areas, like tNAC, ESUKOM, VisITMeta and SIMU. Members of the research group present their results on national and international conferences and workshops, while also actively participating as liaison members in the specification processes of the Trusted Computing Group, a worldwide consortium of major IT companies ans research institutions, with the purpose of introducing internationally recognized standards in the area of IT security.

trust.f4.hs-hannover.de

Associated Partners

Plate Büromaterial Vertriebs GmbH

The Plate Büromaterial Vertreibs GmbH consists of an association of companies, located in Bremerhaven, Isernhagen, Brandenburg, Magdeburg, Dessau, Leipzig, Duisburg, Hamburg, Düsseldorf, Freiburg, Ratingen and Gütersloh. Today the group employs over 300 people and sells about 100 mio. EUR worth of “everything good for the office” annually.

www.plate.de
hanseWasser Bremen GmbH

The sewage company hanseWasser Bremen GmbH of about 400 employees operates the 2,300 kilometre long sewer network beneath Bremen, while securing a cost effective and environmentally sensitive purification process in two water treatment plants, located in Seehausen and Farge, for about 50 mio. Cubic metres of sewage per year from Bremen, neighbouring communities, as well as industrial and business customers.

www.hansewasser.de

NEWS

News from the GLACIER project

Successful completion of the GLACIER project in Hanover

On September 29th, 2021, the final GLACIER project meeting took place at the University of Sciences and Arts Hanover. The project ends after two and a half years. All project partners presented their final results and discussed different possibilities of exploitation.

GLACIER project was presented at the international IDAACS conference 2021

The 11st IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems Technology and Applications (IDAACS) took place 22th to 25th of September. This year DECOIT® and the University of Applied Sciences Hanover presented the GLACIER results. Due to the COVID-19 pandemic, the conference took place virtually, not as originally planned in Cracow, Poland.

GLACIER - seventh consortium meeting successfully held at the end of May

In the now seventh consortium meeting of the GLACIER project, which had to be held virtually again for security reasons at the end of May, the partners once again coordinated all work packages, presented the project status and discussed the tasks still open until the end of the project.

Sixth consortium meeting in the GLACIER project with positive summary

On January 14, 2021 the project participants of the research project GLACIER met virtually for the sixth consortium meeting. The consortium leader DECOIT® GmbH had invited via its in-house video conferencing system Jitsi Meet.

Fifth GLACIER consortium meeting took place as video conference

Due to Covid19 pandemia the fifth GLACIER consortium meeting took place with delay and via video conference on September 23rd, 2020.

IDAACS Wireless as virtual conference in Dortmund - GLACIER project presented

The fifth international IEEE International Symposium on Smart and Wireless Systems took place in Dortmund September 17th-18th, 2020, this time as virtual conference due to COVID-19 pandemic restrictions. The aim of the Symposium is to exchange experience and enhance scientific collaboration. DECOIT GmbH und rt-solutions.de GmbH took part to present the GLACIER project.

GLACIER consortium meeting in Bremen showed new approach to intelligent anomaly detection for the first time

On February 19, the consortium partners of the GLACIER research project (www.glacier-project.de) met to exchange information about the ongoing development work. The focus was on future planning and not on what has been achieved so far.

Third GLACIER project meeting in Cologne in mid-November

The participants of the BMBF project GLACIER came together for the third consortium meeting on November 13th in Cologne in the offices of rt-solutions.de GmbH to discuss the status of the project and to agree on the high-level architecture.

Second GLACIER project meeting took place in July at the University of Applied Sciences in Hannover

The still quite young BMBF project GLACIER met on 30th July at the research partner University of Applied Sciences in Hannover to discuss the results achieved in the first work packages.

Entry to it-sa 2019

Security fair it-sa: Successful participation of GLACIER-partner DECOIT® GmbH

The security fair it-sa in Nuremberg set new records for yet another year. 753 exhibitors from 25 countries were in attendance to display their products and solutions to an audience of 15,000 experts, thus making the exhibition grounds Germany’s main address for IT-security for the three day duration of the fair.

