The Evolution of the CRUSOE Toolset: Enhancing Decision Support in Network Security Management

Logo poskytovatele

Varování

Publikace nespadá pod Filozofickou fakultu, ale pod Ústav výpočetní techniky. Oficiální stránka publikace je na webu muni.cz.
Autoři

HUSÁK Martin SADLEK Lukáš HESKO Martin ŠEBELA Vít ŠPAČEK Stanislav

Rok publikování 2024
Druh Článek ve sborníku
Konference 20th International Conference on Network and Service Management, CNSM 2024
Fakulta / Pracoviště MU

Ústav výpočetní techniky

Citace
www https://opendl.ifip-tc6.org/db/conf/cnsm/cnsm2024/1571059474.pdf
Přiložené soubory
Popis This demo paper presents the recent development of the CRUSOE toolset. CRUSOE enables cyber situational awareness and provides decision support for network security management. The first public version from 2021 used a combination of active and passive network monitoring to enumerate cyber assets and discover their vulnerabilities, visualize the collected data in a dashboard, conduct a risk assessment to recommend the most resilient infrastructure configuration, and facilitate attack mitigation. It also used novel approaches, such as a graph database for storing the data on cyber assets, which essentially became a knowledge graph for network security management. In the recent development, we managed to automate the deployment of CRUSOE via Ansible and Docker. Further, we implemented additional recommender systems and attack impact assessment capabilities and their visualizations. Finally, several sample datasets were created to facilitate the demonstration of the toolset and to enable testing it without one's data.
Související projekty:

Používáte starou verzi internetového prohlížeče. Doporučujeme aktualizovat Váš prohlížeč na nejnovější verzi.