Results

D8.3 – SOCCRATES First dissemination report

This document is the intermediate report on dissemination activities and contains the progress of dissemination activities and standardization activities in the first half of the SOCCRATES project. We also have included the first ideas for exploitation of results during and after the project. Additionally, we report on the progress on the dissemination KPI’s as defined in the SOCCRATES Dissemination Plan.

D3.1 Initial ADG based Attack prototypes

The SOCCRATES platform consists of eleven components. This deliverable describes the initial prototype implementations of two of the components, the Infrastructure modelling component (IMC) and Attack Defence Graph.

D7.1 Pilot specification and plan

This deliverable presents the plan for the pilots in the SOCCRATES project: experiment design, use cases and scenarios, metrics, measurement methodologies, assumptions, pilot site requirements, and deployment. The goal of the pilots is to validate the SOCCRATES platform in a realistic environment.

This deliverable is classified as Project internal and therefore is not publicly published.

D6.1 Initial version of the SOCCRATES Platform Orchestration, Reconfiguration and Front-end

This deliverable details the initial results on the development of the SOCCRATES Orchestrator and Integration Engine and the plans for the development of the Reconfiguration capabilities and the SOCCRATES Web Front-end.

Video of first SOCCRATES webinar on AI based Attack Detection

This is the recording of the SOCCRATES webinar nr. 1, on AI Based Attack Detection (AAD). It was recorded on October 13th 2020. In this webinar, we explain how the SOCCRATES AAD component combines alerts (events) from different AI-based detection tools to perform event-based reasoning about potential root causes of those alerts.

D5.1 Definition of the business model structure, inputs and interfaces

This deliverable describes the Business Logic modelling used for the Business Impact Analyser
of the SOCCRATES platform. It describes the model structure, inputs and interfaces.

D4.2 Threat Identification and Threat Trend Prediction – Initial Prototype

This deliverable provides an overview of the initial threat identification and trend prediction toolset prototyping carried out as part of Task 4.2 in WP4: Threat Identification and Threat Trend Prediction. A set of Dockerized tools utilizing ML and string similarity algorithms has been developed for the purpose of identifying and classifying DGA-based domains in large domain datasets derived from The Shadowserver Foundation’s malware sandbox.

D4.1 AI-based Attack Detection to Detect Advanced Threats

This deliverable provides an overview of all the algorithms and models to be used in the AI-based Attack Detection (AAD) component of the SOCCRATES platform. A set of intrusion detection tools and the over-arching reasoning engine used for correlating the produced alerts are described in detail. The efficiency of the pro-posed AAD component is illustrated by means of numerical experiments on the CIDDS public dataset. Integration and deployment matters are also addressed.

D2.2 System Architecture & Interface Specifications (Initial)

This deliverable describes the system architecture and interface specification of the SOCCRATES platform to support the SOCCRATES use cases.

This deliverable has been submitted to the EU, but please be aware that acceptance by the EU of this deliverable is outstanding.

SOCCRATES introduction video

This video introduces SOCCRATES and its underlying concepts in an easy understandable way.

D1.4 Data Management Plan

This document details the Voluntary DMP (VDMP) of the SOCCRATES project (deliverable D1.4) describing the chosen approach with regard to the management of the various categories of data processed by the project.

This deliverable has been submitted to the EU, but please be aware that acceptance by the EU of this deliverable is outstanding.

SOCCRATES general presentation

This general presentation on the SOCCRATES project provides a summary on the SOCCRATES project: its partners, goals, concepts and approach.

D8.2 Dissemination plan

This document contains the approach, activities, target groups, channels and high level planning for the dissemination of the SOCCRATES results to relevant stakeholders.

This deliverable has been submitted to the EU, but please be aware that acceptance by the EU of this deliverable is outstanding.

D2.1 Use cases definition & pilot sites requirements

This deliverable describes the five use cases that represent different security operations that the SOCCRATES platform should support, as well as the pilot site requirements for the Vattenfall, mnemonic and Shadowserver pilots.

This deliverable has been submitted to the EU, but please be aware that acceptance by the EU of this deliverable is outstanding.