Sharing and Automation for Privacy Preserving Attack Neutralization (SAPPAN)

Acronym: SAPPAN

Poskytovatel: European Union
Program: H2020
Identification number: 833418

Implementation period: 5/2019–4/2022

Coordinatior:
Fraunhofer Gesellschaft zur Foerderung der Angewandten Forschung e.V.
Number of partners: 8
Role of CESNET: partner
Manager for CESNET:
Ing. Martin Žádník, Ph.D.

SAPPAN aims to develop a platform for sharing and automation to enable privacy preserving and efficient response and recovery utilizing advanced data analysis and machine learning. SAPPAN will provide a cyber threat intelligence system that decreases the effort required by a security analyst to find optimal responses to and ways to recover from an attack. SAPPAN will enable this within a single organization as well as across organisations through novel models for privacy-preserving data processing and sharing. It will enable utilizing external experts for intrusion detection and sharing of knowledge on response and recovery actions while respecting the privacy and confidentiality requirements of individuals and organizations.

SAPPAN will enable a European level perspective on advanced cyber security threats detection, response, and recovery making four key contributions that go beyond existing approaches:

  1. privacy-preserving aggregation and data analytics including advanced client-side abstractions,
  2. federated threat detection based on sharing of anonymised data and sharing of trained machine learning models,
  3. standardisation of knowledge in the context of incident response and recovery to enable reuse and sharing,
  4. visual, interactive support for Security Operation Center operators.

Last change: 26.3.2020