The first year of the PROTECTIVE project completed

The first year of the PROTECTIVE project completed

Since 1st September, 2016, together with 10 partners led by Athlone Institute of Technology (Ireland), PSNC realizes a three-year European H2020 PROTECTIVE project (Proactive Risk Management through Improved Situational Awareness). PSNC is one of three consortium partners – besides organizations from Czech CESNET and Romania RoEduNet – representing National Research and Education Network (NREN) operators. The main goal of the project is to develop platform supporting operational activities of CERT/CSIRT teams in the NREN and SME infrastructures.

In the first phase of the project detailed requirements for the final PROTECTIVE platform have been gathered and defined, e.g. through surveys and a series of study visits (one of them was held in PSNC in January). Then the general architecture of the platform has been prepared. The basic functional components have been differentiated – e.g. data ingestion, enrichment, correlation, prioritization and visualization modules, as well as backend functionalities (e.g. storage and database facilities). Relevant data flows between particular modules have been defined as well. After a thorough analysis, it has been decided that the first version (out of three planned) of the PROTECTIVE platform will rely on, among others, existing tools developed by CESNET: Warden and Mentat that will be gradually supplemented with bespoke software, extending the platform functionality and building the added value of PROTECTIV.

Poznań Supercomputing and Networking Center conducts research on correlating events (alerts) from heterogeneous sources into a more compound structures (meta-alerts) as well as on prioritizing meta-alerts, using Multi-Criteria Decision Analysis approaches. We also develop elements of the first demonstrator, for instance connectors for the existing cybersecurity infrastructures, facilitating secure sharing of anonymized threat intelligence information. Besides the NREN demonstrator, the PROTECTIVE consortium builds a separate pilot installation for the SME sector, under the direction of another project partner – The Email Laundry.

The research status will be announced e.g. during the Euro-CASE 2017 conference, co-organized by PSNC on 7th-8th November in Polish Optical Internet Research Center in Poznań. The first version of the demonstrator will be ready by then, and just the previous week the first periodic review of the project will be conducted by the EU in Brussels.

More information about the PROTECTIVE project may be found at: https://protective-h2020.eu/.

We have also a project Twitter account: #ProtectiveH2020.