First Open Source Business Day at the Bremen Chamber of Commerce

On May 21st the Open Source Business Day took place for the first time in the Bremen Chamber of Commerce. The event was initiated by the Open Source Business Alliance (OSBA) and organized by DECOIT® GmbH.

Kick-off meeting on the 4th of April 2019 in Bremen

At the beginning of April, the new GLACIER research project with the long title "Attack detection by multidimensional analysis of security-relevant data streams" was launched at DECOIT® GmbH in Bremen.

PUBLICATIONS

Conference entries and presentations

T. Laue, T. Klecker, C. Kleiner, K.-O. Detken: A SIEM Architecture for Advanced Anomaly Detection. Open Journal of Big Data (OJBD), Editor in Chief: Victor Chang, Teesside University (UK), Research Online Publishing, www.ronpub.com/ojbd, RonPub UG (haftungsbeschränkt), page 26-42, ISSN 2365-029X,28.06., Lübeck 2022
M. R. Saeed: Anomalieerkennung mit Hilfe von Elastic SIEM sowie die Integration in die Architektur des Forschungsprojekts GLACIER. Bachelor Thesis, Betreuung durch die DECOIT GmbH, Hochschule Bremen, Fachbereich Elektrotechnik und Informatik, Studiengang: Technische Informatik (B.Sc.), Bremen im September 2021
V. Ahlers, T. Laue, N. Wellermann, F. Heine: Visualization of Data Cubes for Anomaly Detection in Network Traffic Data Streams. In Proceedings of the 11st IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems Technology and Applications (IDAACS), 22.-25. of September, Faculty of Electrical and Computer Engineering, Cracow University of Technology, Cracow (Poland) 2021
T. Laue, C. Kleiner, K.-O. Detken, T. Klecker: A SIEM Architecture for Multidimensional Anomaly Detection. In Proceedings of the 11st IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems Technology and Applications (IDAACS), 22.-25. of September, Faculty of Electrical and Computer Engineering, Cracow University of Technology, Cracow (Poland) 2021
K.-O. Detken: Verfügbarkeit ist nicht alles: Netzmonitoring mit Sicherheitsüberwachung. NET 09/21, 75. Jahrgang, ISSN 0947-4765, Seite 17-20, NET Verlag und Zeitschrift GbR, Kremmen 2021.
K.-O. Detken: Alles SIEM, oder was? Netzwerk-Monitoring zur Sicherheitsüberwachung. Fachzeitschrift kes - die Zeitschrift für Informations-Sicherheit, Heft-Nr. 3, 37. Jahrgang, ISSN 1611-440X, SecuMedia Verlags-GmbH, Ingelheim 2021.
K.-O. Detken: IT-Sicherheit: Wesentlich mehr Einfallstore als vor der Pandemie. Interview mit Prof. Dr. Kai-Oliver Detken, Wirtschaft in Bremen und Bremerhaven, Handelskammer-Magazin, Ausgabe 02, April 2021, 102. Jahrgang, Verlag Carl Ed. Schünemann KG, Seite 32-33, ISSN 2509-3371, Bremen 2021.
Kai-Oliver Detken: Gefährdung und Absicherung von IT-Infrastrukturen: Anomalie-Erkennung durch unterschiedliche Sicherheitssysteme, schweitzerforum, das Kundenmagazin von Schweitzer Fachinformationen, Ausgabe 02/21, Seite 18-21, München 2021
