Have any questions?
+44 1234 567 890
Kick-off meeting on the 4th of April 2019 in Bremen
At the beginning of April, the new GLACIER research project with the long title "Attack detection by multidimensional analysis of security-relevant data streams" was launched at DECOIT® GmbH in Bremen. All project partners, as well as the associated partners and the project sponsor VDI/VDE-IT attended the first kick-off meeting. GLACIER ties in with the IT security projects of the last years, whereby DECOIT® GmbH continues to focus its orientation. In addition, it will once again be in charge of project management.
The object of the project is the development of advanced concepts for automatic aggregation and analysis of security-relevant network data. Automated aggregation and analysis should not only detect an anomaly, but also provide a more direct view of the data describing the malfunction. A manual description of the aggregation for each combination of dimensions is no longer necessary, making the configuration of the system much easier. Special importance is attached to automatic and efficient processing, which must also be manageable with regular hardware. Especially in the context of this increased automation of the evaluation processes, the interpretation of the results also becomes more relevant. On the one hand, it should be possible to share results and their basis for decision-making with other monitoring and SIEM systems (Security Information and Event Management) on the basis of a formalised description (Indicator of Compromise). On the other hand, for the support of manual analysis processes, the traceability by a human security analyst must be ensured in order to be able to take appropriate measures. For this purpose, concepts of an appropriate visualization of relevant information are of central importance.
Current methods in security analysis have not yet been able to provide such multidimensional processing. Consequently, intelligent recognition possibilities based on this processing have not yet been investigated, but offer promising perspectives for the GLACIER project.
The partners Hannover University of Applied Sciences and DECOIT® GmbH are old acquaintances through joint research projects. As new partner rt-solutions.de could be won. The company exists since the year 2000 and integrates and cares for SIEM systems for larger platforms mainly focussing IT security. As associated partners, hanseWasser GmbH and PLATE Büromaterial Vertriebs GmbH are affiliated to the project. While hanseWasser, as a CRITIS environment, has to secure its infrastructure permanently against attackers, PLATE focuses more on sensitive customer information that must not leave the company. Both partners are very well suited as test candidates, as they can be used to evaluate production and office networks, which, as is well known, have completely different requirements.
The kick-off meeting was very constructive. DECOIT® GmbH was already able to present a logo and design proposal for the project website, so that in future all new information about it will be available. A uniform development and communication platform has also already been adopted. The work of the first work package could therefore be discussed and initiated in the afternoon. The first architectural proposals have also already been discussed. This means that work can now finally begin without delay, which originally began with a first research proposal in mid-April 2017.