Speaker: Rogerio de Lemos, University of Kent, UK
When: Wednesday, April 03rd
Where: Sala Riunioni di Matematica, Coppito I building at: 2:30 PM
Abstract:
Analysing cyber threat information (CTI) provides organisations with valuable intelligence about which of their systems are being attacked, and who is attacking them. If organisations could pool their CTI then it is quite likely that other, possibly low level, distributed attacks would be identified. But organisations are not usually willing to share their CTI because of the confidential and private information that it contains. If organisations could be re-assured that the sharing would have minimal consequences, according to their risk and trust profiles, then this should be beneficial to the them and the entire community. The EC H2020 C3ISP project is enabling organisations to share their CTI by allowing them to specify Data Sharing Agreements (DSAs), and by enforcing these DSAs either on the organisation’s own premises or in a trusted third party service provider, prior to the analysis. This talk will described the various technologies that comprise the C3ISP infrastructure, and how they can be distributed and integrated in order to allow organisations to share their CTI in a trustworthy manner. The four validating pilot projects, involving CERTs, ISPs, multinationals and SMEs will also be briefly described.
Speaker short bio:
Rogerio de Lemos is a senior lecturer in the School of Computing at the University of Kent since 1999. In 2009, he was an invited assistant professor at the University of Coimbra in Portugal. Previously to joining Kent, he was a Senior Research Associate at the Centre for Software Reliability (CSR) at the University of Newcastle upon Tyne. His
research interests are on software engineering for self-adaptive systems, architecting dependable and secure systems, insider threats, and resilient AI.