F. Heine, T. Laue, C. Kleiner: "On the Evaluation and Deployment of Machine Learning Approaches for Intrusion Detection". In Proceedings of the IEEE International Conference on Big Data Computing - 6th Special Session on Intelligent Data Mining, Atlanta, GA, USA 2020
V. Ahlers, B. Hellmann: Usability testing of visual policy evaluation for network security event detection. In C. Wartena, R. Bruns: Smart Data Analytics: Schriften des Forschungsclusters Smart Data Analytics 2020. Angewandte Forschung für die Welt von morgen 3: 94–101. Hochschule Hannover, 2020.
Detken, Eren: Handbuch Datensicherheit: Datensicherheit in Kommunikation und Information - Handlungsempfehlungen für Kommunen. Handbuch, kartoniert, 410 Seiten, ISBN 978-3-8293-1492-3, Praxis der Kommunalverwaltung, Kommunal- und Schul-Verlag GmbH & Co. KG, Wiesbaden 2020
Mahrenholz, Lukas, Paffrath, Detken: Detecting Low-Level Attacks on Wireless OT Networks. Proceedings of the 5th IEEE International Symposium on Smart and Wireless Systems within the international conferences on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS-SWS), 17.-18. of September, Dortmund University of Applied Sciences and Arts, 17.-18. of September, Seite: 226-231, ISBN 978-1-7281-9959-7, Dortmund 2020
Kai-Oliver Detken: Aber sicher bitte: So wird das Smart Home kein Einfallstor für Hacker. NET 08/20, 74. Jahrgang, ISSN 0947-4765, Seite 26-28, NET Verlag und Zeitschrift GbR, Kremmen 2020
Kai-Oliver Detken: Datenschutz in der Cloud: Lassen sich Privatsphäre und Daten-Hosting miteinander in Einklang bringen? NET 06-07/20, 74. Jahrgang, ISSN 0947-4765, Seite 43-45, NET Verlag und Zeitschrift GbR, Kremmen 2020
Kai-Oliver Detken: Corporate Security. Vom LAN zum Kommunikationsnetz: Netze und Protokolle, Teil 5/2.2, WEKA MEDIA GmbH & Co. KG, Juni 2020, ISBN 978-3-8245-8501-7, Kissing 2020
Kai-Oliver Detken: Unter der Lupe: Monitoring und Sicherheitsanalyse kritischer Industrienetze aus der Box. NET 12/19, 73. Jahrgang, ISSN 0947-4765, Seite 16-18, NET Verlag und Zeitschrift GbR, Kremmen 2019
V. Ahlers, B. Hellmann: Visual analytics of network security metadata (invited paper). In Proceedings of IWEIC 2019 Hiroshima: International Workshop on Electronics, Information and Communication. November 7–8, 2019, Hiroshima, Japan. 1–4. 2019
V. Ahlers, B. Hellmann, G. Dreo Rodosek: A user study of the visualization-assisted evaluation and management of network security detection events and policies. In Proceedings of the 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS 2019). September 18–21, 2019, Metz, France. 668–673. IEEE, 2019. DOI 10.1109/IDAACS.2019.8924439
Kai-Oliver Detken: Das Industrie-4.0-Dilemma: Messbare IT-Sicherheit in Industrieumgebungen. NET 09/19, 73. Jahrgang, ISSN 0947-4765, Seite 19-21, NET Verlag und Zeitschrift GbR, Kremmen 2019

M. Ehrlich, H. Trsek, L. Wisniewski, J. Jasperneite: Survey of Security Standards for an automated Industrie 4.0 compatible Manufacturing. In: IECON 2019 - 45th Annual Conference of the IEEE Industrial Electronics Society (IES) Lissabon (Portugal), Oct 2019

M. Ehrlich, H. Trsek, M. Gergeleit, J. Paffrath, K. Simkin, J. Jasperneite: Secure and Flexible Deployment of Industrial Applications inside Cloud-Based Environments. Accepted in: 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), Saragossa, Spanien, Sept. 2019

L. Renners, F. Heine, C. Kleiner and G. Dreo Rodosek, " Adaptive and Intelligible Prioritization for Network Security Incidents" , accepted for publication at IEEE Cyber Science Conference, Oxford, June 2019

Kai-Oliver Detken: Unternehmensschutz: IT-Monitoring und Security Information and Event Management (SIEM) für den Mittelstand. Vortrag auf dem Open Source Business Day von der Open Source Business Alliance (OSBA), Handelskammer Bremen, 21. Mai, Bremen 2019

M. Ehrlich, M. Gergeleit, K. Simkin, H. Trsek: Automated Processing of Security Requirements and Controls for a common Industrie 4.0 Use Case. In: 2019 International Conference on Networked Systems (NetSys) In: 2019 International Conference on Networked Systems (NetSys) München (Deutschland), März 2019

L. Renners, F. Heine, C. Kleiner and G. Dreo Rodosek, " Design and Evaluation of an Approach for Feedback-based Adaptation of Incident Prioritization " accepterd for publication at 2nd International Conference on Data Intelligence and Security (ICDIS), South Padre Island, TX, 2019

M. Friesen, G. Karthikeyan, S. Heiss, L. Wisniewski, H. Trsek: A comparative evaluation of security mechanisms in DDS, TLS and DTLS. In: Kommunikation in der Automation - KommA 2018 Nov 2018

M. Gergeleit, H. Trsek, T. Eisert, M. Ehrlich: Modelling Security Requirements and Controls for an Automated Deployment of Industrial IT Systems. In: 9. Jahreskolloquium "Kommunikation in der Automation - KommA" Lemgo, Deutschland, Nov 2018

M. Ehrlich, H. Trsek, J. Jasperneite: Automatische Evaluierung von Anforderungen bezüglich der Informationssicherheit für das zukünftige industrielle Netzwerkmanagement. In: Echtzeit und Sicherheit 2018 Boppard am Rhein, Deutschland, Nov 2018

M. Ehrlich, L. Wisniewski, H. Trsek, J. Jasperneite: Modelling and Automatic Mapping of Cyber Security Requirements for Industrial Applications: Survey, Problem Exposition, and Research Focus. In: 14th IEEE International Workshop on Factory Communication Systems (WFCS) Imperia (Italien), Jun 2018

L. Renners, F. Heine, C. Kleiner and G. Dreo Rodosek, "A Feedback-Based Evaluation Approach for the Continuous Adjustment of Incident Prioritization," 2018 1st International Conference on Data Intelligence and Security (ICDIS), South Padre Island, TX, 2018, pp. 176-183. doi: 10.1109/ICDIS.2018.00036

Detken: Anomalieerkennung leicht gemacht: Ziel ist die Erhöhung der Unternehmenssicherheit. NET 09/18, 72. Jahrgang, ISSN 0947-4765, Seite 18-20, NET Verlag und Zeitschrift GbR, Kremmen 2018

Detken, Jahnke, Rix, Steiner: Erfüllung von Compliance-Anforderungen durch automatisierte Bearbeitung von Sicherheitsvorfällen. D.A.CH Security 2018: Bestandsaufnahme, Konzepte, Anwendungen und Perspektiven, ISBN 978-3-00-060424-9, Hrsg. Peter Schartner und Norbert Pohlmann, syssec-Verlag, Gelsenkirchen 2018

M. Ehrlich, H. Trsek, L. Wisniewski, J. Jasperneite, D. Mahrenholz. „Automatic Mapping of Cyber Security Requirements to support Network Slicing in Software-Defined Networks”, 22nd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), Limassol, Zypern, Sept. 2017

W. Nüßer, E. Koch, H. Trsek, R. Schumann, D. Mahrenholz. „Cyber Security in Production Networks – An Empirical Study about the Current Status“, 22nd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), Limassol, Zypern, Sept. 2017

V. Wendt, M. Ehrlich, H. Trsek, L. Wisniewski, J. Jasperneite. „Security Concept for a Cloud-based Automation Service”, VDI-Kongress Automation 2017, Baden Baden, Juni 2017

Detken: Netzvisualisierung: Monitoring zur Netzdokumentation nutzen. NET 10/17, 71. Jahrgang, ISSN 0947-4765, NET Verlagsservice GmbH, Woltersdorf 2017

Detken, Jahnke, Kleiner, Rohde: Combining Network Access Control (NAC) and SIEM functionality based on Open Source. Proceedings of the 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS): Technology and Applications, ISBN: 978-1-5386-0696-4, 21-23th September, University Politehnica of Bucharest (Rumania), Bucharest 2017

Detken, Kleiner, Rohde, Steiner: IT-Sicherheitsanalyse durch NAC-Systeme mit SIEM-Funktionalität. D.A.CH Security 2017: Bestandsaufnahme, Konzepte, Anwendungen und Perspektiven, ISBN 978-3-00-057290-6, Hrsg. Peter Schartner und Andrea Baumann, syssec-Verlag, München 2017

F. Heine, and M. Rohde: "PopUp-Cubing: An Algorithm to Efficiently Use Iceberg Cubes in Data Streams”. In Proceedings of the Fourth IEEE/ACM International Conference on Big Data Computing, Applications and Technologies (BDCAT '17). ACM, 2017

F. Heine: "Outlier Detection in Data Streams Using OLAP Cubes". In: Kirikova M. et al. (eds) New Trends in Databases and Information Systems. ADBIS 2017. Communications in Computer and Information Science, vol 767. Springer, Cham

B. Hellmann, V. Ahlers, G. Dreo Rodosek: Integrating visual analysis of network security and management of detection system configurations. In Proceedings of the 2017 IEEE 9th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS). September 21–23, 2017, Bucharest, Romania. 1020–1025. IEEE, 2017. DOI 10.1109/IDAACS.2017.8095240

EVENTS

Project meetings, telephone conferences and other important dates

30.09.2021 Bremen Official end of the project GLACIER by the Federal Ministry of Education and Research
28.09.2021 Bremen Developer video conference (weekly)
21.09.2021 Bremen Developer video conference (weekly)
13.09.2021 Bremen Video conference with the partners regarding the work on AP3, AP4, AP5 and AP6
07.09.2021 Bremen Developer video conference (weekly)
06.09.2021 Bremen Start of field tests at the associated partner hanseWasser Bremen for three weeks
31.08.2021 Bremen Developer video conference (weekly)
30.08.2021 Bremen Video conference with the partners regarding the work on AP3, AP4, AP5 and AP6
24.08.2021 Bremen Developer video conference (weekly)
17.08.2021 Bremen Developer video conference (weekly)
16.08.2021 Bremen Video conference with the partners regarding the work on AP3, AP4, AP5 and AP6
10.08.2021 Bremen Developer video conference (weekly)
09.08.2021 Bremen Start of data collection in a normal state at the associated partner hanseWasser Bremen for two weeks
03.08.2021 Bremen Developer video conference (weekly)
02.08.2021 Bremen Video conference with the partners regarding the work on AP3, AP4, AP5 and AP6
27.07.2021 Bremen Developer video conference (weekly)
20.07.2021 Bremen Developer video conference (weekly)
19.07.2021 Bremen Video conference with the partners regarding the work on AP3, AP4, AP5 and AP6
13.07.2021 Bremen Developer video conference (weekly)
06.07.2021 Bremen Developer video conference (weekly)
05.07.2021 Bremen Video conference with the partners regarding the work on AP3, AP4, AP5 and AP6
29.06.2021 Bremen Developer video conference (weekly)
22.06.2021 Bremen Developer video conference (weekly)
21.06.2021 Bremen Video conference with the partners regarding the work on AP3, AP4, AP5 and AP6
15.06.2021 Bremen Developer video conference (weekly)
08.06.2021 Bremen Developer video conference (weekly)
07.06.2021 Bremen Video conference with the partners regarding the work on AP3, AP4, AP5 and AP6
01.06.2021 Bremen Developer video conference (weekly)
31.05.2021 Bremen Seventh project meeting via video conference
25.05.2021 Bremen Developer video conference (weekly)
11.05.2021 Bremen Developer video conference (weekly)
10.05.2021 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
04.05.2021 Bremen Developer video conference (weekly)
03.05.2021 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
27.04.2021 Bremen Developer video conference (weekly)
26.04.2021 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
14.04.2021 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
20.04.2021 Bremen Developer video conference (weekly)
12.04.2021 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
30.03.2021 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
22.03.2021 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
08.03.2021 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
08.03.2021 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
22.02.2021 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
08.02.2021 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
25.01.2021 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
25.01.2021 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
14.01.2021 Bremen Sixth project meeting via video conference
11.01.2021 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
14.12.2020 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
07.12.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
23.11.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
19.11.2020 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
09.11.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
02.11.2020 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
26.10.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
12.10.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
01.10.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
28.09.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
23.09.2020 Bremen Fifth project meeting at DECOIT GmbH in Bremen
21.09.2020 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
17.09.2020 Bremen Developer video conference with the partners regarding coordination of incident/anomaly data structure
14.09.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
08.09.2020 Cologne Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
31.08.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
17.08.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
10.08.2020 Cologne Developer video conference with the partners regarding introduction to the test environment
03.08.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
21.07.2020 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
20.07.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
06.07.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
22.06.2020 Bremen Video conference with the partners regarding the work on AP1, AP2, AP3 and AP4
16.06.2020 Bremen Developer video conference with the partners regarding visualization,
back-end development and anomaly detection
08.06.2020 Bremen Telephone conference with the partners regarding the work on AP1, AP2, AP3 and AP4
18.05.2020 Bremen Telephone conference with the partners regarding the work on AP1, AP2, AP3 and AP4
12.05.2020 Cologne Developer telephone conference with the partners regarding the programming language for visualization,
back-end development and anomaly detection
04.05.2020 Bremen Telephone conference with the partners regarding the work on AP1, AP2, AP3 and AP4
20.04.2020 Bremen Telephone conference with the partners regarding the work on AP1, AP2, AP3 and AP4
06.04.2020 Bremen Telephone conference with the partners regarding the work on AP1, AP2, AP3 and AP4
26.03.2020 Bremen Developer telephone conference with the partners regarding the incident report
23.03.2020 Bremen Telephone conference with the partners regarding the work on AP1, AP2, AP3 and AP4
19.03.2020 Bremen Developer telephone conference with the partners regarding the analysis process
09.03.2020 Bremen Telephone conference with the partners regarding the work on AP1 and AP2
05.03.2020 Hannover Developer workshop at the University of Applied Sciences in Hannover
19.02.2020 Bremen Fourth project meeting at DECOIT GmbH in Bremen
14.02.2020 Bremen Developer telephone conference with the partners regarding the anomalie detection
10.02.2020 Bremen Telephone conference with the partners regarding the work on AP1 and AP2
27.01.2020 Bremen Telephone conference with the partners regarding the work on AP1 and AP2
21.01.2020 Bremen Developer telephone conference with the partners regarding the anomalie detection
20.01.2020 Bremen Developer telephone conference with the partners regarding the Docker development
13.01.2020 Bremen Telephone conference with the partners regarding the work on AP1 and AP2
09.01.2020 Bremen Docker workshop with rt-solutions
16.12.2019 Bremen Telephone conference with the partners regarding the work on AP1
05.12.2019 Bremen Telephone conference with the partners regarding the development of agents
02.12.2019 Bremen Telephone conference with the partners regarding the work on AP0 and AP1
14.11.2019 Cologne Third project meeting at rt-solutions in Cologne
04.11.2019 Bremen Telephone conference with the partners regarding the work on AP0 and AP1
21.10.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
07.10.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
23.09.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
09.09.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
26.08.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
19.08.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
12.08.2019 Bremen Telephone conference with the developers regarding the high-level architecture
12.08.2019 Bremen Telephone conference with the partners regarding the work on AP0 and AP1
30.07.2019 Hannover Second project meeting in Hannover
15.07.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
01.07.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
17.06.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
27.05.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
26.05.2019 Bremen Workshop at the associated partner hanseWasser
21.05.2019 Bremen Open Source Business Day at the Bremen Chamber of Commerce
13.05.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
29.04.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
15.04.2019 Bremen Telephone conference with the partners regarding the work on the AP0-reports
04.04.2019 Bremen Kick-off meeting at DECOIT® GmbH
01.04.2019 Bremen Official BMWi start date for the GLACIER project

DOWNLOADS

Contents

 

Zeek or advertised "The Zeek Network Security Monitor" is an open source framework for network analysis. It was originally developed by Vern Paxon in 1994, is licensed under the BSD license and consists of the programming language C++. It was originally called Bro and renamed Zeek in 2018. Zeek works as an Intrusion Detection System (IDS) and acts as a sensor to passively monitor the network. Zeek interprets network traffic and creates transaction logs with high fidelity, file content and customized output to provide it to a SIEM system in an analysis-friendly manner. Its script base allows for a wide variety of scenarios to be mapped.

https://zeek.org/

 

OpenVAS is an open source framework consisting of various services and tools and thus forms a basis for vulnerability scanning and management. OpenVAS stands for "Open Vulnerability Assessment System", is subject to the GPL license and has been implemented in C programming language. The active security scanner has been embedded into the basic structure of the Greenbone Vulnerability Management (GVM) since 2019, as Greenbone Networks has been improving and extending OpenVAS since 2009, mainly for commercial use. The scanner is complemented by a daily updated feed service with over 50,000 Network Vulnerability Tests (NVT). The German Federal Office for Information Security (BSI) recommends OpenVAS for monitoring your own vulnerabilities and makes it available.

https://openvas.org/

 

Wazuh is an open source based Intrusion Detection System (IDS) that can perform protocol analysis, integrity checks, Windows registry monitoring, rootkit detection, and time-based alerts, and enables active response. It is a fork of OSSEC (Open Source HIDS SECurity), which is used by the SIEM system OSSIM. It is licensed under the GNU GPLv2 license and can be used for any operating system.

https://wazuh.com/

 

RabbitMQ is an open source based message broker implemented on the basis of the Advanced Messaging Queuing Protocol (AMQP). AMQP is an open standard that represents a binary network protocol that communicates between client and message broker independent of the programming language. Erlang was used as the RabbitMQ programming language and it is subject to the Mozilla Public License. With RabbitMQ it is possible to develop large systems independently of each other by using queues for effective data exchange. Messaging with high data volume can be carried out reliably.

https://www.rabbitmq.com/

 

Elasticsearch is a distributed open source search engine and analysis engine for arbitrary data. It is based on Apache Lucene and is a central component of ElasticStack, a collection of open source tools for the ingestion, enrichment, storage, analysis and visualization of data. Elasticsearch is written in Java and stores documents in a NoSQL format using JavaScript Object Notation (JSON). The communication with clients is done via a Rest API. The core is subject to open source licenses, while other parts are under the commercial Elastic License. This is also the case with Elastic SIEM, which is an integration for network and host data and provides analysis features based on Elastic Common Schema (ECS) using Kibana.

https://www.elastic.io/

 

Kibana is a browser-based open source analysis platform based on the search engine Elasticsearch. It enables the search and visualization of the data contained in the Elasticsearch indexes. Elasticsearch, Kibana, Logtash and Beats together form the Elasticstack, which is a collection of open source software for the analysis of log files and large data sets. This allows subsequent reports to be generated from the recorded data sets. Kibana is licensed under the Apache license and written in JavaScript.

https://www.elastic.co/de/kibana/

 

Docker is an open source software for isolating applications by means of container virtualization. Docker is based on the programming language Go and can be used on any operating system. It is subject to the Apache license 2.0 and simplifies the deployment of applications. Containers ensure the separation and management of computer resources. This includes code, runtime module, system tools and system libraries. Docker also offers embedded version management.

https://www.docker.com

 

DTAG Community Honeypot Project

http://dtag-dev-sec.github.io/

CONTACT US

Do you have questions regarding our product?

Contact us: info (at) decoit.de

Funding

Funded by

BMBF
Copyright GLACIER--Konsortium 2019-2022. All Rights Reserved.
PrivacyImprint
Only those cookies are loaded that are necessary for the operation of the website. Further information on which cookies we use can be found in our privacy policy and our imprint.
Accept